This Privacy Policy explains how CoParent Pilot, LLC ("CoParent Pilot," "we," "us," or "our") collects, uses, retains, and shares information when you use the CoParent Pilot web application and related services (the "Service"). This Policy is part of, and uses terms defined in, our Terms of Service.

Three things make CoParent Pilot different, and you should understand them before you use the Service: (1) parent-to-parent communications — and any calendar entry, note, upload, journal entry, or expense entry you share with your co-parent — are preserved permanently and cannot be deleted by anyone until the youngest child in your family profile turns 18; (2) communications with your connected attorney are encrypted and kept separate from the parent-to-parent record, and we do not read or use them except as needed to operate the Service or as required by law; and (3) the Service is offered only in the United States. Content you do not share with your co-parent stays under your control.

1. United States Only

The Service is directed solely to individuals residing in the United States, its territories, and possessions. We do not market to, offer service in, or knowingly collect personal information from individuals located outside the United States. All data is stored on servers located in the United States. Because the Service is U.S.-only, this Policy is written to comply with U.S. federal and state law; it does not implement, and we do not undertake compliance with, the GDPR, UK GDPR, PIPEDA, or other non-U.S. privacy regimes. If you use the Service from outside the United States in violation of our Terms of Service, you do so at your own risk and your information will be processed in the United States under U.S. law.

2. Information We Collect

• Account information: name, email address, phone number, password (hashed), state of residence, and account settings.
• Family profile information: information you, an adult user, enter about your family, including your children’s names, birthdates, school, health, and activity details, and your co-parent’s name and contact information. The youngest child’s birthdate is also used to compute the retention period described in Section 5.
• The Permanent Record: the contents of parent-to-parent messages and attachments, plus any calendar entry, note, upload, journal entry, or expense entry you share with or post to your co-parent ("Shared Content"), together with associated metadata (timestamps, delivery and read events, sharing events, edit attempts).
• Private Content: your calendars, notes, journals, uploads, drafts, and expense entries that you have not shared with your co-parent, which remain under your control.
• Attorney-channel data: the contents of attorney communications, encrypted at rest, and limited non-content records (e.g., that an attorney connection exists, connection dates, message counts).
• Payment information: processed by our payment processor; we receive plan, status, and partial card details, not full card numbers.
• Device and usage information: IP address, browser type, device identifiers, log data, and in-app activity, collected directly and through cookies and similar technologies.

3. How We Use Information

We use information to: provide and secure the Service; create and preserve the Permanent Record as described in Section 5; operate the encrypted attorney channel; process payments; provide support; send service, security, and legal notices; send marketing email you can opt out of at any time (see the CAN-SPAM Act, 15 USC 7701 et seq.; detect and prevent fraud, abuse, and violations of our Terms; and comply with law. We do not sell your personal information, we do not share it for cross-context behavioral advertising, and we do not use the contents of your communications for advertising or to train artificial-intelligence models.

4. Legal Bases You Are Agreeing To (Stored Communications Act)

CoParent Pilot stores the contents of user communications as a provider of electronic communication and remote computing services. Federal law generally prohibits us from disclosing the contents of stored communications, 18 USC 2702(a), subject to exceptions including disclosure to an addressee or intended recipient, 18 USC 2702(b)(1), disclosure with the lawful consent of the originator, addressee, or intended recipient, 18 USC 2702(b)(3), and disclosure compelled by legal process, 18 USC 2703. By using the Permanent Record you consent to the storage and disclosures described in Section 6.3 of the Terms of Service and Section 7 below.

5. Retention — The Permanent Record

5.1 Retention Until the Youngest Child Turns 18

The Permanent Record — parent-to-parent communications plus all Shared Content (any calendar entry, note, upload, journal entry, or expense entry shared with or posted to your co-parent) — is retained until the youngest child identified in your family profile reaches age 18. It cannot be edited, deleted, or "unshared" during that period by you, your co-parent, or CoParent Pilot support staff — even if you close your account, stop paying, or both parents request deletion. Once an item is shared, the as-shared version is preserved permanently, even if you later edit or delete your own copy. This retention is the product you are purchasing: a complete, tamper-resistant record of co-parenting communications suitable for use in court.

5.2 Retention of Other Data

• Private Content: retained until you delete it or close your account; deleted from production systems within 30 days of deletion and from backups within 90 days.
• Attorney-channel communications: retained (encrypted at rest) while the connection is active and deleted 90 days after you disconnect the attorney or close your account.
• Account and billing records: retained for the life of the account plus the period required for tax, accounting, and legal-defense purposes (generally 7 years).
• Device/usage logs: retained up to 24 months, then deleted or de-identified.

5.3 After the Retention Period

When the youngest child in the family profile turns 18, the parties will be offered a 90 day window to export the Permanent Record, after which it will be permanently deleted.

6. Attorney-Connected Communications — Confidentiality

Communications between you and your connected attorney are encrypted in transit and encrypted at rest using AES-256 encryption, and are kept separate from your parent-to-parent Permanent Record. We do not read, scan, moderate, or use the contents of attorney-channel communications, and we do not make them visible to your co-parent. We access them only as needed to operate, secure, or troubleshoot the Service, or where required by law. Because we operate this encryption and hold the keys, we are technically able to access attorney-channel content; if we receive valid legal process directed at it, we may be required to disclose its contents along with the limited non-content records described in Section 2.

7. How We Share Information

• With your co-parent: the Permanent Record — messages and Shared Content — is, by design, visible to both connected co-parents. Private Content is never visible to your co-parent unless and until you share it, at which point it becomes part of the Permanent Record.
• With your connected attorney: content you send through the attorney channel, and any portions of your account you affirmatively grant your attorney permission to view.
• Service providers: hosting, security, payment, analytics, and support vendors bound by contract to use information only to provide services to us.
• Legal process and safety: we disclose information, including Permanent Record contents, in response to valid subpoenas, court orders, and warrants consistent with the Stored Communications Act, 18 USC 2703, and we may disclose information to a governmental entity if we believe in good faith that an emergency involving danger of death or serious physical injury requires disclosure without delay, 18 USC 2702(b)(8), (c)(4). We report apparent child sexual abuse material to the National Center for Missing & Exploited Children as required by 18 USC 2258A.
• Business transfers: in a merger, acquisition, financing, or sale of assets, information may be transferred subject to this Policy’s retention commitments; any successor remains bound by Section 5 and Section 6.
• We never: sell personal information, rent user lists, or disclose the Permanent Record to advertisers or data brokers.

8. Children’s Privacy

The Service is for adults 18 and older. It is not directed to children under 13, and we do not knowingly collect personal information online from children, within the meaning of the Children’s Online Privacy Protection Act, 15 USC 6501(1), 6502(a)(1). Information about children in the Service is entered by their parents or legal guardians — adults — as part of the family profile and Permanent Record. If we learn that a child under 13 has created an account or submitted personal information directly to us, we will delete the account and that information promptly. To report it, contact info@coparentpilot.com.

9. Your Privacy Rights and Choices

9.1 All Users

You may access and update account information in settings; export your Permanent Record and Private Content at any time; delete Private Content at any time; opt out of marketing email via the unsubscribe link; and manage cookies through your browser.

9.2 State Privacy Rights

Depending on your state of residence (e.g., California, Colorado, Connecticut, Texas, Virginia, and others), you may have rights to access, correct, delete, or obtain a portable copy of personal information, and to appeal a denial. Submit requests to info@coparentpilot.com; we will verify your identity and respond within the time required by your state’s law.

Important limitation: state-law deletion rights do not override the Permanent Record retention described in Section 5. State privacy statutes recognize exceptions to deletion, including where retention is necessary to perform the contract between the business and the consumer — which is exactly what the Permanent Record is. See, e.g., Cal Civ Code 1798.105(a), (c)-(d) (right to delete and its exceptions). A deletion request will be honored as to all other personal information we hold about you, consistent with Section 5.2.

We do not discriminate against users for exercising privacy rights. Because we do not sell personal information or share it for cross-context behavioral advertising, there is nothing to opt out of under those provisions, and we treat universal opt-out signals (e.g., Global Privacy Control) accordingly.

10. Security and Breach Notification

We use administrative, technical, and physical safeguards appropriate to the sensitivity of the data, including encryption in transit and at rest, role-based access controls, audit logging, and tamper-evident storage for the Permanent Record. No system is perfectly secure; we cannot guarantee absolute security. If a security breach affects your unencrypted personal information, we will notify you without unreasonable delay as required by applicable state breach-notification laws, including Michigan’s Identity Theft Protection Act, MCL 445.72, and the breach-notification law of your state of residence.

11. Changes to This Policy

We may update this Policy prospectively. Material changes will be announced by email and in-app notice at least 30 days before they take effect. We will never retroactively weaken the retention commitments in Section 5 or the confidentiality commitments in Section 6 for communications already sent.

12. Contact Us

CoParent Pilot, LLC, 307 W 6th St., Suite 207, Royal Oak, MI 48067, Attn: Privacy, info@coparentpilot.com.