Who Sees Your Family's Data? 7 Layers You Don't Need to Worry About
TL;DR: 7 questions for any family app — check who sees your family’s health and financial data. ParentOS: E2EE + zero-knowledge + MFA for health and finances. The server stores data but can’t read it.
Series: Clean Tech for Families · Article 7/7
ParentOS, an adaptive operating system for families, protects your family’s data with 7 security layers — from on-device end-to-end encryption and two-factor authentication for health and financial modules, to full logging of every security operation. The ParentOS server stores your family’s data but cannot read it. Not even the ParentOS team has access. In this article, we explain in plain language how it works — and give you 7 questions you can ask any family app.
Another breach.
You’re scrolling your phone before bed and come across an article: yet another data breach. This time from a service that “guaranteed security.” You scroll past, but somewhere in the back of your mind, a thought lingers — what about those apps where you keep things about your kids? Doctor’s visits, allergies, the household budget. You never really thought about it. Most people don’t.
You put down the phone. Fall asleep. But the question stays.
Who actually sees your family’s data?
We looked into this for you. And we’re giving you 7 questions you can ask any app — not just ours.
If you don’t have the energy to think about this right now — that’s OK. Bookmark this article. Come back when you’re ready. Nothing urgent is happening. Your data won’t run away overnight.
How to check if a family app is secure: 7 questions
Before we tell you how ParentOS approaches this — here’s a tool that works regardless of us. You can ask these 7 questions of any app where you store family data. You don’t need to understand cryptography. Just check the answers.
| # | Question | Good sign | Warning |
|---|---|---|---|
| 1 | Is the data encrypted? | Yes, end-to-end (E2EE) | “Stored securely” with no details |
| 2 | Who holds the encryption key? | You (key on your device) | The company |
| 3 | What happens if the company shuts down? | You have recovery phrases / data export | You lose access |
| 4 | Can you delete EVERYTHING with one click? | Yes, with confirmation | No clear policy |
| 5 | Does the app ask for consent BEFORE using data for AI? | Always, in the context of a specific feature | Once at the beginning or never |
| 6 | What does the company’s server see? | Encrypted blocks (not content) | Everything |
| 7 | Do sensitive data categories have extra protection? | MFA / two-factor for health and finances | Same level of protection for everything |
Your score
- 6-7 good signs — the app takes your family’s data seriously
- 3-5 good signs — worth asking follow-up questions and configuring more carefully
- 0-2 good signs — consider whether you want to store health and financial data there
Save these questions. Use them the next time you install an app. Whether it’s ParentOS or anything else.
Why are we even writing about this?
Most family apps store your data on a server in a way that lets the company read it. That’s not malicious — it’s just technically easier. Most companies do it this way.
- Employees may have access to your data (even if they shouldn’t).
- In the event of a server breach — your data is readable.
- If the privacy policy changes — data that was “safe” can change status.
As of February 2026 — none of the popular family apps (Cozi, FamilyWall, OurHome) offer full end-to-end encryption with a key on the user’s device. We chose a different path.
How does ParentOS protect your family’s data?
Imagine a breakwater — a calm stone structure standing between the sea and the harbor. It doesn’t fight the waves. It doesn’t panic. It just exists. And on the other side, the water is calm.
That’s how we designed ParentOS security. Not one big wall, but 7 layers, each doing one thing well. And — most importantly — none of them require any extra work from you.
Layer 1: Identity — “It’s really you”
When you log into ParentOS, the system verifies your identity cryptographically. It doesn’t rely on a password alone — it checks whether the token (a digital proof of identity) is authentic and hasn’t been tampered with.
What this means: No one can pretend to be you, even if they learn your password.
Layer 2: Encryption — “Your data is unreadable to us”
When you first launch ParentOS, your browser generates a unique encryption key. This key never leaves your device. All sensitive data — health, finances, meals, education — is encrypted with this key before it reaches the server.
What this means: Even if someone broke into our server — they’d see digital gibberish, not your child’s medications.
Layer 3: Recovery — “You can always get back in”
The encryption key lives on your device. But what if you lose your phone? That’s why ParentOS lets you create a recovery phrase — 24 words you can write on a piece of paper and tuck into a drawer.
What this means: You’re in control. You don’t depend on the company to regain access to your data.
Layer 4: Two-factor — “Only you open health and finances”
Schedule and task data are important, but your family’s health and financial data — that’s a different category entirely. When you try to access health or financial data, the system asks for a 6-digit code from an authenticator app.
