Legal

Privacy Policy

Last updated: March 2026  ·  Effective: March 2026

BabyPillars ("we," "us," or "our") is operated by Anat Furstenberg. This Privacy Policy explains how we collect, use, share, and protect information when you visit babypillars.com or use our services. By accessing our website or creating an account, you agree to the practices described in this policy.

1. Information We Collect

Account Information: When you register, we collect your name, email address, and a hashed password. If you sign in via Google OAuth, we receive your name, email, and profile picture from Google.

Payment Information: Payments are processed exclusively by Stripe. We never store your credit card number, CVV, or full payment details on our servers. We only retain a Stripe customer ID and subscription status.

Usage Data: We collect information about how you interact with our platform: pages visited, videos watched, lesson progress, time on site, and features used.

Device and Technical Data: IP address, browser type, operating system, referring URLs, and device identifiers collected automatically when you visit our site.

Communications: If you contact us by email or through our contact form, we retain those communications to respond to your inquiry.

Cookies and Tracking: See Section 5 below for full details on our cookie practices.

2. How We Use Your Information

  • To create and manage your account and subscription
  • To process payments and send billing confirmations
  • To deliver course content and track your learning progress
  • To send transactional emails (welcome, receipt, password reset, renewal reminders)
  • To respond to support inquiries and improve customer service
  • To analyze how our content is used and improve our programs
  • To detect and prevent fraud, abuse, or unauthorized access
  • To comply with legal obligations and enforce our Terms of Use
  • To publish blog content to our social media accounts on your behalf (Facebook, Instagram, Pinterest); this is automated business posting only and does not involve your personal data

3. Third Party Services

We share data with trusted service providers only to the extent necessary to operate our platform:

ServicePurposePrivacy Policy
StripePayment processingstripe.com/privacy
ResendTransactional email deliveryresend.com/legal/privacy-policy
Bunny.netVideo hosting and deliverybunny.net/privacy
RailwayCloud hosting infrastructurerailway.app/legal/privacy
SupabaseDatabase infrastructuresupabase.com/privacy
SanityContent management systemsanity.io/legal/privacy
Meta (Facebook & Instagram)Business page content publishingfacebook.com/privacy/policy
PinterestBusiness pin publishingpolicy.pinterest.com/privacy-policy
Google OAuthOptional sign in methodpolicies.google.com/privacy
SentryError monitoringsentry.io/privacy
Yandex MetricaWebsite analyticsyandex.com/legal/confidential

We do not sell your personal data to any third party. We do not share your data with advertising networks for the purpose of targeting you with ads.

4. Children's Privacy

BabyPillars creates educational content about babies and child development. Our services are directed to parents, caregivers, and professionals and not to children. We do not knowingly collect personal information from children under the age of 13.

If you believe that a child under 13 has provided us with personal information without parental consent, please contact us immediately at info@babypillars.com and we will delete that information promptly.

5. Cookies and Tracking Technologies

We use the following types of cookies:

  • Essential cookies: Required for authentication, session management, and security. Cannot be disabled without breaking the site.
  • Analytics cookies: Yandex Metrica collects anonymized data about how visitors use our site. This helps us understand which content is most useful.
  • Functional cookies: Remember your preferences such as login state and course progress.

You can control nonessential cookies through your browser settings. Note that disabling cookies may affect the functionality of certain features.

6. Data Retention

We retain your personal data for as long as necessary to:

  • Maintain your active account and subscription
  • Comply with legal obligations (e.g., tax records for 7 years)
  • Resolve disputes and enforce our agreements

When you delete your account, we delete your personal information within 30 days, except where retention is required by law. Aggregated and anonymized usage data may be retained indefinitely.

7. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

All users:

  • Access the personal data we hold about you
  • Correct inaccurate or incomplete data
  • Request deletion of your account and data
  • Receive a copy of your data in a portable format

EU / EEA users (GDPR):

  • Object to processing based on legitimate interests
  • Request restriction of processing
  • Withdraw consent at any time (where processing is consent-based)
  • Lodge a complaint with your local data protection authority

California users (CCPA/CPRA):

  • Know what personal information is collected and how it is used
  • Delete personal information we have collected
  • Opt out of the sale or sharing of personal information (we do not sell your data)
  • Nondiscrimination for exercising your rights
  • Correct inaccurate personal information
  • Limit use of sensitive personal information

To exercise any of these rights, email us at info@babypillars.com. You may also export or delete your account data directly from your Account settings page.

8. International Data Transfers

BabyPillars is operated from Israel and serves users globally. Your data may be processed in the United States, the European Union, and other countries where our service providers operate.

Where we transfer data from the EEA to countries without an adequacy decision, we rely on Standard Contractual Clauses (SCCs) or other approved transfer mechanisms to ensure appropriate protection.

9. Data Security

We implement industry standard security measures to protect your personal information:

  • All data is transmitted over HTTPS (TLS encryption)
  • Passwords are hashed using bcrypt with a cost factor of 12
  • Sensitive operations require reauthentication or token verification
  • Payment data is handled exclusively by Stripe (PCI DSS compliant)
  • Access to production systems is restricted to authorized personnel
  • We use Sentry for real time error monitoring

No method of transmission or storage is 100% secure. If you discover a security vulnerability, please report it responsibly to info@babypillars.com.

10. Legal Basis for Processing (GDPR)

For users in the EU/EEA, we process your personal data under the following legal bases:

  • Contract performance: Processing necessary to deliver the services you subscribed to (account management, course access, payment processing)
  • Legitimate interests: Analytics to improve our platform, fraud prevention, security monitoring
  • Legal obligation: Retaining financial records as required by tax law
  • Consent: Nonessential cookies and marketing communications (where applicable)

11. Changes to This Policy

We may update this Privacy Policy from time to time. When we make significant changes, we will notify you by email (if you have an account) and by updating the "Last updated" date at the top of this page.

Your continued use of our services after the effective date of any change constitutes your acceptance of the revised policy.

12. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:

BabyPillars

Operated by Anat Furstenberg

Email: info@babypillars.com

Website: babypillars.com