Privacy Policy

Last Updated: December 26, 2024

Introduction

Welcome to LaterLetter, operated by Paperbrain LLC ("we," "us," or "our"). We are committed to protecting your privacy and handling your personal information with care. This Privacy Policy explains how we collect, use, store, and protect your information when you use our service at laterletter.app (the "Service").

By using LaterLetter, you agree to the collection and use of information in accordance with this policy.

Information We Collect

Information You Provide

  • Account Information: Email address, name (optional), password (encrypted), and timezone preferences.
  • Letter Content: The text, photos, and any other content you include in your letters to your future self.
  • Profile Information: Avatar image, notification preferences, and other settings you configure.

Information Collected Automatically

  • Usage Data: We use PostHog to collect analytics data about how you interact with our Service, including pages visited, features used, and user behavior patterns.
  • Device Information: Browser type, operating system, device identifiers, and IP address.
  • Cookies and Similar Technologies: We use cookies and local storage to maintain your session and improve your experience.

Information from Third Parties

  • OAuth Providers: If you sign up using Google or Apple, we receive your email address and name from these providers.

How We Use Your Information

We use your information to:

  • Provide, maintain, and improve the Service
  • Create and manage your account
  • Store your letters and deliver them to you at your specified future dates
  • Send you email notifications about letter deliveries and service updates
  • Respond to your support requests and communications
  • Analyze usage patterns to improve our features and user experience
  • Detect, prevent, and address technical issues or fraudulent activity
  • Comply with legal obligations

How We Store and Protect Your Information

Data Storage

Your data is stored using industry-leading third-party services:

  • Supabase: Database and authentication (hosted on AWS)
  • Supabase Storage: Photo uploads
  • Vercel: Application hosting

Security Measures

We implement appropriate technical and organizational security measures to protect your information:

  • All data transmitted to and from our Service is encrypted using SSL/TLS
  • Passwords are hashed and encrypted using industry-standard algorithms
  • Row-Level Security (RLS) policies ensure users can only access their own data
  • Sealed letters' content is not returned via API until delivery date
  • Regular security updates and monitoring

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee absolute security.

Data Sharing and Disclosure

We do not sell, rent, or trade your personal information.

We may share your information only in the following limited circumstances:

Service Providers

We work with third-party service providers who help us operate the Service:

  • Supabase: Database, authentication, and file storage
  • Resend: Email delivery service
  • PostHog: Analytics and product insights
  • Vercel: Hosting and infrastructure

These providers are contractually obligated to protect your data and only use it to provide services to us.

Legal Requirements

We may disclose your information if required by law or in response to:

  • Valid legal processes (subpoenas, court orders)
  • Requests from law enforcement or government agencies
  • Protection of our rights, property, or safety, or that of our users
  • Investigation of fraud or security issues

Your Rights and Choices

You have the following rights regarding your personal information:

Access and Portability

You can access and download all your letters at any time through the Settings page ("Export My Letters" feature).

Correction

You can update your profile information (name, timezone, preferences) in the Settings page.

Deletion

You can request deletion of your account and all associated data through the Settings page ("Delete Account" option). Upon deletion:

  • Your account will be permanently deleted
  • All your letters and content will be removed from our database
  • Your photos will be deleted from our storage
  • This action cannot be undone

Email Preferences

You can manage your email notification preferences in the Settings page. Note that certain emails (like letter delivery notifications) are essential to the Service.

Cookie Controls

You can control cookies through your browser settings. Disabling cookies may affect your ability to use certain features of the Service.

Data Retention

We retain your information for as long as your account is active or as needed to provide you the Service:

  • Letters: Stored indefinitely until you delete them or close your account
  • Account Information: Retained until you delete your account
  • Analytics Data: Aggregated and anonymized data may be retained for product improvement purposes
  • Deleted Data: Permanently removed from active systems within 30 days of deletion request

Age Requirement

LaterLetter is intended for users who are 18 years of age or older. We do not knowingly collect personal information from individuals under 18. If you believe we have collected information from someone under 18, please contact us immediately at privacy@laterletter.app, and we will delete such information.

International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that differ from your country. By using the Service, you consent to the transfer of your information to the United States and other countries where our service providers operate.

California Privacy Rights

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to know what personal information we collect, use, and disclose
  • Right to request deletion of your personal information
  • Right to opt-out of the sale of personal information (we do not sell your data)
  • Right to non-discrimination for exercising your privacy rights

To exercise these rights, please contact us at privacy@laterletter.app.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

  • Posting the new Privacy Policy on this page
  • Updating the "Last Updated" date
  • Sending you an email notification (for significant changes)

Your continued use of the Service after any changes indicates your acceptance of the updated Privacy Policy.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

Paperbrain LLC

Email: privacy@laterletter.app

Website: laterletter.app