Privacy Policy
Last updated: 16 May 2026
Nesto Autism Care ("we", "our", "the app") is committed to protecting your privacy. This policy describes what
data we collect, how we use it, with whom we share it, and your rights as a user.
This app is for parents and guardians of children with developmental needs. It is an educational support
tool, not a medical device.
1. Who We Are
Nesto Autism Care is a developmental support app for families. It is operated by the developer/entity that
publishes it on the Google Play Store.
For privacy or data requests: nestoautismcare@gmail.com or use the
in-app Support option.
2. Data We Collect
Account & Identity
- Phone number - used for phone-based authentication (via Firebase Authentication).
- Google account name and email - collected if you choose to sign in with Google (via Firebase
Authentication / Google Sign-In).
- Full name - entered by you during registration.
Child Profile
- Child's name, date of birth, gender, weight, height, and mobility status.
- Optional health notes, allergy information, and doctor notes entered by you.
Health Journal Records (Optional)
If you choose to use the Health Journal feature, we store the following information you voluntarily enter. This data is provided by you and is not sourced, verified, or modified by us.
- Doctor visit records: visit date, doctor name, clinic or hospital name, visit type, visit notes, and next appointment date (if entered).
- Health notes: medication names, dosages, and schedules; allergy names and severity; therapist and specialist names and contact details; important health notes you type.
- Growth measurements: height, weight, and date of each measurement.
- Observation journal entries: date, time, mood rating, energy level, environmental or routine trigger notes, and free-text observation notes.
- Medical documents: document name, category, date, and optionally a file you choose to attach (PDF, JPG, or PNG, up to 3 MB per file). Document files are stored in Firebase Storage (see Third-Party Services below).
Health Journal records are personal notes only. They are not verified, reviewed, or used by us for any clinical purpose. This feature is a personal record-keeping aid, not a clinical records system.
Developmental Screening Data (Sensitive)
- Your answers to the in-app developmental screening questionnaire (covering communication, social, sensory,
motor, and behavioral domains).
- Computed developmental risk scores per domain (for example, "Social Connection: 62%").
- Overall risk level and high-risk developmental tags derived from screening.
- Screening history and dates.
Activity Progress
- Daily activity completions and parent-provided performance ratings (0-4 scale).
- Task mastery levels, consecutive practice streaks, and phase progress.
- Activity goals set within the app.
- Task completion photos (optional) - stored locally on your device only and not uploaded to any
server.
Support Chat Messages
- Messages you send in the Help & Support chat and AI-generated replies are stored in our database
(Firebase Firestore) to provide conversation continuity.
Community Content (optional, premium)
- Posts, comments, and reactions you create in the Community section, including any images you upload.
App Performance & Diagnostics
- Crash reports and diagnostic data (via Firebase Crashlytics) to detect and fix technical issues.
- Anonymous app usage signals (via Firebase Analytics) to improve the app experience.
3. How We Use Your Data
- Provide core app features: screening assessment, daily activity assignment, progress tracking, guidance plan
generation.
- Power the AI Support chat to give contextually relevant, child-specific responses to your questions.
- Sync your child's profile and progress across devices when you are signed in.
- Generate downloadable PDF progress reports.
- Store and display your voluntarily entered Health Journal records (visits, health notes, growth measurements, observations, and documents) for your personal reference only.
- Generate a downloadable PDF Health Summary from your Health Journal data (premium feature).
- Schedule local appointment reminder notifications based on next appointment dates you enter in the Doctor Visits section (premium feature).
- Detect and fix app bugs and crashes.
- Manage your premium subscription (via RevenueCat).
We do not sell your personal data. We do not use your data for advertising. We do not use Health Journal records for any purpose other than displaying them back to you within the app and generating your requested exports.
4. Third-Party Services & Data Sharing
To deliver the app's features, we share specific data with the following third-party services. Each operates
under its own privacy policy.
