Privacy policy
Harbor Family, a Harbor Privacy product · Last updated July 2026.
What this is
Harbor Family is a private space for one family, operated by Harbor Privacy (Pembroke, MA). There's no public signup -- you're here because a family admin invited you by email or shared a join code with you. Nothing you post is visible to anyone outside your family's account, and it is never used for advertising, AI training, or shared with data brokers.
What we collect, feature by feature
- Account: your email, display name, and password (stored as a one-way bcrypt hash -- we can't see your actual password). When you last signed in.
- Feed posts and comments: the text and photos you post, and reactions (hearts) you leave on posts.
- Albums: photos you upload to shared galleries, plus optional captions.
- Calendar: events you create -- title, description, location, and time.
- Messages: the text and photos you send in 1:1 or group conversations, and which messages you've read (a per-conversation read marker, not a read-receipt shown to others).
- Reports: if you report something, we record what you reported and the reason you give, so an admin can review it.
We don't run ads, third-party trackers, or advertising cookies anywhere in Harbor Family.
Photos
Uploaded photos are automatically stripped of location (EXIF/GPS) data and re-encoded before saving. Photos are never served publicly -- every photo request is checked against your login first, so a photo URL can't be shared outside the family and still work. Cloudflare's CSAM Scanning Tool is also enabled on this domain as an automated safeguard against illegal content.
Who can see what
Feed posts, comments, and albums are visible to every active member of the family. Calendar events are visible to the whole family. Messages are visible only to the people in that specific conversation. Family admins can see everything (that's what lets them review reported content), and can deactivate, remove, or promote/demote other members.
Joining -- invites and join codes
New members join one of two ways: an admin sends a direct email invite, or an admin shares a family join code that lets someone register themselves. Admins can turn off new joins entirely, or generate a new join code that invalidates the old one, at any time from the settings panel.
Reporting and moderation
Any member can report a post, comment, photo, or message. Reporting hides it immediately, before an admin even reviews it, and notifies admins. An admin can then restore it (if the report was a mistake) or permanently remove it, including deleting the underlying photo file from disk.
Your account, your data
From your account page you can, at any time and without asking an admin:
- Download your data -- a zip file of everything you've posted: your posts, comments, messages, uploaded photos, and events, plus your profile info.
- Deactivate your account -- signs you out and hides your account. Reversible; ask an admin to reactivate it.
- Permanently delete your account -- erases your posts, comments, messages, and uploaded photos entirely, including the files on disk. Albums, events, and conversations you started are kept for the rest of the family (with your name removed as the creator), so you don't destroy shared family memories other people are still using.
These self-service options aren't available if you're the family's only active admin -- you'd need to make someone else an admin first, so the family account always has someone who can manage it.
Third parties
We use a small, deliberately minimal set of outside services:
- Cloudflare -- sits in front of harborfamily.us for security (including CSAM scanning) and reliability. See cloudflare.com/privacypolicy.
- Resend -- sends transactional email only (invites, password resets). See resend.com/privacy.
- Umami -- a self-hosted, cookieless pageview counter. It collects aggregate traffic counts only, with no cookies and no individual tracking.
- Oracle Cloud -- hosts the server. Oracle provides the infrastructure but doesn't access application data.
We do not use Google Analytics, Meta Pixel, or any advertising or fingerprinting technology.
How long we keep it
Your content stays until you delete it, your account is deleted, or an admin removes it. There's no separate "trial" or automatic expiration timer on family content the way there is on some Harbor Privacy products -- this is meant to be a lasting family archive. Reported content that's confirmed for removal by an admin is deleted immediately, including the file on disk.
Security
All traffic is encrypted (HTTPS). Passwords are hashed with bcrypt, never stored in plain text. Login is rate-limited against brute-force attempts. Admins can force-sign-out any member's active sessions instantly (for example, if a device is lost).
Children
Harbor Family is a private family tool, and we expect some family members will be children. If you invite or create an account for a child, you as the inviting admin are responsible for that account and for supervising its use, the same as you would be for any account you set up for a child in your household.
Changes to this policy
If we make material changes, we'll update the date above. Continued use after a change means you accept the update.
Questions
Contact your family admin, or reach Harbor Privacy at [email protected]. See also our Terms of Service.