1. Introduction

Welcome to Firefly Grove ("we," "our," or "us"). We are committed to protecting your privacy and handling your personal information with the utmost care and respect. This Privacy Policy explains how we collect, use, store, and protect your information when you use our memory preservation platform at fireflygrove.app (the "Service").

Our Core Privacy Principles:

• Your Memories Are Yours: You own all content you create. We never sell your personal data or memories to third parties.
• Privacy by Design: Privacy controls are built into every feature, allowing you to decide who sees what.
• Transparency: We clearly explain what data we collect and why.
• Security First: We use industry-standard encryption and security measures to protect your information.
• Your Control: You can access, download, or delete your data at any time.

By using Firefly Grove, you agree to the terms of this Privacy Policy. If you do not agree, please do not use our Service.

2. Information We Collect

2.1 Information You Provide Directly

Account Information:

• Name and email address (required for account creation)
• Password (encrypted and never stored in plain text)
• Payment information (processed securely by Stripe, not stored on our servers)

Content You Create:

• Memories (text, photos, audio recordings)
• Tree and branch names and descriptions
• Comments and annotations
• Dates, locations, and metadata you add to memories
• Files you upload (photos, audio, video)

Communication Data:

• Messages you send through our feedback system
• Support requests and correspondence
• Email preferences and notification settings

2.2 Information We Collect Automatically

Technical Information:

• IP address and geographic location (approximate)
• Browser type and version
• Device type (desktop, mobile, tablet)
• Operating system
• Referring website or source
• Pages visited and features used
• Date and time of visits
• Session duration

Analytics Data:

• Feature usage patterns (which features you use most)
• Performance metrics (page load times, errors)
• User journey data (how you navigate through the Service)
• Engagement metrics (time spent, actions taken)

2.3 Information from Third Parties

Payment Processors:

• Transaction confirmations from Stripe (payment success/failure)
• Subscription status updates
• Billing dispute information

Social Authentication (if you choose to use it):

• Basic profile information (name, email) from Google, Facebook, or other authentication providers
• Profile picture (if you choose to import it)

3. How We Use Your Information

3.1 To Provide and Improve Our Service

• Create and maintain your account
• Store and organize your memories securely
• Enable you to create trees, branches, and memories
• Process uploads (photos, audio, video)
• Generate AI-powered writing prompts (Spark Collections)
• Provide search and discovery features
• Enable collaboration and sharing with family members
• Facilitate legacy planning and tree transfers
• Improve our algorithms and user experience
• Fix bugs and optimize performance

3.2 To Process Payments and Subscriptions

• Process subscription payments securely via Stripe
• Manage your subscription tier and tree limits
• Process purchases from Grove Exchange (greeting cards, etc.)
• Send receipts and billing notifications
• Handle refunds and billing disputes
• Detect and prevent fraud

3.3 To Communicate With You

• Send account-related emails (welcome, password reset, security alerts)
• Notify you of subscription changes, renewals, or expirations
• Send tree transfer invitations you request
• Respond to your support requests and feedback
• Send optional product updates and feature announcements (you can opt out)
• Send marketing emails (only if you consent - you can unsubscribe anytime)

3.4 For Legal and Security Purposes

• Comply with legal obligations and court orders
• Protect against fraud, abuse, and security threats
• Enforce our Terms of Service
• Protect our rights, property, and safety
• Protect the rights and safety of our users
• Investigate and prevent illegal activities

3.5 With Your Consent

• For any other purpose disclosed to you at the time of collection
• For research or analytics (always anonymized)
• For testimonials or case studies (with explicit permission)

We DO NOT:
• Sell your personal information to anyone, ever
• Share your memories with third parties for advertising
• Use your content to train AI models without consent
• Access your private memories without your permission or legal requirement

4. Data Storage and Security

4.1 How We Protect Your Data

Encryption:

• All data transmitted to and from our servers uses TLS/SSL encryption (HTTPS)
• Passwords are hashed using bcrypt with industry-standard salt rounds
• Sensitive data is encrypted at rest in our database
• Payment information is encrypted and processed by Stripe (PCI-DSS compliant)

Infrastructure Security:

• Hosted on Vercel's secure, SOC 2 Type II certified infrastructure
• Database hosted on Neon (PostgreSQL) with automatic backups
• File storage on Vercel Blob with access controls
• Regular security patches and updates
• Automated vulnerability scanning
• DDoS protection and rate limiting

