Your data, treated with care.

Our Commitment to You

untilThen was built to help families preserve memories across time. We take the trust you place in us — especially when it involves your children — with the utmost seriousness. This Privacy Policy explains what we collect, how we use it, and how we protect it.

We will never sell your data. We will never use your children’s information for advertising. We will never share your memories with anyone who isn’t you.

If you have questions about this policy, contact us at hello@untilthenapp.io.

1. Who We Are

untilThen is operated by Untilthenapp, LLC (“we”, “us”, “our”). Our registered address is 1200 Camellia Blvd STE 203, Lafayette, LA 70508.

2. What Information We Collect

2.1 Account Information

When you create an account we collect:

• Your name and email address
• Your password (stored encrypted — we never see it in plain text)
• Your phone number (optional, for launch notifications only)
• Your date of birth (optional, for demographic purposes only)

2.2 Children’s Information

When you create a Child Vault we collect:

• Your child’s first name
• Your child’s date of birth (optional)
• Your child’s reveal date or age

We collect the absolute minimum information necessary about children. We do not collect children’s email addresses, phone numbers, photos of children’s faces for identification purposes, or any biometric data. Children’s names and birthdays are stored solely to personalise the vault experience.

2.3 Content You Create

We store everything you write, record, upload, or create within the app:

• Letters and written entries
• Voice recordings
• Photos and videos
• Collection titles and descriptions

This content belongs to you. We store it to deliver the service. We do not read, analyse, or use your content for any purpose other than storing it and delivering it to you and your designated recipients.

2.4 Contributor Information

When you invite contributors we collect their name (optional) and email address to send the invitation. Contributors who create accounts are subject to this same Privacy Policy.

2.5 Gift Capsule Recipients

For Gift Capsules, we collect the recipient’s name and email address to deliver the capsule on the reveal date. Recipients who create accounts to save their capsule are subject to this Privacy Policy.

2.6 Payment Information

Payment processing is handled by Square. We do not store your credit card number, CVV, or full payment details. We store only a payment reference ID from Square and your subscription status. Square’s privacy policy applies to payment data.

2.7 Usage Data

We collect anonymised usage data through PostHog analytics including:

• Pages visited
• Features used
• Session recordings (with all text inputs masked — we cannot see what you write)
• Browser type and device type

We use this data to improve the product. It is never linked to your child’s identity.

2.8 Technical Data

• IP address (for security and fraud prevention)
• Cookies and session tokens (for keeping you logged in)
• Error logs (to fix bugs)

3. Children’s Privacy — Our Strongest Commitment

untilThen is a product used by adults to create content for children. We take children’s privacy with the highest level of seriousness.

3.1 COPPA Compliance

untilThen complies with the Children’s Online Privacy Protection Act (COPPA). We do not knowingly collect personal information directly from children under 13 for the purpose of creating accounts.

Account creators — parents, guardians, contributors, and Gift Capsule organisers — must be 18 or older. They create and manage vaults on behalf of their children.

Vault recipients — children receive vaults at whatever age the parent designates as the reveal date. There is no minimum age for receiving a vault. When a child creates an account to access their vault at reveal, they do so at the age their parent has chosen. If that age is under 13, the parent or guardian should assist with account creation and the parent remains responsible for the child’s use of the service in accordance with COPPA.

3.2 Child Account Creation

Children only create untilThen accounts when their vault reveal date arrives and they are old enough to do so. At no point do we solicit personal information from children to create accounts before they are of appropriate age.

3.3 What We Store About Children

We store only:

• First name (as entered by the parent)
• Date of birth (optional, entered by the parent)
• Reveal date (set by the parent)

We do not store children’s phone numbers, addresses, school information, photographs for identification purposes, or any other sensitive personal data.

3.4 Children’s Content

Photos, videos, and voice recordings uploaded to a child’s vault are stored securely and are never accessible to anyone other than the parent, approved contributors, and the child themselves after the reveal date.

3.5 No Advertising to Children

We do not serve advertising of any kind. We do not use children’s data for any commercial purpose. We do not share children’s data with advertisers, data brokers, or third-party marketing platforms. Ever.

3.6 Parental Control

Parents have full control over their child’s vault at all times:

• Add or remove contributors
• Delete individual entries
• Delete the entire vault
• Transfer vault ownership to a designated trustee
• Request complete data deletion

4. Absolute Prohibitions — Zero Tolerance

The following are strictly prohibited on untilThen and will result in immediate account termination, reporting to law enforcement, and vigorous legal action:

4.1 Child Sexual Abuse Material (CSAM)

The upload, storage, sharing, or distribution of any sexually explicit material involving minors is absolutely prohibited. This includes photographs, videos, illustrations, or any other media.

Any such content discovered on our platform will be:

1. Immediately removed
2. Reported to the National Center for Missing and Exploited Children (NCMEC) as required by law
3. Reported to the FBI and relevant law enforcement agencies
4. Subject to the fullest civil and criminal legal action available

We take this with absolute seriousness. There are no warnings, no second chances, and no exceptions.

