Last updated: June 12, 2025
Amiriel helps you preserve personal letters, life notes, and important information. This Privacy Policy explains what we collect, how we use it, and the choices you have.
Amiriel ("we", "us", or "our") operates the Amiriel website and related services that let signed-in users create, store, preview, and optionally deliver private letters to people they trust.
If you have questions about this policy, contact us at [email protected].
Account information: when you register or sign in, we may collect a username, display name, email address, and a password stored in hashed form. If you use OAuth (Google, GitHub, or Apple, when enabled), we receive profile identifiers and basic profile data from that provider to create or link your account.
Letter content: text you write, titles, subtitles, themes, page order, visibility settings, and timestamps such as when you accept the product boundary notice.
Media: images and videos you upload, along with technical metadata needed to store and display them (file type, size, storage location).
Sharing and delivery: read codes you create, delivery schedules, recipient names, email addresses, and phone numbers you provide for scheduled email or SMS delivery.
Recipient-side access: when someone opens a letter with a read code, we process the code, access time, and basic request data needed to show the letter.
Technical data: session and authentication cookies, browser language preferences (including Accept-Language), server logs (such as IP address, user agent, and request time), and error diagnostics needed to operate and secure the service.
We use your information to provide the service: authenticate you, save and sync your letters, generate read links, upload and serve media, preview content, and send scheduled deliveries you configure.
We use technical data to maintain security, prevent abuse, troubleshoot failures, and improve reliability.
We do not sell your personal information. We do not use your letter content for advertising.
OAuth providers: when you choose Google, GitHub, or Apple sign-in, you are redirected to that provider under its own terms and privacy policy.
Delivery providers: when you schedule email or SMS delivery, recipient contact details and message content are processed by the email or SMS infrastructure configured for the deployment so the delivery can be sent.
Infrastructure providers: content and account data are stored on servers and object storage (such as PostgreSQL and, when configured, Cloudflare R2 or equivalent media storage) operated by us or our hosting vendors.
Legal requirements: we may disclose information if required by applicable law, regulation, legal process, or to protect the rights, safety, and integrity of users and the service.
We do not make your letters publicly searchable. A letter is accessible to others only through a read code or delivery channel you create.
We use cookies and similar technologies to keep you signed in, protect sessions, and remember language preferences.
You can control cookies through your browser settings. Disabling essential cookies may prevent sign-in or saving content.
Letter data is stored in our application database. Media may be stored locally on the server or in object storage depending on deployment settings.
We apply reasonable technical and organizational measures such as access controls, HTTPS in production, and hashed passwords. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.
Anyone with a valid read code can open the associated letter without an account. You are responsible for who receives a read code or delivery link.
Recipient contact details you enter for delivery are used only to fulfill that delivery and related service operations.
You can edit or delete letter content from your workspace while your account is active, subject to product limits and archived states.
You can delete your account from the workspace. Account deletion removes your user record and, through database cascade rules, your letters, pages, media records, read codes, delivery schedules, and OAuth links associated with the account.
After deletion we also attempt to remove uploaded media files from storage. Residual copies may remain temporarily in backups or logs; we do not use deleted account content to provide the service.
Account deletion is permanent and cannot be undone. Deleting your Amiriel account does not delete data held by OAuth providers; manage that separately with the provider.
We retain account and letter data while your account is active and as needed to provide the service.
When you delete content, an account, or a delivery completes, we delete or de-identify data when no longer needed for the purposes described in this policy, except where retention is required by law or for limited security and backup purposes.
Amiriel is not directed to children under 13 (or the minimum age required in your jurisdiction). We do not knowingly collect personal information from children. If you believe a child has provided us data, contact us and we will take appropriate steps to delete it.
Your information may be processed and stored in countries where we or our service providers operate. By using Amiriel, you understand that your information may be transferred to locations that may have different data protection laws than your own.
We may update this Privacy Policy from time to time. We will post the revised policy on this page and update the "Last updated" date. Continued use after changes become effective means you accept the updated policy.
Questions about privacy or data handling: [email protected].
Boundary note
This is a private letter and information list, not a will or notarized document. Handle inheritance, witnesses, notarization, or asset distribution with professional confirmation elsewhere.
