Privacy Policy

CoParent Console (the "Service", "we", "us", "our") is operated from Ireland and is built for separated and divorced parents who need a calm, structured way to co-parent.

CoParent Console is the data controller for the personal data we process about you. For any privacy or data-protection questions, contact us at support@coparentconsole.com.

This Privacy Policy explains what personal data we collect, why we collect it, how we use, share and protect it, and the rights you have under the EU General Data Protection Regulation (GDPR) and the Irish Data Protection Acts 2018 (together, "Data Protection Law").

We recognise that the data stored within CoParent Console may be sensitive in nature, including information relating to children, family arrangements, and financial matters. We take appropriate technical and organisational measures to protect this data.

We process your personal data on the following lawful bases:

• Contract — to provide the Service you sign up for (authentication, messaging, scheduling, expenses, records, exports, mediator and solicitor invites, and billing).
• Legitimate interests — to keep the Service secure and reliable (fraud prevention, abuse detection, audit logging, backups) and to operate and improve the product in ways you would reasonably expect. We balance these interests against your rights and freedoms.
• Consent — where you opt in to a specific feature (for example, enabling two-factor authentication or granting view-only access to a mediator or solicitor). You can withdraw consent at any time without affecting the lawfulness of earlier processing.
• Legal obligation — where we must respond to lawful requests from regulators, courts or law-enforcement.

We do not sell your personal data and we do not use your content to train third-party AI models.

We share personal data only with:

• Your co-parent, within the same household, in line with the permissions of the Service (for example, shared journal entries are visible to them, while private ones are not).
• Mediators or solicitors you explicitly invite using a time-limited view-only code.
• Processors acting on our instructions under written data-processing terms — cloud-hosting and database providers, transactional email delivery, object-storage providers, payment processing (Stripe) and error-monitoring providers. A current list is available on request.
• Authorities where required by law, court order or to protect the vital interests of a person.

Access granted to third parties is controlled by the user and can be revoked at any time. Third parties (such as solicitors and mediators) are provided with view-only access unless explicitly stated otherwise.

You can revoke a third-party invitation from your Settings at any time. Once revoked, the third party loses access immediately.

Some of our processors may store or process personal data outside the European Economic Area (EEA). Where this happens, we rely on safeguards approved under Data Protection Law — such as the EU Standard Contractual Clauses or an applicable adequacy decision — so your data remains protected to an EU standard.

We retain personal data only as long as necessary to provide the Service to you, comply with our legal obligations, resolve disputes and enforce our agreements.

• Messages, calendar events, expenses, journal entries, documents and audit entries are retained while your account is active and for a reasonable wind-down period after account closure.
• Password-reset tokens are stored hashed and expire 30 minutes after issue; they are deleted from our database after expiry.
• Backups are retained for up to 30 days for disaster recovery; deleted data falls out of backups within that window.
• Billing records may be retained for up to 7 years to meet Irish tax and accounting obligations.

You can request export or deletion of your account data at any time (see "Your rights" below).

We apply administrative, technical and organisational measures appropriate to the risks, including:

• Encryption in transit using HTTPS/TLS for all traffic.
• Secure storage with passwords stored as bcrypt hashes; we never write plaintext passwords to disk.
• Access controls scoped per household and per child, with least-privilege staff and processor access.
• Optional TOTP-based two-factor authentication.
• Object-storage files retrieved only through authenticated endpoints.
• An immutable audit log across household actions.

No service is entirely secure. If we become aware of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify you and the Data Protection Commission (DPC) without undue delay, in line with Data Protection Law.

Subject to Data Protection Law, you have the right to:

• Access the personal data we hold about you.
• Rectification — correct inaccurate or incomplete data (note: messages are intentionally immutable; this right applies to profile data and similar non-record content).
• Erasure — request deletion of your personal data, subject to our retention obligations.
• Restrict processing in certain circumstances.
• Data portability — receive your personal data in a portable format. We provide PDF exports and records bundles in-app.
• Object to processing based on legitimate interests.
• Withdraw consent where processing is based on it.
• Lodge a complaint with the Irish Data Protection Commission (DPC) at dataprotection.ie.

If you have questions or wish to exercise your data rights, contact us at support@coparentconsole.com. We will respond within one month.

We use a small number of strictly necessary cookies and local-storage items to keep you signed in and to remember your preferences. We do not use advertising cookies or cross-site tracking.

CoParent Console is intended for adults. It is not designed for use by children, and we do not allow children to create accounts.

CoParent Console does, however, hold information about children (for example in child profiles and calendar events). That information is provided and controlled by the adult account holders. You are responsible for the information you input about children, and for ensuring you have the legal authority to do so.

If you invite a mediator or solicitor using a view-only invite code, you are the controller of the data they see, and they access it on your instructions. Their access expires automatically at the end of the period you choose and can be revoked at any time from Settings.

We may update this Policy from time to time. Material changes will be notified in-app or by email. The "Last updated" date at the top reflects the most recent revision.

Questions, requests or complaints: support@coparentconsole.com.