Privacy
A small policy for a small product.
Last updated · 15 May 2026
Tuck Me In is a parental-control product built by SuperDarkCode Labs (Pvt) Ltd ("we", "us", "our"). This page explains what data we collect, why, who else touches it, how long we keep it, and the rights you have over it.
This is written in plain language. If anything here is unclear or you'd like a copy in another form, email tuckmein@localhost.co.zw.
The short version
We collect the smallest amount of data we can to make the product work - your phone number, payment receipts, and the device data needed to enforce the rules you set on your child's phone. We do not read messages, record audio or screens, or run "AI threat detection." We never sell data. You can ask for an export or deletion at any time.
On this page
1. Who runs Tuck Me In
SuperDarkCode Labs (Pvt) Ltd, registered in Zimbabwe. We're the "data controller" for the personal data described below. Our contact details are at the end of this page.
2. Parent account data
When you sign in to the parent app, we store:
- Your phone number in E.164 format (e.g.
+263771234567) - used to deliver one-time codes over WhatsApp or SMS, and as your login. - Your display name as you typed it during sign-up.
- An authentication token issued after you sign in. Lets the app stay signed in until you log out.
- A Firebase Cloud Messaging (FCM) token for your phone - used to push you tamper alerts and time-request notifications.
- Subscription state - your current tier, billing period, and when it expires (if applicable).
- Payment receipts - for each Pesepay transaction, we keep the reference number, amount, currency, status and timestamps. We do not store card numbers, EcoCash PINs, or any other payment credentials - Pesepay handles those directly.
3. Child device data
The Tuck Me In agent runs on your child's phone under your authority as their parent or legal guardian. While it's installed and paired, the agent uploads the following to our server so the parent app can show you what's happening:
- Device identity - a random UUID generated on first launch. Not the IMEI, not the SIM number, not the Google account.
- Hardware and OS snapshot - manufacturer, model, Android version, battery percentage, network connection state, granted permissions. Used by the Device tab so you can spot if a permission got revoked.
- Installed-app inventory - package names and human-readable labels of apps installed on the device. Used to populate the "block this app" picker and the new-app gate.
- App usage time - daily totals per app (e.g. "TikTok: 27 minutes today"). Used to enforce daily caps. We do not store what happened inside any app - only how many minutes it was in the foreground.
- Lock state and tamper events - when the phone was locked, by what rule (bedtime / budget / parent-triggered), and any attempts to disable the agent.
- Time requests - when the child taps "ask for more time" on the lock screen, the request (number of minutes, optional reason) lands on our server so you can approve or deny it.
- Location pings (Places feature only) - coarse GPS coordinates uploaded on a low-frequency schedule, plus arrival / departure events at the places you defined (home, school). We do not upload location continuously, and the feature can be turned off entirely.
4. What we deliberately do not collect
These are explicit product non-goals. They're not on a roadmap; we will not add them later. Several of them are technically possible on Android with the permissions the agent has, but we don't want to build that kind of product.
- No microphone recording. The agent never asks for or uses microphone access.
- No screen recording or screenshots. We don't record what's on your child's screen.
- No reading messages. Not SMS, not WhatsApp, not iMessage, not email. Their conversations are theirs.
- No keylogging. We don't capture keystrokes or typed text.
- No camera access. The agent doesn't open the camera.
- No "AI threat detection." We don't run their photos, contacts or browsing through machine-learning classifiers looking for "risk." Other parental-control vendors do this; we think it's a bad idea both ethically and accuracy-wise.
- No selling, brokering or "anonymised analytics" sharing. Your data is yours. It doesn't flow to advertisers, data brokers, training datasets, or anyone else outside the explicit third parties listed below.
5. Why we collect what we do
Under the Zimbabwe Cyber and Data Protection Act, 2021 we process this data on the following lawful bases:
- Contract performance. Most of it - sign-in, enforcement, payment processing - is needed to deliver the service you signed up for.
