Privacy Policy

Last Updated: November 2025

1. Introduction

BellyFly ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Partner API services.

2. Information We Collect

2.1 Partner Information

When you register for our Partner API, we collect:

Company name and business information
Contact information (name, email, phone)
Billing and payment information
API usage statistics and logs

2.2 End User Data

Through API calls made by partners, we may process:

Travel destinations and dates
Family stage information (pregnancy, newborn, infant, toddler)
Travel preferences and requirements
Location data for healthcare provider searches

3. How We Use Your Information

We use collected information to:

Provide and maintain API services
Process API requests and generate recommendations
Monitor API usage and enforce rate limits
Improve our AI models and recommendation algorithms
Communicate with partners about service updates
Detect and prevent fraud or abuse

4. Data Sharing and Disclosure

We do not sell your data. We may share information with:

Service Providers: Third-party vendors who assist in API operations (Azure, Stripe, etc.)
Legal Requirements: When required by law or to protect our rights
Business Transfers: In connection with a merger, acquisition, or sale of assets

5. Data Security

We implement industry-standard security measures including encryption in transit (TLS 1.3), encrypted data at rest, access controls, and regular security audits. However, no method of transmission over the Internet is 100% secure.

6. Data Retention

We retain API logs for 90 days for debugging and analytics purposes. Partner account information is retained for the duration of the partnership and up to 7 years after termination for compliance purposes.

7. Your Rights

Depending on your jurisdiction, you may have the right to:

Access your personal information
Correct inaccurate information
Request deletion of your information
Object to processing of your information
Export your data in a portable format

8. GDPR Compliance

For European Economic Area (EEA) residents, we comply with GDPR requirements. We process data based on legitimate business interests and contractual necessity. You have additional rights under GDPR including the right to lodge a complaint with a supervisory authority.

9. CCPA Compliance

For California residents, we comply with the California Consumer Privacy Act (CCPA). You have the right to know what personal information we collect, request deletion, and opt-out of sale (though we do not sell data).

10. Children's Privacy

Our Partner API services are designed for businesses, not children. We do not knowingly collect information from children under 13. If you believe we have collected such information, please contact us.

11. International Data Transfers

Your information may be transferred to and processed in the United States and other countries. We ensure appropriate safeguards are in place for such transfers.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify partners of material changes via email at least 30 days before the changes take effect.

13. Contact Us

For privacy-related questions or requests, please contact us at:

Email: privacy@bellyfly.app
Address: BellyFly, Inc., [Address to be added]

This privacy policy is effective as of November 2025 and governs the BellyFly Partner API services.