We process account data such as email address, display name, avatar, language, session, and authentication status.
We process family data users upload or edit: trees, profiles, relationships, dates, places, stories, notes, sources, comments, suggestions, invitations, roles, and activity.
Information about living people may include sensitive or private data. ArbolKin includes privacy controls to hide certain data from limited roles, but users and workspace administrators remain primarily responsible for uploading and sharing that information appropriately.
Files may include photos, videos, PDFs, documents, filenames, sizes, MIME types, dates, descriptions, tags, and storage paths.
Some media may contain technical or EXIF metadata, such as dimensions, dates, device, or location. When the product processes that data, it is used to display, organize, protect, or administer family media.
We process invitee emails, optional names, roles, invitation links, expiration, acceptance, revocation, and minimal records needed to deliver invitations and control access.
We may send transactional emails such as magic links, invitations, and activity digests. Those emails avoid sensitive family details when they are not necessary.
We record operational activity such as sign-ins, invitation acceptance, role changes, content creation or updates, errors, audit events, and technical metadata needed for security and support.
We may process derived data such as IP hash, user agent, and timestamps for audit, abuse prevention, and incident resolution.
We use cookies and local storage necessary for authentication, sessions, language preferences, interface state, and security. We do not use advertising cookies at this stage.
Supabase and Vercel may set cookies or process technical information needed to deliver the service.
We use infrastructure and operations providers such as Supabase for database, authentication, storage, and realtime; Vercel for hosting; Resend for email; Sentry for error monitoring when configured; and GitHub for development and deployment.
These providers process data only as needed to provide their services, under their own terms, security controls, and applicable policies.
We retain data while the account, workspace, or operational need exists. Some records may be kept for security, audit, backup, compliance, or dispute resolution.
Owners and administrators can export certain workspace data when the feature is available. Deletions may remain temporarily in backups or technical logs before expiring.
Depending on your location, you may have rights of access, correction, deletion, portability, objection, or restriction. For requests, contact the workspace administrator or ArbolKin operator.
In family workspaces, some requests may require coordination with workspace owners because information can involve multiple people.
We apply technical controls such as authentication, roles, RLS, private storage, signed URLs, environment separation, and audit records. No system is perfect; you must protect your links, sessions, exports, and devices.
We may update this policy when the product, providers, legal requirements, or data practices change. If a change is material, we may request acceptance of a new version.