Trust
How we protect
your memories.
Honest, technical answers — no marketing phrases, no certificate logos without substance. If you read this and have concerns, tell us.
Hosting
1. EU hosting in Frankfurt
All data — audio, transcripts, photos, profiles — sits in Supabase EU (Frankfurt, Germany region). Our frontend runs on Vercel's EU edge. There is no replication to third countries, and no transfer of data to the US beyond what is strictly required for Anthropic and OpenAI calls. Both providers are connected under GDPR-compliant Data Processing Agreements (DPA).
Encryption
2. Encryption in transit and at rest
Every HTTP connection runs exclusively over TLS 1.2+ — HSTS is set with `preload`, which prevents accidental HTTP fallbacks. Audio and photo files are stored encrypted at rest in Supabase Storage (AES-256). Database rows are stored using standard Postgres encryption. In addition, the storage buckets for audio and photos are configured non-public — access only via short-lived signed URLs after authentication. An additional application-level encryption of sensitive fields is on the roadmap.
Access control
3. Who has access
Each archive is accessible to: (a) the family admin who created the archive, and (b) family members the admin has explicitly invited and who have accepted the invitation. Other Aile Hafızası users do not see your archive. Search engines are excluded. The Aile Hafızası team has no unsolicited access; every operation on customer data is traceable via audit log.
What we don't do
4. What we will never do
We do not train AI on your family content. We do not clone voices — originals stay originals. We do not sell data. We do not show ads inside your archive. We do not build avatars or chatbots that pretend to be Dede, Nine, or your parents. If a team member needs to look at a database for support reasons, it only happens after explicit approval and is logged.
Deletion
5. How deletion works
The family admin can delete individual memories or the whole archive at any time via the dashboard. If Dede, Nine or any other narrator withdraws their consent, you tell us — or you delete the affected content yourself from the archive. After deletion we mark the archive as deleted immediately, remove audio and photos from live storage, and a cron job removes the record fully from our live system within at most 30 days. Backup snapshots from our hosting providers rotate and are overwritten according to their retention cycles — pointwise removal from historical snapshots is not technically possible, but they expire within a limited time.
Open Source
6. Open-source components
Aile Hafızası is built on proven open-source building blocks: Next.js (App Router), React, Tailwind, Supabase (Postgres + RLS + Storage), the official OpenAI and Anthropic SDKs. We contribute improvements back where it makes sense. Where our own components eventually become open source, we communicate that transparently.
Family tree
7. Family tree privacy
The family tree is private. It is not a public ancestry profile and not visible to search engines. Only invited family members can see it. Names, photos, birth and death dates, relationships — everything stays inside the private archive. You can export or delete individual people or the whole tree at any time. We do not link the tree to external genealogy databases; there are no external GEDCOM imports, no DNA links, no automatic matching with other people's profiles.
Contact
8. Privacy contact
Questions, access requests, data exports or deletions reach us at info@ailehafizasi.com. We reply within five working days. Please report privacy-relevant security vulnerabilities directly there — we treat reports confidentially and confirm receipt within 24 hours.
Got a question that isn't covered here?
Write to info@ailehafizasi.com. We update this page regularly based on your feedback.