Introduction

SendAfterMe is dedicated to protecting your personal data under the EU General Data Protection Regulation (GDPR). As a comprehensive digital legacy management platform, we ensure your data remains private and secure throughout our service delivery.

Data Controller

SendAfterMe, registered in Denmark, acts as the data controller for your personal data. All data processing, including analytics and user activity monitoring, is handled exclusively on our own servers within our organization - we never share your information with external parties like Google, Meta, or other third-party analytics providers. Contact us via our contact page for data protection inquiries.

What Data Do We Collect?

• Personal Information: Name, email address, and account details
• Messages and Content: Text messages, videos, audio files, images, and documents you upload
• Recipient Information: Names and email addresses of people who will receive your messages
• My Story Content: Your personal life story in text, audio, or video format
• Account Preferences: Delivery schedules, security settings, and notification preferences
• Payment Information: Billing details processed securely through Stripe
• Technical Information: Login times, security logs, and anonymized usage analytics to protect your account and improve our service - all processed on our own servers

How We Use Your Data

We process your data internally for these purposes:

• Service Delivery: Send your messages, videos, and digital content to recipients at the times you specify
• Account Management: Manage your account, process payments, and provide customer support
• Content Processing: Convert and optimize your videos and audio files for reliable delivery
• Security: Protect your account from unauthorized access and cyber threats
• Communication: Send you important updates about your account and service
• Status Monitoring: Check if you're still active so we know when to deliver your messages

Legal Basis for Processing

We process your data based on:

• Your Consent: You give us permission when you create an account and upload content
• Contract: We need your data to provide the digital legacy services you've purchased
• Security: We have a legitimate interest in protecting your account and preventing fraud
• Legal Requirements: We must keep some records for tax and regulatory purposes

You can withdraw your consent at any time by contacting us or deleting your account.

How We Protect Your Data

Your privacy and security are our top priorities:

• Strong Encryption: All your personal data and content are encrypted using industry-standard security
• Private Encryption: Sensitive files are encrypted on your device before being sent to us - we never see the unencrypted content
• Secure Storage: Your data is stored on protected servers within the European Union
• Access Controls: Only authorized personnel can access systems, and all access is logged
• Regular Security Updates: We continuously monitor and improve our security measures
• Attack Protection: Advanced systems protect against hackers and malicious activity

Your Rights

Under GDPR, you have these important rights:

• Access: Request a copy of all the data we hold about you
• Correction: Ask us to correct any wrong or outdated information
• Deletion: Request that we delete your account and all your data
• Portability: Get your data in a format you can use elsewhere
• Withdraw Consent: Change your mind about data processing at any time

To exercise these rights, please contact us using our contact page. We will respond to your request within 30 days.

Data Sharing

We keep your data private: All data processing, including analytics and user tracking, happens exclusively within SendAfterMe's own servers. We do not sell, rent, or share your personal information with other companies.

• Message Recipients: We only share your content with the people you choose, when you want us to
• Payment Processing: Stripe handles payments securely but doesn't see your personal messages or content
• No Analytics Sharing: Unlike many websites, we don't use Google Analytics, Facebook Pixel, or similar third-party tracking services
• No Marketing: We never share your information for advertising or marketing purposes
• No Third-Party Processing: Your data stays within our secure systems at all times

How Long We Keep Your Data

• Active Accounts: We keep your data as long as your account is active
• After Delivery: Once your messages are delivered, we may delete the content from our servers
• Account Deletion: When you delete your account, all your uploaded files and personal content are permanently deleted immediately. Database records necessary for accounting and legal compliance (like invoices) are anonymized instantly, removing all personal identifiers while preserving only the financial data required by law.
• Legal Records: Some business records (like invoices) are kept longer for tax purposes as required by law
• My Story Downloads: Completed My Story content is available for download for 48 hours, then archived

International Transfers

As a Danish company, we ensure your data stays protected:

• EU Storage: Your data is primarily stored within the European Union
• Safe Countries: Any data transfers only happen to countries approved by the EU for data protection
• Extra Protections: When necessary, we use additional legal safeguards for data transfers

Data Breaches

While our security systems are designed to prevent breaches, if one ever occurred:

• Quick Action: We would immediately secure our systems and investigate
• Authority Notice: We would notify the Danish Data Protection Agency within 72 hours
• User Notice: If your data was at risk, we would notify you as soon as possible
• Full Transparency: We would explain what happened and what we're doing about it

Contact Us

For questions about your data or to exercise your rights:

• General Inquiries: Use our contact page
• Account Settings: Manage most preferences in your account dashboard
• Quick Response: We respond to data requests within 30 days
• File a Complaint: Contact the Danish Data Protection Agency at www.datatilsynet.dk
• EU Citizens: You can also contact your local data protection authority

Policy Updates

We may update this policy when we:

• Add Features: Introduce new services or capabilities
• Improve Security: Enhance our data protection measures
• Follow Laws: Comply with new or updated regulations
• Stay Current: Keep our practices up to date with best standards

We'll notify you of important changes via email and through your account dashboard.

Last Updated: Augist 2025