AmaranthPrivacy Policy

DRAFT — pending legal review; not legal advice.

Privacy Policy · v0.1 · 2026-07-09

This document is a working draft prepared for review by qualified legal counsel. It is not legal advice, does not create any binding obligation, and must be reviewed, corrected, and approved before publication. Every [BRACKETED] item is a placeholder for a decision the business owner must make.


Privacy Policy

Who we are

[LEGAL ENTITY NAME] ("Real Impact," "we," "us," or "our") operates the platform behind two consumer brands:

Real Impact owns the underlying platform; each brand operates on it under license. This Privacy Policy applies to both brands. Where a brand or a particular feature is handled differently, we say so.

This policy explains what personal information we collect when you use our service, why we collect it, who we share it with, how long we keep it, and the choices and rights you have. We wrote it to be read by real people — a grieving family, an engaged couple, a friend uploading a photo — not only by lawyers.

The people this affects are not only account holders. Our service is built around people who never sign up: contributors who upload a photo or video from a text-message link, guests whose names and emails a host imports, and the individuals — including children and people who have passed away — who appear in the media. This policy addresses all of them.

Who is responsible for your information (the "controller" / "business"). For most information, [LEGAL ENTITY NAME] is the controller. For contributor media and imported guest contacts that a host brings into a campaign, the host decides what is collected and why — the host is the controller and we act as a processor / service provider on the host's behalf. We explain this split throughout.


A quick map of the roles

Because our product involves several kinds of people, it helps to define them once:

Your rights and how you exercise them depend a little on which of these you are. We cover that in Your rights and If you don't have an account below.


What we collect

We collect the following categories of personal information. (The lettered labels map to the categories used under California law, to help make the required disclosures precise.)

(a) Identifiers — account holders. Your name, email address, and — if you provide them — postal address and phone number, plus login credentials.

(b) Contributor / guest contact information. If a contributor chooses to add a name, email, or message with an upload, we collect it. Many contributors upload anonymously and give us nothing but the media itself.

(c) Imported guest-list contacts (third-party PII). When a host imports a guest list, we receive the names, and any emails, postal addresses, or phone numbers the host uploads — for people who have never interacted with us directly. The host is the source of this information and represents that they have permission to share it.

(d) Commercial information. Your subscription plan, purchase history, and credits-ledger activity.

(e) Financial information. Payments are processed by Stripe. We do not store full card numbers. We keep limited billing tokens and details such as the card's last four digits and expiration, and a record that a payment succeeded or failed.

(f) Internet, device, and usage data. IP address, browser and device type, pages viewed, actions taken, and similar log and analytics data, including data from cookies and similar technologies.

(g) Coarse location. An approximate, city/region-level location inferred from your IP address. We do not collect precise GPS location.

(h) Audio, visual, and other user content. The photos, videos, audio, captions, and messages that hosts and contributors upload — the heart of the service — plus the assembled film and generated website.

(i) Likeness- and voice-derived features. To assemble a film and generate a site, our AI pipeline processes the faces and voices in your media and may derive technical features from them (for example, to detect faces, order clips, or transcribe speech). Depending on how it is used, this can be biometric-adjacent information. See AI processing and Sensitive information below.

We collect this information when you create an account, upload media, import a guest list, make a payment, contact support, or simply use the site.


Sensitive information

Some of what our service handles can reveal sensitive things about people. Uploaded media may show or imply:

Under California's CPRA this can be Sensitive Personal Information; under the GDPR some of it is special-category data (Article 9). We commit to a limited use and limited disclosure standard for this information: we use it only to deliver the service you asked for, and we do not use it to infer characteristics for advertising or any unrelated purpose. Where the law requires it, we rely on your explicit consent, and you have the right to limit our use of sensitive personal information (see Your rights).


How and why we use your information

We use personal information for these purposes:

PurposeWhat it involvesMain categories used
Deliver the core serviceHost and store your media; assemble the film; generate and host the website; provision an optional custom domain(a)(b)(c)(h)(i)
AI film and site assemblySend media and text to our AI subprocessor to build the film and site (see below)(h)(i)
TranscriptionConvert speech in videos to text for captions and editing (local processing, or optional managed transcription)(h)(i)
Billing and subscriptionsProcess payments, manage renewals, run the credits ledger(a)(d)(e)
Transactional emailSend campaign invitations, upload confirmations, renewal and export notices(a)(b)(c)
Security and fraud preventionDetect abuse, protect accounts, keep the service safe(a)(f)(g)
Product improvementUnderstand and improve the service, including with de-identified or aggregated data(f) and de-identified (h)
Legal and complianceRespond to lawful requests, enforce our terms, resolve disputesas needed

Two things we do not do:


AI processing — plain-language disclosure

Building a film and website automatically means a computer has to "look at" and "listen to" your media. Here is exactly what happens.

Because uploaded media can include a person's face and voice, and can reveal health or other sensitive facts, we treat AI processing of that media as processing of sensitive information (see above) and rely on the appropriate consent and lawful basis.