Access Controls:

• Multi-factor authentication for admin accounts
• Role-based access control (RBAC)
• Audit logs for all administrative actions
• Limited employee access to production systems
• Background checks for employees with data access

4.2 Data Backup and Recovery

• Automated daily backups of all data
• 30-day backup retention policy
• Disaster recovery plan with 24-hour recovery time objective (RTO)
• Geographic redundancy across multiple data centers

4.3 Your Responsibility

While we implement strong security measures, you also play a role in protecting your account:

• Use a strong, unique password
• Never share your password with anyone
• Log out of shared devices
• Report suspicious activity immediately
• Keep your email account secure (it's used for password reset)

Security Notice: No method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee absolute security. In the unlikely event of a data breach affecting your account, we will notify you within 72 hours via email and provide details about what information was compromised and what steps we're taking.

5. Third-Party Services

We use carefully selected third-party services to operate Firefly Grove. Each service has been vetted for security and privacy compliance.

5.1 Services We Use

Stripe (Payment Processing)

• Purpose: Process subscription payments and product purchases
• Data Shared: Name, email, payment card information
• Privacy Policy: stripe.com/privacy
• Compliance: PCI-DSS Level 1, GDPR compliant

Resend (Email Delivery)

• Purpose: Send transactional emails (account notifications, password resets, tree transfer invitations)
• Data Shared: Email address, name, email content
• Privacy Policy: resend.com/legal/privacy-policy
• Compliance: GDPR compliant

Vercel (Hosting & File Storage)

• Purpose: Host our application and store uploaded files (photos, audio)
• Data Shared: All application data, uploaded media files
• Privacy Policy: vercel.com/legal/privacy-policy
• Compliance: SOC 2 Type II, GDPR compliant, ISO 27001

Neon (Database)

• Purpose: Store user accounts, memories, and application data
• Data Shared: All structured data (accounts, trees, branches, memories)
• Privacy Policy: neon.tech/privacy-policy
• Compliance: SOC 2 Type II, GDPR compliant

OpenAI (AI Features)

• Purpose: Generate writing prompts (Spark Collections) and content suggestions
• Data Shared: Anonymized context for prompt generation (no personally identifiable information)
• Privacy Policy: openai.com/policies/privacy-policy
• Data Use: We do NOT send your memories or personal content to OpenAI. Only generic prompts are generated.

5.2 Analytics (Privacy-Focused)

We collect analytics to improve the Service, but we prioritize your privacy:

• We use our own analytics system (not Google Analytics)
• We do NOT track you across websites
• We do NOT sell analytics data to third parties
• We anonymize IP addresses
• We aggregate data to prevent individual identification

5.3 Links to Third-Party Websites

Our Service may contain links to third-party websites (e.g., social media, external resources). We are not responsible for the privacy practices of these external sites. We encourage you to read their privacy policies before providing any information.

6. Cookies and Tracking Technologies

6.1 What Are Cookies?

Cookies are small text files stored on your device by your web browser. They help us remember you, keep you logged in, and understand how you use our Service.

6.2 Types of Cookies We Use

Essential Cookies (Required)

• Session cookies: Keep you logged in during your session
• Security cookies: Detect authentication abuse and protect your account
• CSRF tokens: Prevent cross-site request forgery attacks

These cookies are necessary for the Service to function. They cannot be disabled.

Functional Cookies (Optional)

• Preferences: Remember your settings (theme, language, etc.)
• Recent activity: Remember recently viewed trees/branches

Analytics Cookies (Optional)

• Usage tracking: Understand which features are most popular
• Performance monitoring: Identify slow pages and errors
• A/B testing: Test new features with small groups

6.3 Managing Cookies

You can control cookies through:

• Your browser settings: Most browsers allow you to refuse cookies or delete existing ones
• Our cookie banner: Manage your preferences when you first visit
• Your account settings: Disable optional analytics cookies

Note: Disabling essential cookies will prevent you from using the Service. Disabling optional cookies may limit some features but won't prevent core functionality.

