Is this baby monitor really free?

Yes, babymonitor.online is completely free to use. No payment, no subscription, no hidden fees. It runs entirely in your browser.

Do I need to install an app?

No. Baby Monitor works directly in your web browser on any device — phone, tablet, or computer. No app download needed. You can also install it as a PWA from your browser for an app-like experience.

Is the audio recording stored anywhere?

No. Audio streams directly between your two devices using WebRTC peer-to-peer encryption. No audio ever touches or is stored on any server. We have no ability to listen to or record your audio.

Can I use my old phone as a baby monitor?

Yes! That is exactly what Baby Monitor is designed for. Place your old phone near the baby, open babymonitor.online, and start monitoring. Then scan the QR code with your current phone to listen.

Do both devices need to be on the same WiFi?

No. Baby Monitor works on any network. You can choose "Same network" mode for extra security (only devices on your WiFi can connect) or "Any network" mode to monitor from anywhere.

Privacy Policy | Baby Monitor

Last updated: April 10, 2026

Overview

Baby Monitor (babymonitor.online) is a privacy-first audio monitoring application. We are committed to protecting your privacy. This policy explains what data we collect, how we use it, and your rights.

Data We Do NOT Collect

Audio data — Audio streams directly between your devices using WebRTC peer-to-peer encryption. No audio ever passes through or is stored on our servers.
User accounts — We do not require registration, login, or any personal information to use the service.
Cookies for tracking — We do not use tracking cookies, advertising cookies, or third-party analytics cookies.
Location data — We do not collect or store your geographic location.

Data We Do Collect

Signaling data (temporary) — To establish peer-to-peer connections, we temporarily store WebRTC signaling information (connection offers, answers, and ICE candidates) on our server. This data is automatically deleted after 30 minutes and contains no audio content.
IP addresses (temporary) — When a receiver requests to connect, their IP address is shown to the sender for identification purposes. This is stored only as part of the temporary signaling data and is deleted when the session expires.
Device type (temporary)— A general device identifier (e.g., "iPhone", "Android") derived from the browser's user agent string, used to help the sender identify connection requests.
localStorage— We store a random listener ID in your browser's localStorage to enable reconnection to the same session. This data never leaves your device.

How Audio Works

Audio is transmitted using WebRTC (Web Real-Time Communication), an industry-standard protocol that creates a direct, encrypted connection between two devices. The audio stream is encrypted end-to-end using DTLS-SRTP and never passes through our servers. We have no ability to intercept, record, or listen to your audio.

Third-Party Services

Vercel — Hosting and serverless functions. Subject to Vercel's Privacy Policy.
Upstash Redis — Temporary signaling data storage. Subject to Upstash's Privacy Policy.
Google STUN servers — Used to help establish peer-to-peer connections through network address translation (NAT). These servers only assist with connection setup and do not relay audio.
Cloudflare Web Analytics — Privacy-first, cookieless website analytics. Does not track individual users, does not use cookies, does not collect personal data, and does not cross-reference data across sites. Collects only aggregate page view metrics. Subject to Cloudflare's Privacy Policy.
Vercel Analytics — Privacy-friendly, cookieless web analytics. Does not track individual users or collect personal data. Subject to Vercel's Privacy Policy.

Cookies & Consent

This website does not use cookies. Our analytics providers (Cloudflare Web Analytics and Vercel Analytics) are both cookieless and do not require consent banners under GDPR, ePrivacy Directive, or similar regulations. No cookie consent banner is needed or shown because no cookies are set.

GDPR Compliance (EU Users)

We comply with the General Data Protection Regulation (GDPR). Under GDPR, you have the following rights:

Right to access — You can request information about any data we hold. Since we store only temporary signaling data that auto-deletes, there is typically no persistent data to access.
Right to erasure — Signaling data is automatically deleted after 30 minutes. You can also clear your localStorage data through your browser settings at any time.
Right to restriction — You can stop using the service at any time. No persistent data is retained.
Data portability — No persistent personal data is stored that would need to be ported.
Legal basis for processing — We process the minimal signaling data necessary to provide the service (legitimate interest). No consent is needed for cookies as we do not use tracking cookies.

CCPA Compliance (California Users)

We do not sell personal information. We do not share personal information for cross-context behavioral advertising. The minimal temporary data we process is solely for providing the service.

Children's Privacy

This service is designed for parents and caregivers to monitor children. We do not knowingly collect any personal information from children. The service does not require any user to provide personal information.

Data Security

Audio is encrypted end-to-end via WebRTC (DTLS-SRTP)
Signaling data is encrypted in transit (HTTPS/TLS)
Sessions require explicit sender approval
Sessions are locked after first approval — no unauthorized listeners
All temporary data auto-expires

Changes to This Policy

We may update this privacy policy from time to time. Changes will be posted on this page with an updated revision date.

Contact

For privacy-related questions or concerns, please open an issue on our GitHub repository.