1. Overview
Skello SAS ("Skello", "we", "us") operates the Skello application and website (the "Service"). We are the data controller for personal information processed through the Service, unless you use Skello through an organization that has its own agreement with us.
We follow the principles of the GDPR, UK GDPR, CCPA/CPRA, and Canada's PIPEDA. Where local law provides stronger protections, those apply.
2. Data we collect
Account data. Name, email address, hashed password, family name and member profiles you create.
Family content. Calendar events, tasks, shopping lists, meal plans, notes, documents you upload to the Family Vault, chat messages with Dr. Skello and family chat.
Billing data. Credit balance, purchase history, promo codes, chosen payment method. Card details never touch our servers — they are handled by our future PSP.
Device & usage. IP address, browser, OS, pages visited, feature interactions, crash logs. Used for security and product improvement.
Optional integrations. If you connect Google Calendar, Apple Calendar, iCloud, Outlook, or a wearable, we process only the fields required for that integration.
3. How we use your data
- Provide the Service and its AI features (Dr. Skello recommendations, insights, planning).
- Authenticate you and secure your family space.
- Process credit purchases and prevent fraud.
- Send transactional emails (order confirmations, security alerts).
- Improve reliability, fix bugs, and design new features.
- Comply with legal obligations.
4. AI processing
Skello uses large language and reasoning models to generate suggestions, summaries, and answers. Prompts and the minimum context required are sent to our AI providers under strict processing agreements. Providers are contractually forbidden from training on your data.
Sensitive fields (health notes, children's records, financial totals) are redacted or tokenized before leaving Skello's infrastructure whenever technically possible.
5. Legal bases (EEA/UK)
- Contract: to deliver the Service you subscribed to.
- Legitimate interests: security, fraud prevention, product analytics.
- Consent: optional cookies, marketing emails, health-related features.
- Legal obligation: tax, accounting, lawful requests from authorities.
7. Retention
Active account data is kept while your account is open. Deleted content is purged from primary systems within 30 days and from encrypted backups within 90 days. Billing records may be retained up to 7 years to satisfy tax law.
8. Your rights
You may access, correct, export, restrict, or delete your data at any time from Settings, or by emailing [email protected].
You may lodge a complaint with your local data protection authority.
9. Children
Skello is designed for use by parents/guardians who add children as family members. Children do not create their own accounts and never receive marketing from us. Parents control what data is stored for each child and can delete it in one click.
10. International transfers
When we transfer data outside the EEA/UK, we rely on the European Commission's Standard Contractual Clauses and the UK IDTA, plus supplementary technical measures such as encryption in transit and at rest.
11. Changes to this policy
We will notify you by email at least 14 days before any material change takes effect. The "Last updated" date at the top of this page always reflects the current version.