What we hold, and what we don’t.

What we collect.

Your email address (for sign-in). Whatever you and your collaborators add to a memorial: names, dates, written stories, uploaded photos, service details, RSVPs, tributes. Operational logs that help us keep the service running (request paths, error stack traces, timestamps).

What we do with it.

We store it so the memorial page works. We use it to send transactional emails (sign-in links, invitation acceptances, receipts). We use aggregated, non-identifying signals to understand which parts of the product are used and which are broken.

What we don’t do.

We do not sell your data. We do not run third-party advertising on memorial pages. We do not list memorial pages in a public directory unless you explicitly choose “Anyone with the link” visibility and share the link yourself. We do not train AI models on the content you write here.

Who else sees it.

We use Supabase (database + storage), Vercel (hosting), Stripe (payments), and an email provider to deliver sign-in links. These vendors receive only the data they need to perform their specific role.

Collaborators you invite see the memorial content you’ve given them access to. Public memorials are visible to anyone with the link. Password-protected memorials are visible to anyone with the link and the password.

Your data is yours.

You can ask us to export or delete a memorial at any time by emailing hello@obit.app. Self-serve export and delete are on the roadmap.

Beta software.

Obit is in early beta. We back things up, but until we’ve proven the operational story we recommend keeping your own copy of anything irreplaceable (texts, photos). We’ll always warn you before doing anything irreversible.