Privacy Policy

Last updated: May 1, 2026

1. Data We Collect

Account Information

When you create an account, we collect your email address, name, and password. This information is necessary to create and manage your account.

Story Content

All content you create — responses to prompts, photos, and any associated metadata — is stored to preserve your personal story and legacy.

Media Files

Photos and other media you upload are stored securely with your story responses. These files are sent through our third-party provider (UploadThing) for secure hosting.

Payment Information

Payment details (credit card information) are processed by Stripe and are never stored on our servers. We only store your subscription status, plan type, and billing email.

Authentication Tokens

Session tokens are created to keep you logged in securely. These are managed by NextAuth and stored in your browser.

Legacy Contact Information (Optional)

If you designate a legacy contact, we store their name, email address, and any optional message you provide. Upon your account designation as a memorial account, this contact may be able to request access to your story.

2. How We Use Your Data

  • To provide, maintain, and improve the Your Life Saga service
  • To authenticate your identity and secure your account
  • To process subscription payments and manage your plan
  • To send you important service updates or policy changes
  • To respond to your requests or customer support inquiries
  • To contact your legacy contact if your account is marked as a memorial account
  • To comply with legal obligations or enforce our terms of service

3. Third-Party Services

We use the following third-party services that may collect or access your data:

Stripe (Payment Processing)

Stripe processes all subscription payments. Review their privacy policy at stripe.com/privacy

UploadThing (File Storage)

Photos and media are hosted by UploadThing. Review their privacy policy at uploadthing.com/privacy

NextAuth (Authentication)

Authentication is managed through NextAuth. Session data is encrypted and stored securely.

Neon (Database Hosting)

Your data is stored in a PostgreSQL database hosted by Neon. Review their privacy policy at neon.tech/privacy

4. Demo Accounts

We offer demo accounts for trial purposes. Important information about demo accounts:

  • Demo accounts may be shared or used for testing purposes
  • Demo account data may be visible to other users or staff
  • Demo accounts cannot designate legacy contacts
  • Demo accounts should not be used for sensitive or private information
  • Demo account data may be deleted or reset at any time

5. Data Retention

We retain your data as follows:

  • Active Accounts: Your data is retained for as long as your account is active
  • Memorial Accounts: Memorial accounts and associated data are retained indefinitely, allowing legacy contacts to access the story as intended
  • Deleted Accounts: Upon deletion, your data is securely erased within 30 days, except as required by law
  • Backups: Backup copies may be retained for up to 90 days for disaster recovery

6. Your Rights

Depending on your location, you may have the following rights:

  • Access: Request a copy of all data we hold about you
  • Correction: Request corrections to inaccurate data
  • Deletion: Request deletion of your account and associated data
  • Export: Request your data in a portable format
  • Legacy Control: Manage your legacy contact information and how your account will be handled after you pass

To exercise any of these rights, contact us at privacy@yourlifesaga.com

7. Memorial and Legacy Accounts

Your Life Saga supports memorial accounts to preserve your story beyond your lifetime:

  • You can designate a legacy contact to be notified and potentially gain access to your story after you pass
  • Your legacy contact will receive a notification and a secure link to claim access to your memorial
  • Upon claim, your account is converted to a memorial account and your story becomes a digital legacy
  • We retain memorial account data indefinitely to serve as your lasting digital legacy
  • Memorial account details and messaging are private between you and your legacy contact

8. Security

We implement industry-standard security measures to protect your data, including:

  • End-to-end encryption for sensitive data transfers
  • Secure password hashing and storage
  • Regular security audits and updates
  • Access controls to limit who can view your data
  • Secure authentication tokens and session management

While we implement strong security measures, no system is completely secure. Please contact us immediately if you suspect unauthorized access to your account.

9. Policy Changes

We may update this privacy policy from time to time. We will notify you of material changes via email or by prominently posting on our website. Your continued use of the service following the posting of revised terms means you accept and agree to the changes.

10. Contact Us

If you have questions about this privacy policy or our privacy practices, please contact us at:

Your Life Saga
Email: privacy@yourlifesaga.com

This privacy policy is provided for informational purposes. We recommend consulting with a legal professional to ensure full compliance with all applicable regulations in your jurisdiction before deployment to production.