Privacy Policy
Last updated: 8 June 2026
Your family data is yours. This page explains exactly what Thalamura ("we", "us") collects, why we collect it, who can see it, and how to control or delete it. It applies to the Thalamura web app, mobile web app, and any installable (PWA) version available at thalamura.com.
1. Who is responsible
Thalamura is the data controller for the personal data described below. For questions about this policy or to exercise any of your rights, contact us via the home page.
2. Private by default
Family trees are only visible to people you (or another family member) explicitly invite. There are no public profiles. Thalamura does not list family trees publicly and we add noindex headers to private app pages so search engines do not crawl member information.
3. What we collect
We collect only what we need to run the features you use.
- Account: name, email, profile photo and the Google account id when you sign in with Google. For guest mode we store only an anonymous user id (no email).
- Family-tree content: people you add (names, dates, relationships, biographical notes), photos and stories, family milestones, events on the family calendar.
- Messages & AI chats: messages you send in family channels and direct messages, plus prompts and responses you exchange with the AI assistant.
- Device & usage: language preference, push notification subscription (if you opt in), basic device info, IP address (used transiently for security and rate limiting), and error reports.
- Cookies & local storage: see Section 8.
4. Why we use it (legal basis)
- To provide the service (contract): authenticate you, render your family tree, deliver messages and notifications, run AI features you request.
- To keep the service secure (legitimate interest): rate limiting, abuse prevention, error logging.
- Analytics & marketing (consent): only after you tap "Accept" on the cookie banner.
- To comply with law (legal obligation): respond to lawful requests, keep minimal records for tax/audit where required.
5. Who can see your data
- Members of your family tree see the people, photos, stories, messages and events you share inside that tree.
- Direct-message recipients see messages you send them; channel members see channel messages.
- Thalamura staff never browse your tree casually. A small operations team has the technical access needed to fix bugs and respond to support requests; access is logged.
- We do not sell, rent or share your family data with advertisers, data brokers, or AI training providers.
6. Sub-processors we use
We rely on a small number of trusted infrastructure providers to deliver Thalamura. They process data only on our instructions:
- Supabase (database, authentication, storage, realtime).
- Cloudflare (CDN, edge runtime, DDoS protection).
- Lovable AI Gateway (routing prompts to AI models for the family AI assistant).
- Resend (transactional email — invites, notifications, security alerts).
- Google (sign-in only, if you choose Google).
- Google Analytics & Google Ads (only after you consent on the cookie banner).
- Web Push providers (your browser/OS vendor — Apple, Google, Mozilla — if you enable notifications).
7. AI assistant
When you use the in-app AI assistant, your prompt plus the family context required to answer it (e.g. the relevant people, dates and stories) is sent to our AI Gateway and on to a model provider. We configure our providers not to train on your content. You can review everything the AI saw under AI privacy inside the app, and we automatically purge AI chats and action logs after 90 days.
8. Cookies & analytics
We use a small number of essential cookies and local storage entries to keep you signed in, remember your language, store your cookie choice, and run the app. These are required and load with no banner.
With your consent we also load Google Analytics & Google Ads to understand how Thalamura is used and to measure marketing. These are off by default until you tap "Accept" on the cookie banner. You can change your mind anytime from your account → Cookie settings.
9. Push notifications
Push notifications are opt-in. If you enable them, we store the subscription endpoint provided by your browser/OS so we can deliver messages, family updates, and birthday reminders. You can revoke them at any time from your browser/OS settings or from your account.
10. Guest accounts
You can try Thalamura without an email by tapping "Try as guest". We create an anonymous user id and store the tree you build against it. If you later sign in with Google, your guest data is migrated onto your real account. Idle guest accounts are automatically deleted after 14 days.
11. Data retention
- Family content (people, photos, stories, messages): kept until you delete it or your account.
- AI chat & action logs: automatically purged after 90 days.
- Client error logs: purged after 30 days.
- Guest accounts: purged after 14 days of inactivity.
- Deleted accounts: hard-deleted 30 days after deletion is requested (so you can recover by mistake).
- Email send & suppression logs: kept for legitimate operational use; suppression list retained while needed to honour unsubscribe.
12. Your rights (GDPR / UK GDPR)
If you are in the EU, UK or another region with similar laws, you have the right to: access your data, correct it, delete it, restrict or object to processing, and request portability. Most rights can be exercised directly from your account:
- Access / portability: edit your profile and export your tree to PDF.
- Correction: edit any profile, person, story or message you own.
- Deletion: delete individual content, leave a family, or delete your account (reversible for 30 days).
- Withdraw consent: revoke analytics/ads or push notifications at any time.
You also have the right to lodge a complaint with your local data protection authority.
13. Account deletion (30-day grace)
From your account you can schedule deletion of your account. We mark it for removal immediately, hide your data from the app, and permanently delete your profile, family memberships, photos, chats and AI history 30 days later. To recover, just sign back in within the grace period and tap "Keep my account".
14. Children
Thalamura is not directed at children under 13 (or the age of digital consent in your country). Parents may add minors as members of a family tree but children should not create their own accounts.
15. International transfers
Our infrastructure providers operate globally. Data may be processed in regions outside your home country, including the EU, UK and the United States, under appropriate safeguards (e.g. EU Standard Contractual Clauses).
16. Security
Data is encrypted in transit (HTTPS) and at rest. Every family-tree row is protected by row-level security policies so other users cannot read it. Sensitive operations (sign-in, account deletion, invites) are logged.
17. Changes to this policy
We update this page when our practices change. The "Last updated" date at the top reflects the most recent change. For material changes we will notify you in the app or by email.
Questions? Reach out via the project home page.