Privacy Policy

Account Information: Your full name, email address, and a hashed password (we never store your password in plain text). We also store your subscription plan and email notification preferences.

Memorial Content: Photographs, biography text, life timeline events, family member names and relationships, ceremony details, and shared memories from visitors. This content is stored securely and shared only according to the visibility settings you configure (public, link-only, or password-protected).

Payment Information: We do not store credit card details. All payment processing is handled by Stripe, our PCI-compliant payment processor. We store your Stripe customer ID, order details, and shipping address provided at checkout.

Analytics Data: We use Plausible Analytics, a privacy-friendly analytics tool that does not use cookies, does not collect personal data, and does not track users across sites. All data is aggregated and anonymous.

Communications: If you contact us for support, we retain correspondence to assist you.

Contract: We process account and memorial data to provide the service you have signed up for.

Consent: Email notifications (order updates, memory submissions, dispatch alerts) are sent based on your notification preferences, which you can change at any time in your profile settings.

Legitimate interest: We process anonymised analytics data to improve the service and detect abuse.

Your data is stored securely using Amazon Web Services (AWS) infrastructure. Specifically:

Database: Amazon RDS (PostgreSQL) with encryption at rest, automated daily backups with 7-day retention, and point-in-time recovery.

Media files: Amazon S3 with server-side encryption and versioning enabled, so deleted files can be recovered.

Passwords: Hashed using Argon2, a modern and secure hashing algorithm. We never store or have access to your plain-text password.

Emails: Sent via Amazon SES from noreply@myepitaph.com.

All data is transmitted over HTTPS. Authentication uses JWT tokens stored in secure, httpOnly cookies.

We use the following third-party services to operate MyEpitaph:

Stripe — payment processing for plaque orders and subscriptions. Stripe processes your payment card details directly; we never see or store them.

Amazon Web Services (AWS) — database hosting, file storage, and email delivery.

Fly.io — application hosting.

Plausible Analytics — privacy-friendly, cookie-free website analytics.

We do not sell, trade, or rent your personal information to any third party.

Under UK data protection law, you have the following rights:

Right of access: You can view all your data in your profile and memorial edit pages. You can also export a complete copy of any memorial as a ZIP file from your profile.

Right to rectification: You can edit your account details and memorial content at any time.

Right to erasure: You can delete individual memorials or your entire account from your profile settings. Deletion is permanent and removes all associated data within 30 days.

Right to data portability: The memorial export feature provides all your data in a standard format (JSON + original media files).

Right to object: You can disable email notifications at any time in your profile settings.

To exercise any of these rights, use the tools in your account settings or contact us.

We use a single essential cookie to keep you logged in (a secure, httpOnly session token that expires after 24 hours). We do not use tracking cookies, advertising cookies, or any third-party cookies.

Plausible Analytics does not use cookies. No consent banner is required because we do not track users across sites or collect personal data through analytics.

Your account and memorial data are retained for as long as your account is active. When you delete a memorial or your account, all associated data is permanently removed within 30 days. Automated database backups are retained for 7 days and then automatically deleted.