Back
Privacy Policy

Afterword Privacy Policy

Effective date: March 5, 2026

Afterword is a secure, time-locked digital vault. This policy explains what information we collect, how we use it, and the choices you have.

1) What we collect

  • Account information: email address, authentication identifiers.
  • Profile settings: sender name, subscription status, timer settings, theme selections.
  • Encrypted vault data: encrypted messages, encrypted recipient addresses, encrypted audio. We store ciphertext and integrity seals, not plaintext.
  • Device and app info: push notification tokens and basic diagnostics needed to deliver notifications reliably.
  • Purchase information: subscription entitlement state (processed via our billing providers).

2) What we do not collect

  • We do not collect your message plaintext.
  • We do not collect beneficiary security keys. Decryption happens locally in the beneficiary’s browser.

3) How we use information

  • To create and manage your account.
  • To store your encrypted vault items and enforce integrity checks.
  • To operate the check-in timer, warnings, and protocol execution.
  • To deliver push notifications and service emails.
  • To provide customer support when you contact us.

4) Legal bases

  • Contract: providing the service you request.
  • Legitimate interests: security, abuse prevention, and reliability.
  • Consent: where required (for example, notification permissions on your device).

5) Sharing and third parties

We use trusted providers to operate Afterword. They may process limited data on our behalf:

  • Supabase: database, authentication, encrypted storage.
  • Google Firebase Cloud Messaging: push notification delivery.
  • RevenueCat and Google Play Billing: subscription and purchase processing.
  • Resend: email delivery for warnings and beneficiary release messages.

We do not sell your personal information.

6) Retention

  • Encrypted vault items are retained until you delete them, your account is deleted, or the protocol lifecycle triggers deletion.
  • When items are released to a beneficiary, they are available for a limited period and then automatically purged.
  • Operational logs and delivery metadata may be retained briefly for reliability and abuse prevention.

7) Security

Afterword is designed so the service cannot read your vault contents. Encryption occurs on your device. We also use integrity seals (HMAC) to detect tampering. No system is perfectly secure, but we design and operate Afterword with security as a core requirement.

8) Your choices and rights

  • You can edit or delete vault entries in the app.
  • You can delete your account from the app (which deletes associated stored data).
  • You can manage notification permissions in your device settings.
  • If applicable in your region, you may request access, correction, or deletion of personal information by contacting us.

Immediate Deletion: You may request the complete deletion of your account and all associated vault data at any time directly through the App's settings menu. If you have uninstalled the app, you can request full account deletion by emailing afterword.app@gmail.com from your registered email address.

9) Children

Afterword is strictly intended for users aged 18 and older. We do not knowingly collect information from anyone under the age of 18.

10) Contact

Email: afterword.app@gmail.com