Skip to main content
Roots We Planted

Legal

Privacy Policy

Last updated: May 2026

1. Overview

Roots We Planted ("we", "our", "us") is committed to protecting your privacy. This policy explains what data we collect, how we use it, how it is protected, and your rights as a user of https://rootsweplanted.com.

2. Data We Collect

Account information

When you create an account we collect your name, email address, and hashed password. Payment details are handled by Stripe and never stored on our servers.

Uploaded materials

Photos, videos, audio recordings, documents, and any other files you upload are stored securely in Azure Blob Storage using AES-256 encryption at rest. We treat these materials with the highest level of confidentiality.

Usage data

We collect anonymized usage metrics (pages visited, features used, error logs) to improve the platform. This data is never linked to your personal identity or family materials.

3. How We Use Your Data

  • To provide the service — processing uploads, generating AI outputs, building your archive.
  • To communicate with you — account notifications, support responses, product updates (opt-out available).
  • To improve the platform — anonymized analytics to understand how features are used.
  • To fulfill legal obligations — where required by applicable law.

We do not sell your data, use it for advertising, or share it with third parties except as described in Section 4.

4. Third-Party Services

We use the following third-party providers to deliver the service. Each is bound by their own privacy policies and data processing agreements:

  • Azure Blob Storage — file storage and encryption
  • Stripe — payment processing (we never see your card details)
  • OpenAI / Anthropic — AI text processing (data not used for model training)
  • ElevenLabs / HeyGen / Pika — media generation (processed data is not retained)
  • Railway — infrastructure hosting

5. Data Storage & Security

  • All data is encrypted in transit using TLS 1.3.
  • All stored files are encrypted at rest using AES-256.
  • Access controls enforce role-based permissions — only you and invited family members can access your archive.
  • We undergo periodic security reviews and maintain audit logs of access events.

6. AI Processing

Your family's materials are processed by AI systems to generate transcriptions, narratives, and other outputs. This processing is performed under strict confidentiality. Your materials are never used to train AI models without your explicit written consent. AI-generated outputs are draft content — you retain full editorial control.

7. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access all personal data we hold about you
  • Correct inaccurate data
  • Delete your account and all associated data
  • Export your archive in open formats at any time
  • Withdraw consent for optional processing
  • Lodge a complaint with your local data protection authority

To exercise any of these rights, contact us at privacy@rootsweplanted.com.

8. Data Retention

We retain your data for as long as your account is active. If you delete your account, all personal data and uploaded materials are permanently deleted within 30 days. Delivered books, archives, and Family Chronicle volumes are yours to keep and are retained indefinitely until you request deletion.

9. Cookies

We use only essential cookies required for authentication and session management. We do not use advertising or tracking cookies.

10. Changes to This Policy

We will notify you by email of any material changes to this policy. The date of the most recent update is shown at the top of this page.

11. Contact

For privacy-related inquiries:
Roots We Planted
privacy@rootsweplanted.com