ROOTED MEMORIES – PRIVACY POLICY

1. Who We Are

ROOTED MEMORIES LTD operates Rooted Memories, a private family archive platform.

We are the data controller for personal data processed through the platform.

Our governing law is England and Wales.

2. What We Collect

Account Information:

• Phone number (used for login and verification)
• Display name

Tree Information:

• Family tree structures
• Identity records (names, dates, relationships)

User-Generated Content:

• Photos
• Captions
• Associated metadata
• Upload timestamps

Technical Data:

• IP address
• Device/browser information
• Basic activity logs for security

3. How We Use Your Data

• Provide and maintain private family archives
• Enable identity linking across trees
• Allow media uploads and storage
• Maintain platform security
• Comply with legal obligations

Rooted Memories does not sell personal data.

We do not use personal data for advertising or profiling.

4. Lawful Basis

We process personal data under Legitimate Interest to provide a private family archive platform requested by users.

5. Children’s Data

Child identity records may be created by family administrators with appropriate authority.

6. Linking Across Trees

Linking connects identity records across private trees but does not merge or expose media between them.

7. Storage and Security

All data is encrypted, transmitted over HTTPS, and protected using access controls.

8. Data Retention

Data remains until deleted by the user, identity owner, or administrator, or when an account is deleted.

Account deletion is processed within seven (7) days.

9. Your Rights

You have the right to access, correct, or delete your data.

support@rootedmemories.co.uk

10. Tree Inactivity

Inactive trees may become read-only but data is not deleted automatically.

11. Data Processors

We use secure third-party providers to host and maintain the platform.

12. Complaints

You may contact us or the UK ICO if you have concerns about data handling.