Privacy Policy

Family Assets is committed to protecting personal data and handling it responsibly. This policy describes what information we collect, how we use it, when we share it, and what choices and rights may be available to you under applicable law.

We may collect information you provide directly, information created through your use of the service, and information supplied by trusted service providers.

• Account data: email address, display name, profile image, and authentication identifiers.
• Family and asset data: names, dates, relationships, asset details, uploaded documents, and notes.
• Operational data: log records, diagnostic events, device metadata, and service usage information.

• To provide, maintain, and secure the service.
• To authenticate users and manage account access.
• To respond to support requests and product issues.
• To improve reliability, performance, and product quality.
• To comply with legal obligations and protect legitimate interests.

We do not sell personal data. We share data only when necessary to provide the service, comply with law, or protect rights and security.

• Auth0: identity and authentication services.
• Infrastructure providers: hosting, storage, and delivery services.
• Authorities and advisors: where disclosure is required or justified by law.

We use technical and organizational safeguards including encryption in transit, access controls, and controlled infrastructure access. Data is retained for as long as necessary to operate the account and satisfy legal, tax, or security obligations.

Depending on where you live, you may have rights to access, correct, delete, export, or restrict the use of your personal data, and to object to certain forms of processing.

Privacy requests can be sent to privacy@familyassets.app. We may ask you to verify your identity before processing a request.

We use essential session-related cookies and similar storage for authentication and core product operation. We do not describe the service as relying on advertising cookies or cross-site tracking technologies in this policy.

The service is not directed to children under 16 and we do not knowingly collect personal data directly from children in that age group without an appropriate legal basis.

We may update this policy from time to time. When changes are material, we will revise the effective date and may provide additional notice.