Little Shield logoLittle Shield LLC

Privacy Policy

Effective Date: April 20, 2026

Last Updated: April 20, 2026

1. Introduction

This Privacy Policy describes how Little Shield LLC (“we,” “our,” or “us”) processes personal data for the Baby Recall Tracker product and related website experience.

This document is intended to describe current product behavior. It does not expand your legal rights beyond applicable law or our Terms and Disclaimers.

2. Information We Collect

2.1 Account and profile data

When you create and use an account, we process data such as:

  • Email address and account identifiers
  • Optional profile fields you submit (for example names, child profile fields, notes)
  • Notification preferences and connected-provider status

2.2 Inbox and commerce ingestion data

If you connect supported providers, we process inbox and order-related content to identify likely purchases and evaluate recall relevance.

  • Google Gmail read-only inbox message data (when connected)
  • Microsoft Outlook inbox message data (when connected)
  • Amazon data portability order data (when enabled and connected)
  • Derived product and tracking signals (for example normalized names, categories, confidence signals)

2.3 Recall, review, and notification data

We also process product safety and engagement data, including:

  • Recall source records and match outcomes
  • Review decisions, ignore/remove actions, and tracking state changes
  • Email/SMS alert dispatch records and scan-run diagnostics

2.4 Billing data

Subscription checkout and billing are processed by Stripe. We store limited billing/subscription metadata needed to manage entitlements and account state.

2.5 Contact and support submissions

When you contact us, we process the information you provide (for example name, email, message type, message body).

2.6 Basic technical telemetry

We may process technical request metadata required for security, abuse prevention, reliability, and diagnostics.

3. How We Use Information

We use data to operate and improve the service, including to:

  • Authenticate accounts and secure product access
  • Ingest purchase-related data and build tracked-item records
  • Match tracked items against recall sources and deliver alerts/digests
  • Operate subscription billing and account entitlements
  • Respond to support/contact requests
  • Detect abuse, rate-limit endpoints, and troubleshoot operational issues

4. Data Sharing and Processors

We do not sell personal information. We may share data with service providers that process data on our behalf, including:

  • Stripe for subscription billing and payment workflows
  • Cloud infrastructure/database providers used to host the application and data
  • Email delivery providers used for alerts and support workflows

We may also disclose information where required by law or to protect rights, security, and service integrity.

5. Retention and Purge Behavior

Retention periods vary by data type and operational need. As currently implemented:

  • Account-linked product data is retained while your account is active unless deleted earlier.
  • Account deletion workflows attempt to remove user-scoped records and associated profile assets.
  • Stored Stripe webhook payload blobs are purged (nulled) after a configurable retention window.
  • Stored Amazon raw response blobs are purged (nulled) after a configurable retention window.

Retention settings may be adjusted for security, reliability, fraud prevention, or legal obligations.

6. Security

We use layered safeguards appropriate to the service, including access controls, environment-based secret handling, and encrypted handling for sensitive token material in server-side storage paths.

No system can guarantee absolute security.

7. Your Rights and Choices

Depending on your jurisdiction, you may have rights to access, correct, or delete personal information.

As currently implemented, you can:

  • Disconnect supported inbox providers from your account
  • Adjust notification preferences
  • Request or perform account deletion through supported account flows

8. Children's Data

The service is intended for adult account holders. We do not knowingly collect personal information directly from children as standalone users.

9. International Transfers

Data may be processed in the United States or other jurisdictions where our processors operate.

10. Changes to This Policy

We may update this policy to reflect product or legal changes. The Last Updated date will be revised when we do.

11. Contact Information

For questions or privacy-related requests:
Company: Little Shield LLC
Email: contact@littleshieldllc.com