AudiV is a personal audiobook player with optional Family Link features. We designed it to keep your data on your device whenever possible, and to be specific and minimal about the data that isn't. This policy describes what AudiV collects, what it transmits, and why.
If anything here is unclear, email us at support@runaboutdigital.com and we'll fix the policy or the app, whichever needs fixing.
1. What stays on your device
The vast majority of what AudiV stores never leaves your phone:
- Your audiobooks themselves — the audio files you import via Files, Wi-Fi Transfer, or AirDrop.
- Playback position, bookmarks, notes, ratings, finished status, per-book speed, and chapter data.
- Library metadata — titles, authors, covers, durations.
- Listening history —
PlaySessionrecords for each listening span. - Settings preferences — theme, skip intervals, haptics toggle, Smart Speed, etc.
- Kid Mode PIN — stored only as a SHA-256 hash; the PIN itself is never written to disk.
None of this is transmitted off the device unless you explicitly turn on a feature listed in section 2.
We don't run analytics. We don't send crash reports to a third party. We don't have an advertising SDK. We don't track you across apps or websites.
2. What is transmitted, and only when you turn it on
2.1 Family Link (parent ↔ kid sync)
If you set up Family Link by either generating a pairing code on a kid device or entering one on a parent device, the following data is transmitted via HTTPS to our Cloudflare Worker at echo-family-link.runaboutdigital.workers.dev:
From the kid's device every ~120 seconds while the app is foregrounded (and once when backgrounded):
- The 6-character pairing code.
- The user-chosen device name (e.g. "Sammy's iPad").
- A randomly-generated stable device UUID.
- The current "now playing" title, author, and progress fraction (if audio is playing).
- Aggregate listening stats: hours today, hours this week, current streak.
- A list of recent listening sessions (book title + duration in minutes, last 12 sessions only).
- A list of titles + authors + progress fractions of books currently in the library.
From the parent's device when they edit controls:
- Bedtime windows, daily-minute limits, schedule windows, locked book IDs, allow-list IDs, audit-log entries, feature lock states.
This data is stored in Cloudflare's KV store keyed only by the pairing code. It is never linked to a real-name account, an Apple ID, an email, a phone number, or any third-party identifier.
The pairing code is the only key into that record. Generating a new pairing code on the kid device causes the old record to become unreachable and expire automatically.
2.2 Send a Book (parent → kid file transfer)
If a parent uses the "Send a Book" feature, the audiobook file is uploaded to Firebase Storage and a small JSON envelope (file size, sender device name, receiving pairing code, expiry timestamp) is written to Firebase Realtime Database. The receiving kid device downloads the file, imports it locally, and the cloud copy is deleted automatically within 7 days.
Anonymous Firebase Authentication is used to gate Storage and RTDB access via security rules. No personal Firebase account is created — just an anonymous identifier scoped to your install.
2.3 Push notifications (Firebase Cloud Messaging)
If you allow notifications, a Firebase Messaging token is registered with the Cloudflare Worker so the worker can wake your device when parental controls change. The token is rotatable by Firebase at any time and not linked to your identity.
2.4 Wi-Fi Transfer (local network only)
Wi-Fi Transfer runs an HTTP server on your local network only when you tap Start. Files dragged into the upload page are transmitted directly from the other device's browser to your phone. Nothing goes to our servers — we don't have a server in this path at all. The server stops the moment you tap Stop or close the screen.
3. What we do not do
- We do not sell your data.
- We do not use your data for advertising — there are no ads.
- We do not share data with third parties beyond the explicit Cloudflare and Firebase pipelines listed above.
- We do not track you across other apps or websites.
- We do not collect your contacts, photos, calendars, location, health data, or biometrics.
- We do not record audio or analyze the contents of your audiobook files. Cover art and metadata are read locally for display, never uploaded except as part of the explicit "Send a Book" flow.
4. Children's data (under 13)
AudiV is intended for general family use, not exclusively for children. The Kid Mode feature is supervisory — designed for a parent to configure and manage. The kid-side device transmits only the data listed in section 2.1, and only when a parent has paired with it.
We do not knowingly collect personal data from children under 13 beyond what's needed to operate Family Link, and that data is limited to listening activity tied to an opaque pairing code, never to a real-world identity.
If you are a parent and want us to delete a child's pairing-code record, email support@runaboutdigital.com with the pairing code; we will purge it from KV within 24 hours.
5. Retention and deletion
| Data | Where | Retention |
|---|---|---|
| All on-device data | Your phone | Until you delete the app or the data |
| Family Link snapshots | Cloudflare KV | Overwritten on every publish; auto-expires after 7 days of no publishes |
| Family Link controls | Cloudflare KV | Same |
| File transfers | Firebase Storage | 7 days, then auto-deleted by a scheduled function |
| Transfer envelopes | Firebase RTDB | Cleared when the receiver imports OR after 7 days |
| FCM push tokens | Cloudflare KV | Until you regenerate the pairing code or unlink |
You can wipe all cloud data by:
- Tapping Unlink on the parent dashboard (parent-side records).
- Tapping Generate a new code on the kid-side pairing screen (kid-side records orphan immediately).
6. Where data is processed
- Cloudflare KV / Workers — Cloudflare's global edge network.
- Firebase Storage / RTDB / Authentication / Cloud Messaging — Google Cloud, primary region
us-central1.
By using Family Link or Send a Book, you consent to your data being processed in these jurisdictions.
7. Security
- All transit uses HTTPS (TLS 1.2+).
- The pairing code is the only auth gate on Family Link records. Codes are 6 characters from a 31-character alphabet — about 887 million possible codes — and are regenerable at any time on the kid device.
- Kid Mode PINs are stored only as SHA-256 hashes; the PIN is never written to disk in cleartext.
- Firebase Storage and RTDB use security rules that require an authenticated (anonymous) user.
8. Your rights
Depending on where you live, you may have the right to access, correct, delete, or export your personal data, or to object to its processing. Email support@runaboutdigital.com to exercise any of these rights. Because most data lives on your device, you can also exercise these rights directly by uninstalling the app or unlinking from your dashboard.
9. Changes to this policy
If we change anything material about how AudiV handles data, we will update the "Last updated" line at the top, surface a one-time notice in the app, and post the diff at our changelog URL. Trivial edits (typos, layout) won't trigger a notice.
10. Contact
Runabout Digital
support@runaboutdigital.com
For data-deletion requests, include your pairing code (if any) so we can identify the record. Don't include personal account info we don't already have on record.