Privacy Policy
Effective date: April 2, 2026
1. Overview
Baton Pass is operated by Pezzetti Capital LLC (“we,” “us,” or “our”). This Privacy Policy explains what information we collect, how we use it, and how we protect it when you use Baton Pass (the “Service”).
Because Baton Pass handles sensitive information about children, we take your privacy seriously. We will never sell your data, and we only collect what we need to provide the Service.
We have designed our Service to comply with applicable requirements under COPPA, CCPA, and GDPR where applicable.
2. Information We Collect
We collect information you provide directly when using the Service, including:
- Your name and email address
- Your child’s profile information — such as name, date of birth, allergies, medications, medical conditions, dietary needs, and caregiver instructions
- Emergency contacts and authorized pickup persons
- Basic usage data, such as when share links are accessed, including the IP address and timestamp of each access event
- iOS app only: A device push token (provided by Apple via Expo) so we can notify you when a caregiver opens one of your share links. This token is a device identifier assigned by Apple and is stored on our servers solely for delivering push notifications. You can revoke this permission at any time in your device settings.
Payment processing is handled by Stripe (web subscriptions) or Apple and RevenueCat (iOS in-app subscriptions). iOS subscriptions are billed and managed entirely through Apple — we do not receive or store your payment card details. We do not store payment card details from either platform.
3. How We Use Your Information
We use your information to:
- Provide and operate the Service
- Send authentication and account-related emails
- Process payments and manage your subscription
- Keep your account and data secure
- Improve the Service using anonymized, aggregate data
We do not sell, rent, or share your data for advertising purposes. Your child’s health information is used solely to deliver the Service to you.
4. Sharing With Caregivers
Caregiver access is always initiated by you. When you create a share link and send it to a caregiver, they can view the information you’ve included in that pass. You are always in control:
- Share links expire automatically based on the time limit you set
- You can revoke any link instantly from your dashboard
- Caregivers can only view information — they cannot make changes
- Every time a link is accessed, it is recorded so you have a full history
Caregivers who access a share link should be aware that their IP address and the time of access are logged as part of the audit record. This information is visible to the parent who created the link and is used solely for security and accountability purposes.
5. How We Protect Your Data
We implement multiple layers of security to protect your data:
- Sensitive health fields (allergies, medications, medical conditions) are encrypted at rest using AES-256 encryption, with the encryption key stored separately from the database
- Share link tokens are stored as SHA-256 hashes — the raw token is never persisted after generation
- Row-Level Security (RLS) is enforced at the database level — parents can only access their own children’s data
- Sessions expire after 30 minutes of inactivity and have a 7-day absolute expiry
- The access link audit log is append-only and immutable — records cannot be modified or deleted
Data breach notification: In the event of a data breach that affects your personal data, we will notify affected users within 72 hours of becoming aware of the breach, consistent with GDPR standards and applicable US state notification laws.
No system is completely secure. While we work hard to protect your data, we encourage you to use a secure email account and contact us immediately at treypezzetti@gmail.com if you ever suspect unauthorized access to your account.
6. Children’s Privacy
Baton Pass is a tool for parents and guardians. Children do not create accounts or interact directly with the Service. All child information is entered by a parent or guardian on behalf of the child in their care. The Service supports profiles for children of any age, from newborns onward.
If you believe a minor’s information has been submitted without proper consent, please contact us at treypezzetti@gmail.com and we will remove it promptly.
7. Data Retention
We retain your information for as long as your account is active. If you delete your account:
- Your child profiles and associated health data are deleted within 30 days
- Access logs are retained for up to 12 months after account deletion for legal compliance and dispute resolution purposes — this allows us to respond to any claims related to data access that may arise after your account is closed
- Anonymized usage data may be retained indefinitely
8. Your Rights
You can access, update, or delete your information at any time through your account settings. You can also contact us to:
- Request a copy of your data
- Request deletion of your account and all associated data
- Ask questions about how your data is used
California residents have additional rights under the CCPA, including the right to know what data we collect and the right to request deletion. We do not sell personal data. To exercise any of these rights, contact us at treypezzetti@gmail.com.
9. Cookies
We use cookies only to keep you signed in to your account. We do not use advertising cookies, tracking pixels, or any third-party tools that track your behavior across other websites.
10. Third-Party Services
We use a small number of trusted third-party services to operate Baton Pass:
- Supabase — Secure database and authentication infrastructure. All user data is processed and stored in the United States.
- Stripe — Payment processing for web subscriptions. Stripe handles all payment data directly and we do not receive or store it
- Apple App Store / RevenueCat — In-app purchase processing for the Baton Pass iOS app. When you subscribe through the iOS app, payment is handled by Apple and your subscription is managed through RevenueCat. We receive confirmation of subscription status (active, cancelled, or expired) but do not receive your payment details. RevenueCat's privacy policy is available at revenuecat.com/privacy
- Resend — Transactional email delivery (sign-in links and notifications)
- Vercel — Application hosting, based in the United States
All data collected through the Service is processed and stored in the United States. Each of these providers has their own privacy policy governing how they handle data.
11. Changes to This Policy
We may update this policy from time to time. If we make material changes, we will notify you by email at least 30 days before they take effect. The current version will always be available at this page.
12. Contact
For privacy questions or data requests, contact us at treypezzetti@gmail.com.
Pezzetti Capital LLC dba Baton Pass