Subprocessors — who else handles your data

We use a small set of trusted service providers to run the platform. Each is engaged under a contract that restricts them to acting on our (or the host's) instructions. None of these is a "sale" of your information.

SubprocessorWhat they do for usData they handleLocation
SupabaseDatabase and authenticationAccount data, campaign metadata, references to mediaUnited States
Cloudflare (R2, Workers, Pages)Media storage, compute, website hostingUploaded and derivative media, site contentUnited States / global edge
Anthropic (Claude)AI film + website assemblyUploaded media and text sent to the modelUnited States
StripePayment processingBilling details, card tokensUnited States
PostmarkTransactional emailRecipient name and email, message contentUnited States
Deepgram (optional)Managed transcriptionAudio from uploaded videoUnited States

A note on shared infrastructure: our database is logically shared with a separate application (the Oikos Connect app) using a dedicated living_legacy_ data boundary. Your data is segregated within that boundary; the other application does not have access to your campaign data.

We may update this list as our providers change. Material changes will be reflected here with an updated effective date.


Cookies, analytics, and your privacy choices

We use cookies and similar technologies to keep you logged in, remember preferences, keep the service secure, and understand usage so we can improve it. We do not use them for cross-context behavioral advertising.

You can control cookies through your browser settings. We honor opt-out preference signals, including the Global Privacy Control (GPC). If your browser sends GPC, we treat it as a valid request to opt out of any "sale" or "sharing" (even though we do not sell or share) and to limit optional analytics where applicable. A "Your Privacy Choices" control is available at [PRIVACY-CHOICES URL].


How long we keep information, and the "never expires" promise

Our service makes an unusual commitment: your tribute or wedding site, film, and web-quality media never expire. Here is how that works as a retention rule.

Export everything. Consistent with the promise above, you can export your original files with a one-click download at any time while your subscription is active, and during the export-notice window after it ends.


Children's privacy (COPPA and state laws)

Our service is not directed to children under 13, and children cannot create accounts. Account holders must be 18 or older.

Children do, however, appear in tributes and wedding films, because adults upload photos and videos that include kids. When that happens:

If you believe a child's information has been provided to us without proper authority, contact us and we will act promptly.


People who have passed away, and people who are ill

Memorial tributes involve people who cannot speak for themselves. In most places, privacy laws protect living individuals, so a deceased person is generally not a "consumer" or "data subject" with statutory rights. To fill that gap, we provide a contractual mechanism instead:

Note that right-of-publicity protections for a deceased person vary by state; this is one reason the host's authority representation matters.


Your rights

Depending on where you live, you have some or all of these rights. We honor the core rights below for all users regardless of location, as a matter of policy.

Under California law (CCPA/CPRA), you can:

Under the GDPR (for individuals in the EU/UK), you also have the right to:

How to exercise your rights

If you don't have an account (contributors, guests, and depicted people)

Because our service is built on uploads from people who never signed up, we provide dedicated ways to exercise your rights without an account:


"We do not sell" — California specifics

We do not sell your personal information, and we do not share it for cross-context behavioral advertising, as those terms are defined under the CCPA/CPRA. We do not disclose personal information to advertising networks or data brokers. The subprocessors listed above are service providers acting on our or the host's behalf under contract, which is not a sale.

If this ever changes, we will update this policy, provide the required notice, and offer a working opt-out before any such activity begins.


GDPR — lawful bases and international transfers

We aim to be GDPR-ready because EU guests may appear in, or contribute to, a campaign even when the host is in the US.

Lawful bases we rely on:

Information about people who never dealt with us directly — imported guests and depicted individuals — is collected indirectly (from the host). Where the GDPR's Article 14 applies, the host is responsible for informing those individuals, and this policy is available to them; we support that with the notice text and opt-out links in host communications.

International transfers. We host in the United States. When personal information of individuals in the EU/UK is transferred to the US or to our subprocessors, we rely on appropriate safeguards, such as the EU Standard Contractual Clauses and equivalent mechanisms.

Roles. For a host's campaign content and imported contacts, the host is the controller and we are the processor. For our own operation of the platform (accounts, billing, security), [LEGAL ENTITY NAME] is the controller.


Security

We take reasonable and appropriate measures to protect your information, including:

No system is perfectly secure, but we work to protect your information and, where required by law, we will notify affected users and regulators of a data breach within the applicable timeframes.


Third-party links

Our sites and emails may link to third-party services (for example, a custom-domain registrar or a payment page). Their privacy practices are their own; we encourage you to read their policies.


Changes to this policy

We may update this policy from time to time. When we make material changes, we will update the effective date below and, where appropriate, notify you. Your continued use of the service after an update means you accept the revised policy.


Contact us


Effective date: [DATE]. Last updated: 2026-07-09 (v0.1 draft).

DRAFT — pending legal review; not legal advice. This draft must be reviewed and approved by qualified counsel, and every [BRACKETED] placeholder resolved, before it is published or relied upon.