Privacy Policy

Last updated: June 9, 2026

Overview

Kidfence is a parental control application. We believe parental controls should protect children without surveilling them.

The core principle: your data stays on your devices. Activity data collected on the Mac and chat history on the iPhone are stored locally and never uploaded to our server. Everything a parent sees about their child, activity reports, blocked attempts, and the child's live open tabs, is end-to-end encrypted on the Mac and sent straight to the parent's iPhone. Our server only relays the encrypted data; it cannot read the reports, and it never sees which sites or tabs your child has open.

We don't sell your data, show ads, or use third-party analytics or tracking. Kidfence has no advertising, no behavioral profiling of your child, and no account or email sign-up, devices are paired with cryptographic keys, not personal logins.

What stays on your devices (never sent to our server)

• App usage data, Which apps are active and for how long. Stored only on the Mac.
• Domain visit history, Domain names (e.g., "youtube.com") used for web filtering. Stored only on the Mac. No full URLs, page content, or search queries.
• Blocked attempt logs, Records of blocked apps and sites. Stored only on the Mac.
• Chat transcript, Your conversation with the AI assistant. Stored only on the iPhone.
• Your display name and avatar, Sent directly to the Mac, not stored on our server.

What passes through our server

• Parent commands, When you type "block Roblox," the text is sent to our AI to determine the action. The server processes the command in real time and does not retain it. The server never sees child activity data.
• Encrypted activity reports, Everything the parent sees about the child, activity summaries, blocked attempts, and the child's live open tabs, is end-to-end encrypted on the Mac before it leaves. Our server only relays the ciphertext; it never sees which sites or tabs your child has open, or any report contents.

What our server stores

• Device pairing records, Cryptographic public keys of paired devices and family groupings. No names, emails, or personally identifiable information.
• Pending messages, If the Mac is offline when a command is sent, the command is queued and delivered when the Mac reconnects. Queued messages are deleted after delivery or 7 days.
• Site category results, A shared lookup of web address → category (e.g., "example.com → gaming"), so every family gets instant, consistent answers. Keyed by the host name only; not linked to any child, family, or person.

Site categorization

To decide what kind of site a web address is, gaming, streaming, gambling, adult, and so on, Kidfence first checks a built-in library of known sites. For a site it does not recognize, the child's Mac fetches that public web page itself and sends a small snippet, the page's own title and meta description, capped at about 1 KB, to our AI categorization provider so it can label the site.

This is information about the public website, not about your child. It is not your child's screen, keystrokes, session, or personal pages. The page is fetched independently of your child's browsing session, the request is identified only by the Mac's device key (no name or email), and it is never used to profile your child. We keep only the resulting category for that host; the snippet itself is not retained.

What We Never Collect

• Screenshots or screen recordings
• Keystrokes or text input
• Photos, videos, or files
• Message content (iMessage, email, social media)
• Your child's browsing content, full URLs, or search queries (to label sites it doesn't recognize, Kidfence reads only a public site's own description, see Site categorization)
• Camera or microphone data
• Location data
• Contacts or calendar data

End-to-End Encryption

Activity reports sent from the child's Mac to the parent's iPhone are encrypted using Curve25519 key agreement and AES-256-GCM. The encryption keys exist only on your devices. Our server acts as a relay and cannot decrypt the data.

No VPN, No MITM

Kidfence does not use a VPN tunnel or install a root certificate. Web filtering uses macOS Network Extension content filters with SNI inspection. HTTPS connections remain end-to-end encrypted between the child's browser and the website. We never intercept or inspect encrypted traffic content.

Data Retention

• On the Mac, Activity data is stored locally. Uninstalling Kidfence removes all local data.
• On the iPhone, Chat transcript is stored locally. Deleting the app removes it.
• On our server, Pending messages are deleted after delivery or 7 days. No activity data, chat history, or personal information is retained.

Third-Party Services

• AI providers (Anthropic, Google), Your natural-language commands, and site categorization (the host name plus the public-page snippet described under Site categorization), are processed by large-language-model providers via their APIs, currently Anthropic (Claude) and Google (Gemini). Inputs are sent via API and are not used to train their models. Subject to Anthropic's and Google's privacy policies.
• Apple (App Store, StoreKit), Handles subscription payments. Subject to Apple's privacy policy.
• Cloudflare (1.1.1.3 Family DNS), Kidfence configures the Mac to use Cloudflare's Family DNS resolvers for network-level content filtering (malware and adult content). DNS queries are resolved by Cloudflare's servers. Subject to Cloudflare's privacy policy.

Children's Privacy (COPPA)

Kidfence is a parental control tool installed and managed by parents. We do not collect personal information from children. The app on the child's Mac collects only app usage and domain data as described above, and this data is encrypted and sent only to the parent's device.

Data Security

We use industry-standard security measures including TLS for all server communications, end-to-end encryption for activity reports, and secure key storage via the macOS Keychain and iOS Keychain with iCloud Keychain sync.

Your Rights

You can delete all data by unpairing devices in the app. Uninstalling Kidfence from the Mac removes all local data. Contact us at privacy@kidfence.ai to request deletion of server-side data.

Changes

We will notify users of material changes to this policy via the app. Continued use after changes constitutes acceptance.

Contact

Privacy questions: privacy@kidfence.ai