Your capsules contain some of the most personal content imaginable. We take privacy seriously. This policy explains exactly what data we collect, how we use it, and the rights you have over it.
CapsuleUs, S.L. ("CapsuleUs", "we", "our") operates the CapsuleUs mobile application. We are the data controller for personal data processed through the app. Contact: privacy@capsuleus.app
We collect the following categories of personal data: • Account data — your email address, first and last name. • Content — photos, videos, audio recordings, documents, and text you upload to capsules. This is your data; we store it only to fulfil the service. • Recipient data — names, email addresses, and relationship labels of the people you add as recipients. • Guardian data — names and contact details of people you designate as guardians. • Usage data — feature interactions, capsule creation events, app crashes, and performance metrics (anonymised where possible). • Payment data — subscription status and product identifiers via Apple's App Store. We never see or store your payment card details.
We use your data only for the purposes you would reasonably expect: • To create and manage your account • To store your capsules and deliver them to recipients according to your instructions • To notify guardians and process posthumous delivery confirmations • To process subscription billing via Apple • To send transactional emails (OTP codes, delivery notifications, guardian invitations) • To investigate and fix bugs, and improve the app We do not use your content to train AI models. We do not sell your data to third parties.
We process your personal data under the following legal bases (GDPR Article 6): • Contract — processing your account data and capsule content is necessary to provide the service you've signed up for. • Legitimate interests — usage analytics and service improvement, provided these interests are not overridden by your rights. • Legal obligation — we may retain certain data if required by applicable law. • Consent — for optional marketing communications, if and when we introduce them. You can withdraw consent at any time.
We share personal data with the following categories of third parties, all acting as data processors under contract: • Supabase — cloud database and authentication infrastructure (EU region) • Resend — transactional email delivery • Apple App Store — subscription billing and in-app purchase verification • RevenueCat — subscription management (anonymised user identifiers only) We do not share your capsule content with any third party except as required to deliver it to your designated recipients.
When you add a recipient or guardian, we store their name and contact information and may send them an invitation email. This is necessary to fulfil the service. You are responsible for ensuring that the people you add have consented to receiving communications from CapsuleUs on your behalf. Recipients only receive capsule content you have explicitly assigned to them, at the delivery time you have set.
We retain your data for as long as your account is active. If you delete your account: • Your capsules and all associated content are deleted within 30 days. • Capsules already delivered to recipients are removed from our servers. • Account records (email address, billing history) may be retained for up to 7 years where required by tax or financial law. Unopened posthumous capsules are deleted along with your account if no guardians trigger delivery within 12 months of account closure.
If you are based in the European Economic Area, you have the following rights: • Access — request a copy of the personal data we hold about you. • Rectification — ask us to correct inaccurate data. • Erasure — request deletion of your personal data ("right to be forgotten"). • Portability — receive your data in a machine-readable format. • Restriction — ask us to limit how we process your data. • Objection — object to processing based on legitimate interests. To exercise any of these rights, contact privacy@capsuleus.app. We will respond within 30 days. You also have the right to lodge a complaint with your national data protection authority.
We take reasonable technical and organisational measures to protect your data, including: • Encryption in transit (TLS 1.2+) and at rest (AES-256) • Authentication via one-time codes — no passwords stored • Row-level security policies on our database • Access controls limiting which team members can access production data No method of transmission over the internet is 100% secure. While we do our best, we cannot guarantee absolute security.
CapsuleUs is not directed at children under 18. We do not knowingly collect personal data from anyone under 18. If you believe a child has provided us with personal data, contact us at privacy@capsuleus.app and we will delete it promptly.
Our primary infrastructure is hosted in the EU. Some of our service providers (e.g. Apple) operate globally. Where personal data is transferred outside the EEA, we ensure appropriate safeguards are in place (Standard Contractual Clauses or equivalent).
We may update this Privacy Policy from time to time. We will notify you of material changes via email or in-app notification at least 14 days before they take effect. The "Effective date" at the top of this page will always reflect the current version.
For any privacy-related questions, requests, or concerns: privacy@capsuleus.app CapsuleUs, S.L. Madrid, Spain We aim to respond within 5 business days.