Privacy Policy

Your data, your choice

FamilyHub is available as a hosted service (FamilyHub Cloud) and as self-hosted software. Either way, your privacy matters.

FamilyHub Cloud

On FamilyHub Cloud, your data is stored securely on my servers. I only use it to run the service — never for ads, profiling, or selling to anyone. You can export or delete everything at any time.

Self-hosted

Self-hosted means your data stays on your own machine. I have zero access to it.

External services

FamilyHub connects to third-party services for AI and speech-to-text:

• AI (Anthropic Claude or OpenAI) — your commands and list/task/calendar context are sent for processing. On Cloud, this goes through my API keys. Self-hosted, you use your own.
• Speech-to-text — audio is transcribed and discarded. On Cloud, this runs through my infra. Self-hosted with faster-whisper, audio never leaves your network.
• Photo slideshow — Google Photos thumbnails are fetched from Google. Immich stays fully local.

What I don't do

• I don't sell data to anyone
• I don't show ads
• I don't collect telemetry from self-hosted instances
• I don't use your data for AI training

Security

JWT-based auth with HttpOnly cookies. Passwords hashed with BCrypt. API keys encrypted at rest with AES. Login attempts are rate-limited.

Data storage

All data lives in PostgreSQL. Calendar events go through CalDAV. Voice recordings are processed in memory and never stored.

Exporting your family data

Family admins can export all data as a JSON file from Admin > Export/Import. The file is a complete snapshot — calendar events, tasks, shopping lists, users, and configured service secrets (including password hashes and API keys). Treat the exported file like any other secret: store it somewhere safe and only share it with people you trust.

Questions?

Open an issue on the FamilyHub GitLab repository, or reach out directly.