Skip to content

Privacy Policy

What We Collect

We collect only the family tree data you enter (names, dates, places, citizenship status) and a session cookie. That's it.

  • No email addresses
  • No personal accounts
  • No IP address logging
  • No analytics or tracking pixels
  • No third-party scripts or data sharing

How Long We Keep It

Your data is stored for 48 hours from your last activity, then automatically and permanently deleted. Every time you interact with the tree builder, the timer resets to 48 hours.

Delete My Data Now

You can delete all your data immediately at any time using the "Delete My Data" button in the tree builder. This permanently removes your family tree from our servers and clears your session cookie.

Session Cookie

We use a single session cookie (sid) that is strictly necessary for the tree builder to function. It is not used for tracking. It is httpOnly (not accessible via JavaScript), encrypted in transit, and expires after 48 hours of inactivity.

Security

  • All traffic encrypted via HTTPS/TLS
  • Data encrypted at rest (AES-256-GCM) in Redis
  • Redis is password-protected and not exposed to the internet
  • No backups or replicas of user data
  • Self-hosted on a dedicated Linux server with all services on an internal Docker network

Rate Limiting

To protect the service from abuse and ensure availability for all users, we enforce per-IP rate limiting at the reverse proxy level. Each IP address is limited to 30 requests per second. Requests exceeding this limit receive a 429 (Too Many Requests) response. Normal usage of the tree builder is well within this limit.