Privacy Policy

Introduction

At MyBabyRegistry, we take your privacy seriously. This privacy policy explains how we collect, use, and protect your information when you use our website (mybabyregistry.net) and our browser extension (MyBabyRegistry QuickAdd).

Information We Collect

Website

• Account Information: When you create an account, we collect your name, email address, and encrypted password.
• Registry Information: Product details, prices, URLs, and images you add to your registry.
• Contribution Data: Contributor names, email addresses, contribution amounts, and messages when friends contribute to your registry.
• Analytics: We use Google Analytics 4 to collect anonymous usage data including page views, user interactions, and conversion metrics. No personally identifiable information is shared with Google Analytics.

Browser Extension (MyBabyRegistry QuickAdd)

• Authentication Token: We store your login token locally in your browser using Chrome's storage API to authenticate API requests.
• Product Information: When you click "Add to Registry" on a shopping site, the extension reads product details (name, price, images, description) from that page and sends it to your MyBabyRegistry account.
• No Personal Browsing Data: We do not collect, track, or store your browsing history or any information from sites you visit.

How We Use Your Information

• Provide Our Service: To operate your baby registry, process contributions, and send notification emails.
• Authentication: To verify your identity and secure your account.
• Product Extraction: To automatically add products from shopping sites to your registry via the browser extension.
• Analytics: To understand how users interact with our platform and improve our services.
• Email Notifications: To send thank you emails to contributors (when enabled by you).

Data Storage and Security

• Encryption: All data transmission uses HTTPS encryption.
• Password Security: Passwords are hashed using bcrypt before storage.
• Token Storage: JWT authentication tokens are stored securely:
  • Website: Stored in browser's localStorage
  • Extension: Stored in Chrome's secure storage API
• Database: All registry and contribution data is stored securely on our servers.

Third-Party Services

We use the following third-party services:

• Google Analytics 4: For anonymous usage analytics and conversion tracking. No personally identifiable information is shared. You can opt-out via our cookie consent banner.
• MailerSend: For sending thank you emails to contributors. Only contributor email addresses and messages are shared with MailerSend for delivery purposes.
• Google Sheets API: (Optional) For data backup if configured by registry owner.

We do not sell, trade, or transfer your personal information to third parties for marketing purposes.

Browser Extension Privacy

• Local Storage Only: Your authentication token is stored only in your browser's local storage, never on our servers.
• No Data Collection: The extension does not collect or track your browsing behavior, search history, or personal information.
• Limited Permissions: The extension only requests necessary permissions:
  • storage: To save your authentication token locally
  • activeTab: To read product information from shopping pages you're viewing
  • scripting: To inject the "Add to Registry" button on product pages
  • tabs: To sync your login status with the website
• Supported Retailers Only: The extension only activates on supported shopping sites (Lazada, Shopee, Amazon, Mothercare, Motherswork, IKEA, Toys'R'Us).
• No Background Tracking: The extension only operates when you click the "Add to Registry" button. It does not monitor your browsing in the background.

Cookies and Tracking

We use cookies and similar technologies for:

• Essential Cookies: Required for authentication and session management.
• Analytics Cookies: Google Analytics 4 for usage tracking (requires your consent).
• Functional Cookies: To remember your preferences and settings.

You can manage your cookie preferences via our cookie consent banner on the website.

Your Privacy Rights

You have the right to:

• Access Your Data: Request a copy of the personal data we hold about you.
• Update Your Data: Correct any inaccurate information in your account settings.
• Delete Your Data: Request deletion of your account and all associated data.
• Export Your Data: Download your registry data at any time.
• Opt-Out of Analytics: Decline analytics cookies via our consent banner.
• Uninstall Extension: Remove the browser extension at any time, which deletes all locally stored tokens.

Data Retention

• Account Data: Retained until you delete your account.
• Registry Data: Retained until you delete your registry or account.
• Contribution Records: Retained for accounting purposes but can be anonymized upon request.
• Authentication Tokens: Expire after 7 days and must be renewed through login.
• Extension Data: Deleted immediately when you uninstall the extension.

Children's Privacy

Our service is intended for adults preparing for a baby's arrival. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child, please contact us immediately.

Changes to This Policy

We may update this privacy policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last Updated" date. Continued use of our services after changes constitutes acceptance of the updated policy.

Contact Us

If you have any questions about this privacy policy or our data practices, please contact us:

• Email: niteeshm@gmail.com
• Website: https://mybabyregistry.net

GDPR & PDPA Compliance

We are committed to compliance with the General Data Protection Regulation (GDPR) for European users and Singapore's Personal Data Protection Act (PDPA). Your personal data is processed lawfully, fairly, and transparently. You have the right to access, rectify, erase, restrict processing, data portability, and object to processing of your personal data.