- Parental authority. The data uploaded by the child's device is processed under your authority as their legal guardian, for the safety and welfare of a minor in your care.
- Legitimate interest. A small amount of operational data (server logs, error reports) is processed to keep the service running and secure. We minimise these and don't use them for behavioural profiling.
6. Who else touches it
We use a small number of vendors to deliver the service:
- Pesepay (Zimbabwe) - payment processor. Handles EcoCash, ZiG, Paynow and card transactions on our behalf. They see the transaction amount, currency, reference and your payment instrument (which we never see).
- Firebase Cloud Messaging (Google) - delivers push notifications to your phone. Sees your FCM token and the notification payload (which we keep small: e.g. "tamper alert · device X").
- Google Maps Static API - renders the small map images on the Places tab. Sees the coordinates we ask it to render.
- Twilio or our SMS gateway, and WhatsApp Business - delivers your one-time login codes. Sees your phone number and the six-digit code.
- Our infrastructure host (Contabo, Germany) - runs the backend server. Sees encrypted-in-transit traffic and the database at rest on disk.
We do not share data with any other third parties, except where legally compelled (e.g. a valid court order). If that happens we'll try to notify the affected user unless the order forbids it.
7. How long we keep it
- Account data - kept while your account is active. Sign-out invalidates the token; account deletion (on request) removes the row.
- Child device data - kept while the device is paired. When you unpair a device, we wipe its policy data, app inventory, usage history, location pings, tamper events and time requests. The device's local UUID is retained so re-pairing the same device doesn't double-count.
- Payment receipts - kept for at least 5 years to satisfy Zimbabwean tax and accounting record-keeping requirements.
- Server logs - rotated and deleted within 30 days unless an active security investigation requires retention.
8. Security
All traffic between your phones and our server is encrypted with TLS. Payment instrument data (card numbers, EcoCash PINs) never crosses our server - Pesepay's hosted page collects it directly. Your tamper PIN is hashed on the server using Django's password hasher before storage; we can't read it back.
The database is on a private Linux VPS in Germany with full-disk encryption and SSH-key-only access. We can't promise no security incident will ever happen - anyone who tells you that is lying - but if one does we'll notify affected users promptly and in plain language.
9. Children and parental authority
The Tuck Me In agent is designed to be installed on a minor's device by their parent or legal guardian, who configures and monitors the rules through the parent app. The parent is the primary user of the service; the child's data is processed under the parent's authority for the child's safety and welfare.
The child does not have their own account on our service. They interact with the agent only through the lock-screen on their own phone - for example, by tapping "ask for more time," which sends a request to their parent. We do not collect personal data from the child in the sense the law contemplates; we collect device-level data under parental authority.
If you are not the parent or legal guardian of the user whose device you are managing - for example, if you have installed the agent on the device of an adult who has not consented - you are misusing the service in breach of our Terms of Service. Please uninstall it.
10. Your rights
You have the right to:
- Access the data we hold about you and your devices.
- Export it in a portable format (JSON).
- Correct anything inaccurate.
- Delete your account and the data tied to it (subject to the tax-record retention noted above). See the delete-account page for the in-app + email paths and exactly what is wiped vs retained.
- Withdraw consent for any feature you previously enabled (e.g. Places / location).
- Complain to the Postal and Telecommunications Regulatory Authority of Zimbabwe (POTRAZ) as the supervisory authority under the Cyber and Data Protection Act.
To exercise any of these, email tuckmein@localhost.co.zw from the address tied to your account, or from a phone signed in to the account. We'll respond within 30 days.
11. Changes to this policy
If we change anything material about how we handle your data, we'll bump the "last updated" date at the top of this page and - for changes that expand collection or sharing - show an in-app notice the next time you open the parent app. We won't retroactively apply broader uses to data we already collected under a narrower policy.
12. Contact
SuperDarkCode Labs (Pvt) Ltd
Harare, Zimbabwe
tuckmein@localhost.co.zw