Skip to main content

Privacy Policy

epFidget Mobile Application

Effective date: TBD (set on launch)

What epFidget never does

  • We never show advertising of any kind, inside the app or elsewhere.
  • We never sell, rent, or share end-user data with third parties.
  • We never include third-party analytics or advertising SDKs in the app build that ships to children.
  • We never use end-user data to train AI models.

EnrichPoint (“we,” “us,” or “our”) operates the epFidget mobile application (the “App”). epFidget is a collection of digital fidget toys and sensory tools designed for use by kids, adults, and anyone who benefits from a little sensory input. This Privacy Policy explains how we collect, use, store, and protect your information when you or someone in your care uses the App.

For the EnrichPoint corporate-level legal terms (account auth, billing, dispute resolution) that apply across every EnrichPoint app, see our site-wide Privacy Policy. This document is the epFidget-specific addendum and takes precedence for matters specific to this app.

1. Who uses epFidget

epFidget has two kinds of users:

  • End users — the person actually playing with the fidgets. End users can be children. End users do not need their own EnrichPoint account to use the app; a caregiver sets up a profile for them.
  • Caregivers — typically a parent or family member who installed the app and manages end-user profiles, settings, and any add-on purchases. Caregivers have an EnrichPoint account and are the data controller for any end-user profile they create.

2. Information We Collect

From caregivers

  • Email address and display name (provided at sign-up).
  • Authentication identifier from Google or Apple if you sign in with those providers.
  • Payment processor identifier from Stripe if you purchase an add-on pack. Card details are handled directly by Stripe and never reach our servers.

From end users

  • A display name (provided by the caregiver — does not have to be a real name).
  • An optional avatar (provided by the caregiver).
  • Aggregated usage telemetry: which toys/games were opened, when, and for how long. Used by caregivers to see what their end users engage with. Never used for advertising.
  • Per-toy settings (sound on/off, difficulty, color preferences) so the toy remembers preferences across sessions.

What we do NOT collect

  • Audio recordings, video, or photos.
  • Location data of any kind.
  • Contacts, calendar, or other device data outside the app.
  • Biometric data.
  • Behavioral profiles for advertising or third-party sharing.

3. Children's Privacy (COPPA)

epFidget is designed to be used by children under the supervision of a caregiver. We comply with the Children's Online Privacy Protection Act (COPPA) in the United States.

  • We do not knowingly collect personal information directly from children under 13. End-user profiles are created and managed exclusively by an authenticated adult caregiver.
  • The only data tied to an end-user profile is what the caregiver provides (display name, optional avatar) plus the in-app usage telemetry described above.
  • A caregiver can review, edit, or delete an end-user profile at any time via the in-app settings, or by visiting enrichpoint.com/epfidget/delete-data.
  • We do not sell, share, or use children's data for advertising or profiling.

If you are a parent or guardian and believe a child has provided information to us without your consent, please contact support@enrichpoint.com and we will delete the data promptly.

4. How We Use Information

  • Provide the service: let caregivers manage end-user profiles, deliver add-on content to the correct end user, persist preferences across sessions.
  • Improve the product: aggregated, non-identifying analytics about which toys are popular and which features have bugs. We do not look at individual end-user data for product decisions.
  • Bill purchases: hand the transaction off to Stripe; Stripe charges the caregiver and we record the resulting license to unlock the purchased add-on.
  • Support requests: when a caregiver contacts support, we look at their account data only as needed to resolve the issue.
  • Security and abuse: we may log auth events (sign-in, sign-out) to detect fraud or compromised accounts.

5. How We Store and Protect Information

  • Data is stored on Google Firebase (Firestore, Authentication, Storage) within Google Cloud's US infrastructure.
  • Data in transit uses TLS 1.2+ between the app, our servers, and Firebase.
  • Data at rest is encrypted by Firebase using industry-standard AES-256.
  • Access to production data is restricted to a small number of EnrichPoint engineers, with audit logging on administrative actions.
  • We never copy production data to engineer laptops.

6. Third-Party Services

epFidget uses a small set of third-party services purely for app function:

  • Firebase (Google): authentication, database, storage, and push notifications.
  • Stripe: processing add-on purchases. Stripe receives only the data needed to complete a transaction.
  • Apple / Google: if you sign in with Apple or Google, your name, email, and provider identifier are shared with us per their respective terms.

We do not include any third-party advertising SDKs, third-party analytics SDKs, or social-media tracking libraries in the App.

7. Data Retention

  • Account and profile data: retained while the account is active.
  • Usage telemetry: retained for 90 days in identified form, then aggregated into anonymous rollups for product analysis.
  • Payment history (caregiver-side): retained per tax and audit requirements (typically 7 years).
  • Deleted account / data: removed from production systems within 30 days; backup copies are purged on the next backup rotation cycle (up to 90 days).

8. Your Rights

You may at any time:

  • Access the data we hold about you or an end user in your care. Email support@enrichpoint.com for an export.
  • Correct inaccurate data via in-app settings or by contacting support.
  • Delete your account at /epfidget/delete-account, or specific data categories at /epfidget/delete-data.
  • Withdraw consent for processing at any time by deleting the account.

9. International Users

epFidget is operated from the United States. If you use the App from outside the US, you consent to processing your data in the US. We apply the same privacy protections to all users regardless of location. EU and UK users have additional rights under GDPR and UK GDPR — contact us at support@enrichpoint.com to exercise them.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be announced in the App and on this page. The “Effective date” at the top reflects the most recent version. Continued use of the App after the effective date constitutes acceptance.

11. Contact

Privacy questions, data requests, or COPPA concerns: support@enrichpoint.com.