What this means: Your child’s medications and family budget have an extra lock. Only you hold the key.
Layer 5: Backup codes — “A Plan B just in case”
What if you lose the phone with your authenticator app? When you set up two-factor protection, you receive 10 one-time backup codes. Print them. Store them somewhere safe.
What this means: You won’t get locked out. There’s always a Plan B.
Layer 6: Consent — “The app asks, you decide”
ParentOS doesn’t ask for all permissions upfront. Instead, it asks in context — right when you’re actually using a particular feature. Every consent is revocable. No consequences. No pressure.
What this means: You decide, step by step, what the app can do. You don’t agree to everything with a single click.
Layer 7: Audit log — “Everything is recorded”
Imagine a ship’s logbook — every entry stamped with a date, time, and description of the event. That’s how the ParentOS security log works. Every operation is logged: who signed in, when a verification code was used, how many attempts were made, from which device. This log is available to you — and only to you.
What this means: You have full visibility into what’s happening with your account’s security. Like a ship’s captain — you see every move on deck.
What does our server see?
| Your data | What the ParentOS server sees |
|---|---|
| ”Max — Nurofen 5ml, every 6h” | a7f2c8…encrypted…3b1e9d |
| ”Budget: activities $110” | 9d4e1a…encrypted…7c3f2b |
| ”Friday: pasta with broccoli” | 2b8f3c…encrypted…5a9d1e |
How does this compare to other apps?
As of February 2026 — a security comparison of popular family apps:
| Security feature | ParentOS | Cozi | FamilyWall |
|---|---|---|---|
| End-to-end encryption (E2EE) | Yes (AES-GCM 256-bit) | No | No |
| Encryption key on device | Yes | N/A | N/A |
| Zero-knowledge architecture | Yes | No | No |
| MFA for sensitive data | Yes (TOTP) | No | No |
| Recovery phrase | Yes (24 words) | No | No |
| Contextual data consent | Yes | One-time consent | One-time consent |
| Security audit log | Yes | No | No |
Comparison based on publicly available documentation and privacy policies as of the publication date.
One micro-step this week
This week, do one thing: open the settings of one app where you store family data. Just one. Check how it answers question two from our list: “Who holds the encryption key?”
If the answer is “the company” — that’s not a reason to panic. It’s simply information. Most apps work this way. But now you know.
And if you’d like — sit down with your partner and go through the list of 7 questions together. Or start with just one: “Do you know which apps on our phones have our kids’ data?” One question is enough to start the conversation.
FAQ
Is my data safe in ParentOS? As of February 2026: ParentOS encrypts health, financial, nutritional, educational, and religious data with a key generated on your device (AES-GCM 256-bit). The server stores encrypted blocks and has no key to read them. Health and finance modules require additional two-factor authentication (TOTP).
What does “zero-knowledge” mean? Zero-knowledge means the company storing your data has no way to read it. The server sees encrypted blocks — but the decryption key exists only on your device.
What if I lose my phone? You have two options to recover access: (1) a recovery phrase — 24 words that let you restore your encryption key on a new device, (2) backup codes — 10 one-time codes to unlock modules protected by two-factor authentication.
Does ParentOS sell my data? No. ParentOS operates on a subscription model — you pay for the product, so you’re not the product. The server can’t read your data (zero-knowledge), so there’s nothing to sell.
How is ParentOS different from Cozi or FamilyWall in terms of security? As of February 2026: none of the popular family apps (Cozi, FamilyWall, OurHome) offer full end-to-end encryption with a key on the user’s device, two-factor authentication for sensitive modules, or zero-knowledge architecture. ParentOS offers all three.
Sources and further reading
- NIST SP 800-175B: Guideline for Using Cryptographic Standards
- ENISA: Recommendations on shaping technology according to GDPR provisions
- OWASP: Cryptographic Storage Cheat Sheet
- Web Crypto API — MDN Web Docs
Series “Clean Tech for Families”:
- Article 1/7: If You’re Not Paying, You’re the Product. What About Your Child?
- Article 2/7: Organic Software: How to Read an App’s Label
- Article 3/7: End-to-End Encryption for Families: A Jargon-Free Guide
- Article 4/7: Slow Tech: When Technology Slows Down Instead of Speeding Up
- Article 5/7: What Does Your Child’s Learning App Know About Them?
- Article 6/7: I Installed OpenClaw. Then I Checked What It Has Access To.
- Article 7/7: Who Sees Your Family’s Data? 7 Layers You Don’t Need to Worry About (this article)
Calm families start with awareness.