Privacy Policy
Last updated: March 2026
Nesto Autism Care ("we", "our", "the app") is committed to protecting your privacy. This policy describes what
data we collect, how we use it, with whom we share it, and your rights as a user.
This app is for parents and guardians of children with developmental needs. It is an educational support
tool, not a medical device.
1. Who We Are
Nesto Autism Care is a developmental support app for families. It is operated by the developer/entity that
publishes it on the Google Play Store.
For privacy or data requests: nestoautismcare@gmail.com or use the
in-app Support option.
2. Data We Collect
Account & Identity
- Phone number - used for phone-based authentication (via Firebase Authentication).
- Google account name and email - collected if you choose to sign in with Google (via Firebase
Authentication / Google Sign-In).
- Full name - entered by you during registration.
Child Profile
- Child's name, date of birth, gender, weight, height, and mobility status.
- Optional health notes, allergy information, and doctor notes entered by you.
Developmental Screening Data (Sensitive)
- Your answers to the in-app developmental screening questionnaire (covering communication, social, sensory,
motor, and behavioral domains).
- Computed developmental risk scores per domain (for example, "Social Connection: 62%").
- Overall risk level and high-risk developmental tags derived from screening.
- Screening history and dates.
Activity Progress
- Daily activity completions and parent-provided performance ratings (0-4 scale).
- Task mastery levels, consecutive practice streaks, and phase progress.
- Activity goals set within the app.
- Task completion photos (optional) - stored locally on your device only and not uploaded to any
server.
Support Chat Messages
- Messages you send in the Help & Support chat and AI-generated replies are stored in our database
(Firebase Firestore) to provide conversation continuity.
Community Content (optional, premium)
- Posts, comments, and reactions you create in the Community section, including any images you upload.
App Performance & Diagnostics
- Crash reports and diagnostic data (via Firebase Crashlytics) to detect and fix technical issues.
- Anonymous app usage signals (via Firebase Analytics) to improve the app experience.
3. How We Use Your Data
- Provide core app features: screening assessment, daily activity assignment, progress tracking, guidance plan
generation.
- Power the AI Support chat to give contextually relevant, child-specific responses to your questions.
- Sync your child's profile and progress across devices when you are signed in.
- Generate downloadable PDF progress reports.
- Detect and fix app bugs and crashes.
- Manage your premium subscription (via RevenueCat).
We do not sell your personal data. We do not use your data for advertising.
4. Third-Party Services & Data Sharing
To deliver the app's features, we share specific data with the following third-party services. Each operates
under its own privacy policy.
| Service |
Provider |
Data Shared |
Purpose |
| Firebase Authentication |
Google LLC |
Phone number or Google account (email, name) |
Secure user sign-in and account management |
| Firebase Firestore |
Google LLC |
All app data: child profile, screening results, activity progress, support chat messages, community
posts |
Cloud storage, sync across devices |
| Firebase Crashlytics |
Google LLC |
Crash logs, device model, OS version, app version |
Bug detection and app stability |
| Gemini API (Google Generative AI) |
Google LLC |
Child's first name, age, active support phase, overall risk level, top screening risk areas, activity
goals, today's activity task titles, current practice streak, recent support chat history, and your message
text |
Generate AI support chat responses in the Help & Support section |
| Groq API |
Groq Inc. |
Same data as Gemini (used as an alternative AI provider) |
Generate AI support chat responses (fallback or primary, based on configuration) |
| RevenueCat |
RevenueCat Inc. |
Anonymous app user ID, purchase events |
Manage and verify premium subscriptions and in-app purchases |
What AI APIs Do NOT Receive
- Your phone number or email address
- Full screening answer transcripts
- Task completion photos
- Health notes, allergy information, or doctor notes
- Financial or payment information
AI providers (Google Gemini and Groq) use data you send only to generate a response to your current query.
Please review Google's Privacy Policy and
Groq's Privacy Policy for details on how they
handle API data.
5. Biometric Authentication
If you enable biometric (fingerprint/face) app lock, biometric data is processed entirely on your device using
the operating system's secure enclave. Biometric data is never sent to our servers or any third
party.
6. Data Storage & Security
- All data in transit is encrypted using HTTPS/TLS.
- Data stored in Firebase is protected by Google's security infrastructure and Firebase Security Rules.
- Your PIN (if set) is stored using bcrypt hashing in device secure storage - not in plain text.
- Task photos are stored locally on your device and are not uploaded.
7. Data Retention
We retain your data while your account is active. When you use the "Delete my profile" option in the app, your
child profile and associated data are removed. To request full account deletion (including authentication
records), email us at nestoautismcare@gmail.com.
8. Your Rights
- Access & correction: Use the Edit Child Profile and Edit User Profile options in the
app.
- Deletion: Use "Delete my profile" in Profile settings, or email us for full account
deletion.
- GDPR / regional rights: If you are in a region with additional privacy rights (for example,
right to portability, restriction, or objection), contact us at nestoautismcare@gmail.com.
9. Children's Data
The app is used by parents or legal guardians to support their child at home. Child-related data (name, age,
developmental screening results, activity progress) is provided by the parent/guardian. We do not knowingly
collect data directly from children. All use of child data is solely to deliver the app's educational and
developmental support features.
10. App Permissions
- Internet - required for sign-in, cloud sync, AI support chat, and subscription
management.
- Camera / Storage (optional) - only if you choose to add photos to activity
completions. Photos stay on your device.
- Notifications (optional) - for daily activity reminder alerts. You can disable this in
device settings.
- Biometric (optional) - for app PIN unlock using device fingerprint or face ID.
Processed on-device only.
11. Medical Disclaimer
This app is for educational and developmental support only. It is not a medical device and does not provide
a clinical diagnosis, medical advice, or treatment recommendations. Screening results are developmental
insights to guide home practice - not a formal autism diagnosis. Always consult a qualified healthcare
professional (paediatrician, developmental specialist, or therapist) for medical or clinical guidance.
12. Changes to This Policy
We may update this policy. The "Last updated" date will reflect any changes. Continued use of the app after
changes constitutes acceptance. For significant changes, we may notify you within the app.
Terms & Refund Policy