Privacy Policy

Last updated: April 14, 2026

Ancestree ("we", "us", or "our") operates the Ancestree web application. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.

1. Information We Collect

Account information. When you create an account we collect:

• Your full name and email address
• Authentication credentials (securely hashed — we never store plain-text passwords)

If you sign in through a third-party provider (such as Google), we receive the profile information that provider shares (typically your name, email, and profile picture).

Family tree data. Information you enter about family members, including:

• Names, nicknames, and maiden names
• Dates of birth and death
• Birthplace and current location
• Biographical text
• Contact methods (email, phone, WhatsApp, Instagram)
• Addresses
• Photos you upload
• Relationship connections between people

Usage data. We automatically collect:

• Browser type and version
• Pages visited and actions taken within the app
• Timestamps and session duration
• Device and operating system information

2. How We Use Your Information

• To provide, maintain, and improve the Ancestree service
• To authenticate your identity and manage your account
• To enable sharing and collaboration features (invite links, shared trees)
• To send essential service communications (account verification, security alerts)
• To maintain an audit log of changes to your trees for accuracy and accountability
• To detect, prevent, and address technical issues or abuse

3. Data Storage and Security

Your data is stored on Supabase infrastructure, which uses PostgreSQL databases and encrypted storage. All data is transmitted over HTTPS. Uploaded photos are stored in secure cloud storage.

We implement role-based access control on every tree. Only users you explicitly invite (as owner, editor, or viewer) can access your family tree data. Trees set to "private" are not accessible without an invite or share link and password.

4. Data Sharing and Disclosure

We do not sell your personal information. We may share data only in these circumstances:

• With your permission — when you share a tree via a public link or invite collaborators
• Service providers — we use Supabase for hosting and database services, and Resend for transactional email delivery. These providers process data on our behalf under strict confidentiality obligations.
• Legal requirements — if required by law, regulation, or valid legal process

5. Cookies and Local Storage

We use essential cookies to maintain your authentication session. We also store your theme preference (light/dark mode) in browser local storage. We do not use third-party tracking or advertising cookies.

6. Your Rights

You may at any time:

• Access and update your account information
• Export your family tree data
• Archive or delete people and trees you own
• Delete your account by contacting us at hello@ancestree.app

If you are located in the EEA, UK, or California, you may have additional rights under GDPR or CCPA, including the right to request erasure and data portability. Contact us to exercise these rights.

7. Children's Privacy

Ancestree is not directed to children under 13. We do not knowingly collect personal information from children under 13. If you believe we have inadvertently collected such information, please contact us and we will promptly delete it.

8. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page with a revised "Last updated" date.

9. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us at hello@ancestree.app.