6.4 Do Not Track (DNT)

We respect the "Do Not Track" browser setting. When DNT is enabled, we:

• Disable all optional analytics cookies
• Do not track your browsing behavior
• Do not share usage data with third parties

7. Your Privacy Rights

You have significant control over your personal information. Here are your rights:

7.1 Access Your Data

You have the right to:

• View all personal information we have about you
• Download a copy of your data (data portability)
• Request a comprehensive data report

How to exercise: Go to Settings → Privacy → "Download My Data"

7.2 Correct Your Data

You have the right to:

• Update your name, email, and profile information
• Correct inaccurate information
• Edit or delete memories you've created

How to exercise: Edit directly in your account or contact us

7.3 Delete Your Data

You have the right to:

• Delete your entire account
• Delete specific memories, trees, or branches
• Request permanent deletion (right to be forgotten)

How to exercise: Settings → Account → "Delete Account" or contact us

Important: Account deletion is permanent and irreversible. All your memories, photos, and data will be permanently deleted within 30 days. We will send a confirmation email before deletion. If you have active subscriptions, they will be canceled (no refund for unused time).

7.4 Restrict Processing

You have the right to:

• Pause analytics tracking
• Disable AI-generated prompts
• Opt out of optional features
• Temporarily freeze your account

7.5 Object to Processing

You have the right to:

• Opt out of marketing emails (unsubscribe link in every email)
• Opt out of analytics and tracking
• Object to automated decision-making

7.6 Data Portability

You have the right to:

• Export all your data in machine-readable formats (JSON, CSV)
• Export all media files (photos, audio) in original quality
• Transfer your data to another service

How to exercise: Settings → Export → "Download Full Backup"

7.7 Withdraw Consent

You have the right to:

• Withdraw consent for optional features at any time
• Change privacy settings for memories (Private → Legacy, etc.)
• Revoke access for shared trees/branches

8. Data Retention and Deletion

8.1 How Long We Keep Your Data

Active Accounts:

• We retain your data as long as your account is active
• No automatic deletion for inactive accounts
• Your memories are preserved indefinitely (that's our purpose!)

Deleted Accounts:

• 30-day grace period: Account marked for deletion but recoverable
• After 30 days: Permanent deletion from all systems and backups
• Exceptions: We may retain limited data for legal compliance (tax records, fraud prevention)

Subscription Data:

• Payment records: 7 years (tax and legal requirements)
• Billing history: Duration of subscription + 7 years
• Canceled subscriptions: Immediate anonymization, 7-year retention for financial records

Support Communications:

• Support tickets: 3 years after resolution
• Feedback submissions: Indefinitely (anonymized after 1 year)

Analytics Data:

• Raw analytics: 90 days
• Aggregated analytics: Indefinitely (fully anonymized)

8.2 Deceased User Accounts

Firefly Grove is designed to preserve memories after death. If a user passes away:

• Accounts are NOT automatically deleted
• Legacy trees can be transferred to designated heirs (if configured)
• Family members can request access with proper documentation (death certificate)
• Trustees can manage accounts as designated by the user

For more details, see our Legacy Planning documentation.

9. Children's Privacy (COPPA Compliance)

Firefly Grove is intended for users age 13 and older. We do not knowingly collect personal information from children under 13 without parental consent.

9.1 Age Verification

• Users must confirm they are 13+ during signup
• We do not intentionally market to children under 13
• Parental consent required for users under 13

9.2 Children's Content

Parents and guardians may create content about children, including:

• Memories of childhood events
• Photos and videos of minors
• Family history including children

Parent Responsibility: Parents are responsible for decisions about what content to create about their children. We recommend using privacy settings appropriately.

9.3 If We Discover Underage Users

If we discover a user under 13 created an account without parental consent:

• We will immediately suspend the account
• We will delete all personal information within 30 days
• We will notify the email address on file
• Parents can contact us to verify age and restore access with consent

Parents: If you believe your child under 13 has created an account without your permission, please contact us immediately at mrpoffice@gmail.com and we will delete the account.

10. International Data Transfers

10.1 Where Your Data Is Stored

Firefly Grove operates globally, and your data may be transferred to and stored in countries outside your country of residence, including the United States.

Data Locations:

• Primary servers: United States (Vercel, AWS)
• Database: United States or EU (Neon, with geographic options)
• File storage: Global CDN (Vercel Blob) with regional caching
• Backups: Multiple geographic regions for redundancy

10.2 EU-US Data Transfers (GDPR Compliance)

For users in the European Economic Area (EEA), UK, or Switzerland:

• We rely on Standard Contractual Clauses (SCCs) approved by the European Commission
• Our hosting providers (Vercel, AWS, Neon) are certified under EU-US Data Privacy Framework
• We implement additional safeguards including encryption and access controls
• You have the right to object to international transfers

10.3 Data Localization Requests

If you require data to be stored in a specific region for legal or compliance reasons, please contact us. We may be able to accommodate regional storage for Enterprise customers.

11. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA).

11.1 Right to Know

You have the right to request:

• Categories of personal information we collect
• Specific pieces of personal information we have about you
• Categories of sources from which we collect information
• Business or commercial purposes for collecting information
• Categories of third parties with whom we share information

11.2 Right to Delete

You have the right to request deletion of personal information we collected from you, subject to certain exceptions.

11.3 Right to Opt-Out of Sale

We DO NOT sell your personal information. We have not sold personal information in the past 12 months and do not intend to sell it in the future.

11.4 Right to Non-Discrimination

We will not discriminate against you for exercising your CCPA rights, including by:

• Denying goods or services
• Charging different prices or rates
• Providing different quality of service
• Suggesting you will receive different pricing or quality

11.5 How to Exercise Your Rights

California residents can exercise these rights by:

• Email: mrpoffice@gmail.com with subject "CCPA Request"
• In-app: Settings → Privacy → "California Privacy Rights"
• Phone: (Available upon request)

We will respond to verified requests within 45 days.

11.6 Authorized Agents

You may designate an authorized agent to make requests on your behalf. The agent must provide proof of authorization.

11.7 California "Shine the Light" Law

Under California Civil Code Section 1798.83, California residents can request information about disclosure of personal information to third parties for direct marketing purposes. As stated above, we do not share personal information with third parties for their direct marketing purposes.

12. European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have additional rights under the General Data Protection Regulation (GDPR).

12.1 Legal Basis for Processing

We process your personal data under the following legal bases:

Contract Performance:

• To provide the Service you signed up for
• To process payments and manage subscriptions
• To deliver features you've requested

Legitimate Interest:

• To improve and optimize the Service
• To detect and prevent fraud
• To ensure security of our systems
• To analyze usage patterns (anonymized)

Consent:

• For marketing emails (you can withdraw consent anytime)
• For optional analytics cookies
• For sharing content publicly

Legal Obligation:

• To comply with tax and accounting laws
• To respond to law enforcement requests
• To enforce our Terms of Service

12.2 Your GDPR Rights

Right of Access (Article 15):

You can request a copy of all personal data we hold about you.

Right to Rectification (Article 16):

You can correct inaccurate or incomplete data.

Right to Erasure / "Right to be Forgotten" (Article 17):

You can request deletion of your data in certain circumstances.

Right to Restriction of Processing (Article 18):

You can request we stop processing your data temporarily.

Right to Data Portability (Article 20):

You can receive your data in a structured, machine-readable format.

Right to Object (Article 21):

You can object to processing based on legitimate interest or for direct marketing.

Right to Not Be Subject to Automated Decision-Making (Article 22):

You can opt out of automated decisions that significantly affect you.

12.3 Data Protection Officer (DPO)

While we are not currently required to appoint a DPO, you can contact our privacy team with any concerns:

• Email: mrpoffice@gmail.com
• Subject: "GDPR Privacy Request"

12.4 Right to Lodge a Complaint

If you believe we have violated your privacy rights, you have the right to lodge a complaint with your local supervisory authority:

• EU: Contact your national Data Protection Authority (DPA)
• UK: Information Commissioner's Office (ICO) - ico.org.uk

12.5 Response Time

We will respond to all GDPR requests within one month (30 days) of receiving your request. In complex cases, we may extend this by two additional months, but we will inform you of the extension and the reasons.

13. Changes to This Privacy Policy

13.1 How We Update This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

13.2 Notice of Material Changes

If we make material changes that affect how we use your personal information, we will notify you by:

• Email notification to your registered email address
• In-app banner when you log in
• Updating the "Last Updated" date at the top of this policy

13.3 Your Options After Changes

After we notify you of changes:

• You have 30 days to review the changes
• Continued use of the Service constitutes acceptance of the new policy
• If you disagree with the changes, you can delete your account before they take effect
• For material changes, we may require explicit consent before applying them to existing data

13.4 Version History

You can request previous versions of this Privacy Policy by contacting us at mrpoffice@gmail.com.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

14.1 Emergency Requests

For urgent security or privacy concerns (e.g., unauthorized access to your account), please mark your email as "URGENT" and we will respond within 24 hours.