Privacy Policy
Your privacy is our priority. This policy explains how we collect, use, protect, and handle your personal information when you use LifeStory.
Our Promise: LifeStory is built privacy-first. Your personal timeline belongs to you, and we're committed to keeping it secure, private, and under your complete control. We don't sell your data, show you ads, or share your personal information with third parties.
Our Privacy Principles
These principles guide every decision we make about your data and privacy.
Privacy by Design
Privacy is built into every feature from the ground up, not added as an afterthought.
Secure Storage
Your timeline data is encrypted and stored securely with industry-standard protection.
No Tracking
We don't track your behavior, sell your data, or share it with third parties.
Your Control
You own your data and can export or delete it anytime you choose.
Privacy Policy Details
Detailed information about how we handle your data.
Information We Collect
Details about what data we collect and why we need it.
Personal Information: When you create an account, we collect your name, email address, and profile information from your Google account.
Timeline Data: All life events you create, including titles, dates, notes, and any uploaded images or attachments.
Usage Information: Basic analytics about how you use the application to improve our service, including page views and feature usage.
Technical Data: Device information, browser type, IP address, and cookies necessary for authentication and security.
How We Use Your Data
Explanation of how your timeline data is processed and stored.
Service Delivery: To provide, maintain, and improve your personal timeline experience.
Authentication: To verify your identity and secure your account using industry-standard practices.
Data Storage: To securely store your timeline events and personal information in encrypted databases.
Communication: To send important updates about your account or our service (we don't send marketing emails).
Analytics: To understand usage patterns and improve our application (all data is anonymized).
Data Protection
Security measures we implement to protect your information.
Encryption: All data is encrypted in transit using HTTPS and at rest using AES-256 encryption.
Access Controls: Strict access controls ensure only you can view and modify your timeline data.
Secure Infrastructure: We use enterprise-grade cloud infrastructure with regular security audits and monitoring.
Regular Backups: Your data is automatically backed up to prevent loss while maintaining security.
Security Monitoring: 24/7 monitoring for suspicious activity and potential security threats.
Your Rights
Your rights regarding your personal data and how to exercise them.
Data Access: You can access all your personal data through your account dashboard at any time.
Data Portability: You can export your timeline data in standard formats (JSON, CSV) whenever you choose.
Data Correction: You can update, edit, or correct any of your personal information or timeline events.
Data Deletion: You can delete individual events or your entire account, which will permanently remove all associated data.
Privacy Control: Your timeline is completely private by default - we never share your personal events with third parties.
Contact & Updates
How to reach us and how we'll notify you of policy changes.
Policy Changes: We will notify you of any significant privacy policy changes via email and in-app notifications.
Data Inquiries: Contact us anytime with questions about your data or privacy concerns.
Response Time: We respond to all privacy-related inquiries within 48 hours during business days.
Transparency Reports: We maintain transparency about data requests and security incidents (none to date).
Data Retention
How long we keep your data and our deletion policies.
Active Accounts: Your timeline data is retained as long as your account remains active.
Account Deletion: When you delete your account, all personal data is permanently removed within 30 days.
Inactive Accounts: Accounts inactive for 3+ years may be archived, with advance notice and option to reactivate.
Legal Requirements: We only retain data longer if required by law, and will inform you if this applies.
Backup Deletion: Deleted data is also removed from all backup systems within 90 days.
Third-Party Services
Information about external services we use and how they handle data.
Google OAuth: We use Google's authentication service to secure your login. Google may collect basic profile information according to their privacy policy.
Supabase (Database): Your data is stored securely with Supabase, which provides enterprise-grade security and compliance with major privacy regulations.
Cloud Infrastructure: We use secure, compliant cloud services for hosting and data storage, all with strong privacy protections.
Analytics: We may use privacy-focused analytics tools that don't track individual users or collect personal information.
No Advertising Networks: We don't use any advertising platforms or tracking services that could compromise your privacy.
Legal Compliance
How we comply with privacy laws and regulations like GDPR and CCPA.
GDPR Compliance: If you're in the EU, you have enhanced rights under GDPR including data portability, right to be forgotten, and explicit consent.
CCPA Compliance: California residents have specific rights regarding their personal information, including the right to know, delete, and opt-out.
Data Processing: We only process your data for legitimate purposes directly related to providing our timeline service.
International Transfers: Any data transfers are conducted with appropriate safeguards and compliance with applicable laws.
Regular Audits: We regularly review our privacy practices to ensure ongoing compliance with evolving privacy laws.
Questions About Your Privacy?
We're here to help. If you have any questions about our privacy practices or how we handle your data, don't hesitate to reach out.