LegacyRoots AI ("we", "us", "our") is the Data Fiduciary under India's DPDPA and the Data Controller under GDPR for personal data processed through the LegacyRoots AI platform (legacyroots.ai).
Contact for privacy matters: privacy@legacyroots.ai
| Category | Data Elements | Purpose |
|---|---|---|
| Account Registration | Full name, email address, password (hashed), profile photo, phone number, date of birth, gender, bio, place of birth | Identity verification, account management, personalisation |
| Family Tree Profiles | Names, dates of birth/death, gender, relationship types, roles, biographical stories, milestones, achievements, letters, photos, videos | Core service — building and displaying family trees |
| Memorial Profiles | Date of passing, cause of death (optional), eulogy, memorial photos, tribute messages | Memorial page creation and tribute management |
| Payment Information | Billing name, payment method details (card last-4, expiry — stored by payment processor), billing address, transaction IDs, subscription status | Subscription billing and payment processing |
| Invitations | Email addresses of invited family members | Sending tree-join invitations |
| Tributes (External Visitors) | Contributor name, relationship to deceased, tribute text, IP address | Public tribute submission and moderation |
| Support Communications | Ticket content, attached files, email correspondence | Customer support and complaint resolution |
| AI Feature Inputs | Text prompts, names, and story fragments you provide when using AI tools | Generating AI-assisted content |
The Service may involve sensitive personal data including information about deceased persons (date and cause of death), family health history (if voluntarily disclosed in stories), and religious or cultural information (if included in biographical content). We collect this data only when you voluntarily provide it as part of your family record. You should only include sensitive data about third parties when you have their consent or are legally authorised to do so.
| Processing Purpose | Legal Basis (GDPR) | Legal Basis (DPDPA) |
|---|---|---|
| Providing and operating the core Service | Performance of contract | Consent / Legitimate use |
| Account authentication and security | Legitimate interests; Legal obligation | Legitimate use |
| Subscription billing and payment processing | Performance of contract; Legal obligation | Consent |
| Sending transactional emails (invitations, receipts, alerts) | Performance of contract | Legitimate use |
| Product improvement and analytics | Legitimate interests | Consent |
| AI feature processing | Performance of contract; Consent | Consent |
| Customer support | Legitimate interests; Performance of contract | Legitimate use |
| Legal compliance and fraud prevention | Legal obligation; Legitimate interests | Legal obligation |
| Referral programme tracking | Performance of contract | Consent |
| Marketing communications (optional) | Consent | Consent |
When you add information about other people (living or deceased) to your family tree, you act as a data controller or fiduciary for that data in your jurisdiction. By using the Service, you agree that:
LegacyRoots is not directed to children under 13. We do not knowingly collect personal data directly from children under 13. Family trees may contain profile information about minor family members (e.g., a grandchild added to the tree by a grandparent). Such profiles:
If you believe we have inadvertently collected personal data about a child under 13 without proper parental consent, please contact us immediately at privacy@legacyroots.ai and we will delete such data promptly.
Data in a family tree is shared with all members of that tree according to their role. Family Keepers and Co-Keepers can see and manage all data in the tree.
When you initiate or accept a cross-tree link request, a limited preview of your tree (tree name, member names) is shared with the requesting party to facilitate the linking decision. Full data sharing between trees occurs only after both parties accept the link.
If a Family Keeper makes a memorial page public, the following data becomes accessible to the general public: the deceased's name, photos, biographical story, memorial content, and approved tributes. You should not make a memorial page public if it contains information that should remain private.
We share data with vetted processors/sub-processors who assist in operating the Service:
| Provider | Purpose | Data Shared | Location |
|---|---|---|---|
| Google Firebase | Authentication, database, file storage, cloud hosting | Account data, tree data, uploaded files | USA (adequacy/SCCs apply) |
| Stripe Inc. | Payment processing (international) | Payment method details, billing address | USA (SCCs / adequacy) |
| Razorpay Software Pvt. Ltd. | Payment processing (India) | Payment method details, billing address | India |
| AI Model Providers | AI greeting cards, legacy writing assistance | Text prompts you submit to AI features | USA |
| Email Delivery Provider | Transactional emails (invitations, receipts, support) | Email address, name | USA |
All processors are bound by data processing agreements requiring them to process data only per our instructions and maintain appropriate security standards.
We may disclose your data to government authorities, law enforcement, or courts when: (a) required by applicable law or valid legal process; (b) necessary to protect our legal rights; (c) necessary to prevent fraud or imminent physical harm. Where permitted, we will notify you of such requests.
If LegacyRoots AI undergoes a merger, acquisition, or sale of assets, your data may be transferred to the successor entity. We will notify you before your data is subject to a materially different privacy policy and offer you the option to delete your account.
We do not sell, rent, or trade your personal data to third parties for their own marketing or commercial purposes. (For California residents: we do not "sell" or "share" personal information as defined under CCPA/CPRA.)
Your data may be transferred to and processed in countries outside your country of residence, including the United States, where our service providers operate. For transfers of personal data from the EEA, UK, or Switzerland, we rely on: (a) EU Standard Contractual Clauses (SCCs); (b) the EU–US Data Privacy Framework (where applicable); or (c) other lawful transfer mechanisms. For Indian users, international transfers comply with DPDPA cross-border transfer provisions.
LegacyRoots uses the following technologies:
We do not use third-party advertising cookies or tracking pixels.
| Data Type | Retention Period |
|---|---|
| Active account and tree data | For the duration of your account plus 30 days post-deletion request |
| Payment records and billing history | 7 years from the transaction date (legal obligation) |
| Support tickets | 3 years from closure |
| Server access logs | 90 days |
| AI prompt inputs | Not retained beyond the API call (not stored by us); subject to AI provider's retention policy |
| Deleted account data | Purged within 30 days of account deletion, except where legal retention applies |
| Public memorial data (if published) | Retained until the Family Keeper or authorised next-of-kin requests removal |
| Backup copies | Overwritten within 90 days of deletion |
Rights over data pertaining to deceased family members in your tree may be exercised by the Family Keeper, a designated Successor, or a verified next-of-kin upon submission of appropriate documentation.
We implement industry-standard technical and organisational security measures to protect your personal data, including:
Despite these measures, no system is completely secure. We cannot guarantee absolute security. In the event of a data breach affecting your rights, we will notify affected users and relevant authorities as required by law.
LegacyRoots is designed to preserve memories of both living and deceased family members. For deceased individuals:
When you use AI-powered features (greeting card generation, legacy writing assistance):
We may update this Privacy Policy periodically. When we make material changes, we will notify you by email and/or prominent notice in the Service at least 14 days before the changes take effect. The "Last Updated" date at the top of this document reflects the most recent revision. Continued use of the Service after the effective date constitutes acceptance of the updated Policy.
For privacy-related questions, requests, or complaints: