Afterglow Digital Heirloom LogoAfterglow

Privacy Policy

Privacy policy for Afterglow Digital Heirloom
Oct 24, 2025

Effective Date: January 15, 2026

1. Introduction

Afterglow ("we," "our," or "us") is committed to protecting your privacy. We operate on a Zero-Knowledge Encryption architecture, ensuring that your sensitive data remains private and accessible only to you and your designated beneficiaries. This policy explains how we collect, use, and protect your information when you use our platform.

2. Data We Collect

Under the principle of data minimization, we only collect information essential for our service:

Identity & Contact Data: Email address. Purpose: Account creation, authentication, and heartbeat alerts.

Financial Data: Payment history and subscription tier (Free/Base/Pro). We do not store full credit card numbers; payments are processed via secure third parties (e.g., Stripe).

Technical Data: IP address, browser type, and login logs. Purpose: Security monitoring and fraud prevention.

Encrypted Vault Data: Your uploaded content. Important: This data is encrypted locally on your device before transmission. We do not hold your master password or private keys, meaning we cannot decrypt or view your assets.

3. Zero-Knowledge Architecture

Our service is built on local encryption:

Encryption/Decryption occurs solely within your browser or client application.

Your Master Password is never transmitted to our servers.

Risk Warning: If you lose your Master Password or physical fragments (Fragment A/B), we cannot recover your data.

We process your data based on:

Contractual Necessity: To provide vault hosting and inheritance services.

Legal Obligation: For tax records or regulatory compliance.

Legitimate Interests: To maintain the security and integrity of our platform.

5. Cookies and Third-Party Technologies

We use cookies to enhance your experience:

Essential Cookies: For maintaining your session.

Analytics & Advertising Cookies: We use Google AdSense and Analytics. These third parties may use cookies to serve ads based on your visits to this and other websites. You can opt-out via your browser settings.

6. Data Retention

Active Accounts: Data is kept as long as your account is active.

Inactive Accounts: For Free tier users, if a heartbeat check-in is missed for over 180 days, metadata may be flagged for deletion following our sanitization protocols.

7. Your Rights

Under the GDPR, you have the right to access, rectify, or erase your personal data ("Right to be Forgotten"). You may also request data portability.

8. Contact Us

For privacy inquiries, contact our Data Protection Officer at: support@digitalheirloom.app