| Service |
Provider |
Data Shared |
Purpose |
| Firebase Authentication |
Google LLC |
Phone number or Google account (email, name) |
Secure user sign-in and account management |
| Firebase Firestore |
Google LLC |
All app data: child profile, screening results, activity progress, support chat messages, community
posts |
Cloud storage, sync across devices |
| Firebase Crashlytics |
Google LLC |
Crash logs, device model, OS version, app version |
Bug detection and app stability |
| Gemini API (Google Generative AI) |
Google LLC |
Child's first name, age, active support phase, overall risk level, top screening risk areas, activity
goals, today's activity task titles, current practice streak, recent support chat history, and your message
text |
Generate AI support chat responses in the Help & Support section |
| Groq API |
Groq Inc. |
Same data as Gemini (used as an alternative AI provider) |
Generate AI support chat responses (fallback or primary, based on configuration) |
| Firebase Storage |
Google LLC |
Document files you choose to upload in the Health Journal Documents section (PDF, JPG, or PNG files, up to 3 MB each) |
Secure cloud storage for Health Journal document attachments (premium feature) |
| Firebase Analytics |
Google LLC |
Anonymous app usage signals: screens viewed, key actions (e.g. screening started, activity logged). No personal data, no child data. |
Understand how the app is used to improve features and fix issues |
| Google Analytics (GA4) |
Google LLC |
Anonymous website usage signals: pages visited, session duration, general location (country/region). No personal data collected. |
Understand how the public website is used to improve content and navigation |
| RevenueCat |
RevenueCat Inc. |
Anonymous app user ID, purchase events |
Manage and verify premium subscriptions and in-app purchases |
What AI APIs Do NOT Receive
- Your phone number or email address
- Full screening answer transcripts
- Task completion photos
- Health notes, allergy information, or doctor notes
- Health Journal records (doctor visits, medications, growth measurements, observations, or uploaded documents)
- Financial or payment information
AI providers (Google Gemini and Groq) use data you send only to generate a response to your current query.
Please review Google's Privacy Policy and
Groq's Privacy Policy for details on how they
handle API data.
5. Biometric Authentication
If you enable biometric (fingerprint/face) app lock, biometric data is processed entirely on your device using
the operating system's secure enclave. Biometric data is never sent to our servers or any third
party.
6. Data Storage & Security
- All data in transit is encrypted using HTTPS/TLS.
- Data stored in Firebase (Firestore and Storage) is protected by Google's security infrastructure and Firebase Security Rules that restrict access to your account only.
- Health Journal text records are stored locally on your device using AES-encrypted offline storage (Hive with device secure key) and synced to Firebase Firestore.
- Document files you upload in the Health Journal are stored in Firebase Storage under a path accessible only to your authenticated account.
- Your PIN (if set) is stored using bcrypt hashing in device secure storage - not in plain text.
- Task photos are stored locally on your device and are not uploaded.
7. Data Retention
We retain your data while your account is active. When you use the "Delete my profile" option in the app, your child profile and all associated data are removed — including all Health Journal records (visits, notes, growth entries, observations) stored in Firebase Firestore, and all document files uploaded to Firebase Storage. To request full account deletion (including authentication records), email us at nestoautismcare@gmail.com.
8. Your Rights
- Access & correction: Use the Edit Child Profile and Edit User Profile options in the
app.
- Deletion: Use "Delete my profile" in Profile settings, or email us for full account
deletion.
- GDPR / regional rights: If you are in a region with additional privacy rights (for example,
right to portability, restriction, or objection), contact us at nestoautismcare@gmail.com.
9. Children's Data
The app is used by parents or legal guardians to support their child at home. Child-related data (name, age, developmental screening results, activity progress, and any Health Journal records including growth measurements, observation notes, doctor visit records, and uploaded medical documents) is provided by the parent or guardian. We do not knowingly collect data directly from children. All use of child data is solely to deliver the app's educational and developmental support features. Health Journal data entered about a child is stored under the parent's authenticated account and is not accessible to us except as needed to operate the service.
10. App Permissions
- Internet - required for sign-in, cloud sync, AI support chat, and subscription
management.
- Camera / Storage (optional) - only if you choose to add photos to activity
completions. Photos stay on your device.
- Notifications (optional) - for daily activity reminder alerts and appointment reminder notifications based on next appointment dates you enter in the Health Journal (premium feature). You can disable notifications at any time in your device settings.
- Biometric (optional) - for app PIN unlock using device fingerprint or face ID.
Processed on-device only.
11. Medical Disclaimer
This app is for educational and developmental support only. It is not a medical device and does not provide
a clinical diagnosis, medical advice, or treatment recommendations. Screening results are developmental
insights to guide home practice - not a formal autism diagnosis. Always consult a qualified healthcare
professional (paediatrician, developmental specialist, or therapist) for medical or clinical guidance.
12. Changes to This Policy
We may update this policy. The "Last updated" date will reflect any changes. Continued use of the app after
changes constitutes acceptance. For significant changes, we may notify you within the app.
Terms & Refund Policy