4.2 Grooming or Exploitation

Using untilThen to groom, exploit, manipulate, or gain inappropriate access to minors is strictly prohibited and will be reported to law enforcement immediately.

4.3 Misrepresentation

Creating accounts with false identities to gain access to a child’s vault or to deceive contributors or recipients is prohibited.

4.4 Unauthorised Access

Attempting to access sealed vault content before the reveal date through any technical means is prohibited.

5. How We Use Your Information

We use the information we collect to:

• Provide and improve the untilThen service
• Send emails you’ve requested (confirmation emails, contributor invites, reveal day emails)
• Send occasional product updates (maximum once per month — you can unsubscribe at any time)
• Detect and prevent fraud and abuse
• Comply with legal obligations
• Respond to your support requests

We do not use your information for:

• Advertising or marketing to third parties
• Selling to data brokers
• Training AI models
• Any purpose not listed above

6. How We Share Your Information

We share your information only in these limited circumstances:

6.1 Service Providers

We use trusted third-party services to operate untilThen:

• Clerk — authentication and account management
• Railway — hosting and database
• Cloudflare — media storage and DNS
• Resend — email delivery
• Square — payment processing
• PostHog — anonymised analytics

Each provider is bound by their own privacy policies and data processing agreements. We share only the minimum data necessary for each provider to perform their service.

6.2 Contributors You Invite

When you invite a contributor, we share the child’s name and the occasion details with them so they can contribute meaningfully. We do not share the child’s date of birth, your contact details, or any other personal information with contributors.

6.3 Legal Requirements

We may disclose information if required by law, court order, or to protect the safety of our users or the public. We will notify you of any such disclosure where legally permitted to do so.

6.4 Business Transfer

If untilThen is acquired or merged, your data may transfer to the new entity. We will notify you before any such transfer and give you the opportunity to delete your account.

We do not sell your personal information. Ever.

7. Data Storage and Security

7.1 Where We Store Data

Your data is stored on servers located in the United States. If you are located outside the United States, your data is transferred to and processed in the United States.

7.2 How We Protect Your Data

• All data is encrypted in transit (TLS/HTTPS)
• All data is encrypted at rest
• Media files are stored in Cloudflare R2 with signed, time-limited access URLs
• Sealed vault content is never transmitted to a child’s device until the reveal date
• Passwords are managed by Clerk and never stored in plain text
• Access to production systems is restricted to authorised personnel only

7.3 Data Retention

• Active accounts: Data retained for as long as your subscription is active
• Cancelled subscriptions: Entries preserved for 12 months after cancellation, then deleted with 30 days notice
• Gift Capsule drafts: Deleted after 7 days if not activated
• Deleted accounts: Data purged within 30 days of account deletion request
• Legal holds: Data retained as required by law

8. Your Rights

Depending on your location, you may have the following rights:

8.1 Access

You can request a copy of all personal data we hold about you by emailing hello@untilthenapp.io.

8.2 Correction

You can update your personal information at any time from your account settings.

8.3 Deletion

You can request deletion of your account and all associated data from your account settings or by emailing hello@untilthenapp.io. We will process deletion requests within 30 days.

8.4 Data Export

You can request a full export of your vault contents — letters, photos, voice notes, and videos — by emailing hello@untilthenapp.io.

8.5 Opt-out of Communications

You can unsubscribe from all non-essential emails at any time using the unsubscribe link in any email or from your account notification settings.

8.6 CCPA Rights (California Residents)

California residents have additional rights under the California Consumer Privacy Act including the right to know, right to delete, and right to opt-out of sale (we do not sell data). Contact hello@untilthenapp.io to exercise these rights.

8.7 GDPR Rights (EU/UK Residents)

EU and UK residents have rights under GDPR including access, rectification, erasure, restriction, portability, and objection. Contact hello@untilthenapp.io to exercise these rights.

9. Cookies

We use cookies to:

• Keep you logged in (essential — cannot be disabled)
• Remember your preferences (functional)
• Understand how the product is used (analytics — PostHog)

You can control cookie settings through your browser. Disabling essential cookies may prevent the app from functioning correctly.

10. Changes to This Policy

We will notify you of material changes to this Privacy Policy by email and by posting a notice on the app. Your continued use of untilThen after changes are posted constitutes acceptance of the updated policy.

11. Contact Us

Privacy inquiries: hello@untilthenapp.io
Child safety concerns: hello@untilthenapp.io
General support: hello@untilthenapp.io

To report child sexual abuse material or child exploitation, contact:

• NCMEC CyberTipline: www.missingkids.org/gethelpnow/cybertipline or 1-800-843-5678
• FBI: tips.fbi.gov
• Local law enforcement: 911

This Privacy Policy was last updated on April 15, 2026. A lawyer review is recommended before this policy is considered final for legal purposes.