Privacy Policy

About This Policy

Heritage Whisper LLC ("we," "us," or "our") operates HeritageWhisper.com, a mobile application that helps families preserve and share life stories through AI-powered voice interviews. This Privacy Policy explains how we collect, use, store, and share your personal information.

By using HeritageWhisper, you agree to this Privacy Policy. If you disagree with any part of this policy, do not use our service.

Questions? Contact us at privacy@heritagewhisper.com

Table of Contents

1. What Information We Collect
2. How We Use Your Information
3. Who We Share Your Information With
4. AI Processing and Voice Recordings
5. Pearl AI Interviewer
6. Content Ownership and Your Rights
7. Family Sharing and Collaboration
8. Data Security
9. Data Retention and Deletion
10. What Happens to Your Account
11. Children's Privacy
12. Cookies and Tracking
13. California Privacy Rights
14. International Users
15. Changes to This Policy
16. Contact Us
17. How to Exercise Your Rights

1. What Information We Collect

Information You Provide Directly

Information Collected Automatically

Information We Do NOT Collect

• Social Security Numbers
• Driver's license numbers
• Precise GPS location
• Health/medical records (unless you choose to include them in your stories)
• Financial account numbers (beyond what Stripe processes)

2. How We Use Your Information

We use your information to:

We do NOT use your information to:

• Train AI models (your stories remain private)
• Sell or rent to third parties
• Send marketing emails (unless you opt in)
• Track you across other websites

3. Who We Share Your Information With

Service Providers We Use

Infrastructure Providers

When We Share Your Story Content

• With family members you explicitly authorize through our sharing features. You control who sees what.
• With legal authorities if required by valid legal process (subpoena, court order).
• In a business transfer if we're acquired or merged, but only under equivalent privacy protections.

What We NEVER Do

• Sell your personal information to anyone
• Share your stories publicly without your permission
• Use your content for advertising or marketing
• Provide your data to data brokers

4. AI Processing and Voice Recordings

How AI Works in HeritageWhisper

Your AI Content Rights

You retain full control:

• Edit or delete any AI-generated content
• Regenerate questions or insights

We guarantee:

• Your stories are NEVER used to train AI models
• OpenAI processes data per their enterprise terms (no training on customer data)
• AI-generated insights are suggestions only—you decide what's accurate

Data protection:

• All API calls are encrypted
• No audio is permanently stored by AI providers
• Processing is real-time and ephemeral

4a. Pearl AI Interviewer (Coming Soon)

Pearl is our AI interviewer who helps you tell your stories through conversation.

How Pearl Works:

• You have a spoken conversation with Pearl about your memories
• The full conversation is recorded and saved to your account
• Pearl helps identify story moments you can save
• You control which parts of the interview become permanent stories

What We Collect:

• Full audio of your interview sessions
• Transcripts of the conversation
• Story moments detected during the interview

Your Control: You can delete any interview session or individual story at any time.

5. Content Ownership and Your Rights

You Own Your Content

• Full ownership: You retain complete copyright and ownership of all voice recordings, stories, photos, and text you create.
• Our limited license: You grant us permission to:
  • Store and process your content to provide our services
  • Display your content to family members you authorize
  • Create backups for data protection
• Data portability: At any time, you can:
  • Download all your recordings (original audio files)
  • Export transcriptions as text files
  • Save photos and metadata
  • Delete individual stories or your entire account

No hidden claims: HeritageWhisper claims zero ownership rights to your content. When you delete content, we delete it (except for temporary backups, see Section 8).

Archive Downloads — Your Digital Heirloom

Most platforms give you messy technical files or hold your data hostage. We believe in Digital Sovereignty—your stories belong to you, forever.

How it works:

• Request your archive from Settings
• Receive a secure download link via email
• Download link valid for 7 days
• Archive files automatically deleted from our servers after 48 hours for your security
• Generate a new archive anytime (limit: 1 per day)

No cloud dependency, no subscription required to view, no expiration date. Your legacy is truly yours to keep.

6. Family Sharing and Collaboration

Default Privacy

All stories are private by default. Nobody can access your content unless you explicitly grant permission.

Permission Levels

How Family Sharing Works

When you invite a family member:

• They receive an email invitation with a secure access link
• They can view your stories without creating an account
• If you set them as "Contributor," they can submit questions for you to answer
• All stories remain yours—family members cannot add or edit content

Content control and privacy:

• You own and control all stories, photos, and recordings
• Family members see only what you've explicitly shared
• You can change permission levels or remove access at any time
• If you delete your account, all shared access is immediately revoked

Managing Family Access

You can:

• Change family members from Viewer to Contributor (or vice versa)
• Remove any family member's access at any time
• See when family members view your stories
• See which family member submitted each question
• Control email notifications for your family members

7. Data Security

How We Protect Your Information

What We Cannot Guarantee

Like all online services, we can't guarantee 100% security. While we use industry-standard protections and monitor 24/7, we cannot guarantee absolute protection against:

• Extremely rare security breaches (we monitor constantly to prevent these)
• Someone gaining unauthorized access to systems beyond our control
• Security issues with your personal devices

You should:

• Use a strong, unique password
• Enable two-factor authentication
• Keep your devices secure
• Log out on shared devices

Data Breach Notification

If we discover a breach affecting your personal information, we will:

• Notify you promptly via email
• Explain what happened and what data was affected
• Describe what we're doing to fix it
• Provide guidance on protecting yourself

8. Data Retention and Deletion

How Long We Keep Your Information

After You Delete Your Account

Legal Retention

We may retain some information longer if required by:

• Law enforcement requests
• Pending litigation
• Tax/accounting regulations (transaction records only)

What we keep:

• Payment history: 7 years (IRS requirement)
• Support tickets: 3 years
• Fraud investigations: As needed

9. What Happens to Your Account

Keeping Your Stories Safe

Your stories are precious family memories. Here's how we protect them:

• We never delete your stories automatically. Even if your subscription ends, your content stays safe.
• Download anytime. You can download all your recordings, photos, and transcriptions at any time.
• Share with family. Invite family members to view your stories—they'll keep access even if something happens to you. For detailed legacy planning, contact privacy@heritagewhisper.com.

Account Closure

If you decide to close your account or if we need to close an inactive account:

• We'll send you an email notification before any closure
• You'll have time to download everything before deletion
• Once deleted, your stories are permanently removed and cannot be recovered

10. Children's Privacy

Age Restrictions

• Under 13: We do not knowingly collect information from children under 13. If we discover we've collected such information, we will delete it immediately.
• Ages 13-17: Minors aged 13-17 may use HeritageWhisper only with verifiable parental consent. Parents must create the account and maintain control.

If You're a Parent

If you believe your child under 13 has provided information to us, contact privacy@heritagewhisper.com immediately and we will delete it.

11. Cookies and Tracking

Cookies We Use

We Do NOT Use

• Third-party advertising cookies (Google Analytics doesn't share your data for ads)
• Cross-site tracking (we don't follow you around the internet)
• Social media tracking pixels (no Facebook, Twitter, etc.)
• Behavioral targeting (we don't build profiles to sell to advertisers)

How to Control Cookies

Browser settings: Most browsers let you:

• Block all cookies
• Delete existing cookies
• Get warnings before cookies are set

Impact of blocking: If you block essential cookies, you won't be able to log in or use core features.

"Do Not Track" & "Global Privacy Control" Browser Settings

Some web browsers have privacy settings called "Do Not Track" (DNT) or "Global Privacy Control" (GPC). These tell websites you don't want to be tracked or have your data shared for advertising.

We respect both settings. If your browser sends a DNT or GPC signal, we automatically disable Google Analytics on our public pages. Your stories and personal timeline are never tracked regardless of these settings.

How to enable GPC: Many modern browsers like Firefox, Brave, and DuckDuckGo have built-in GPC support in their privacy settings.

12. California Privacy Rights

Your California Rights (CCPA/CPRA)

California residents have specific rights regarding personal information:

• Right to Know: Request details about personal information we've collected in the past 12 months
• Right to Delete: Request deletion of your personal information
• Right to Correct: Fix inaccuracies in your data
• Right to Opt-Out: We don't sell or share for advertising, so nothing to opt out of
• Right to Non-Discrimination: We won't treat you differently for exercising your rights
• Right to Limit Sensitive Data Use: Request we only use sensitive information for essential services

What Personal Information We Collect (Last 12 Months)

How to Exercise California Rights

Request form: Email privacy@heritagewhisper.com with subject "California Privacy Request"

Include:

• Your full name
• Account email address
• Specific request (access, delete, correct)
• Verification info (we'll confirm your identity)

• Response time: We'll respond within 45 days (may extend to 90 for complex requests)
• Authorized agents: You may designate someone to make requests on your behalf (requires written authorization)

California "Shine the Light" Law

Once per year, California residents can request a list of third parties we've shared personal information with for their direct marketing. We don't share for marketing purposes, so this list will be empty.

13. International Users

HeritageWhisper is operated from the United States for US customers. All data is stored on US-based servers and governed by US privacy laws.

We do not currently offer services to residents of the European Union or United Kingdom. If you use our service from outside the US, your data will be stored in the US and US privacy laws will apply.

14. Changes to This Policy

When We Update This Policy

We may update this Privacy Policy to:

• Reflect new features or services
• Comply with new laws
• Improve clarity

We will notify you of material changes by:

• Email to your registered address
• Prominent notice on our website
• Update to "Last Updated" date at top of policy

Your continued use of HeritageWhisper after changes constitutes acceptance of the updated policy.

If you disagree with changes, you must stop using the service and may request account deletion.

16. How to Exercise Your Rights

You can access, correct, or delete your data at any time: