top of page

Privacy Policy

Last Updated: October 2025
Version: 1.0

 

The purpose of this Privacy Policy is to inform you how Eirloom collects, uses, stores, and protects your personal data when you use our services. Your trust is paramount, and we are committed to transparent and secure data handling.

Who We Are – The Data Controller

Eirloom is a digital memory and storytelling platform operated by DINA CORP LIMITED, Company No. 16542532.

Registered Office: [Insert full registered address], England, United Kingdom
Trading Name: Eirloom
Email for privacy matters: privacy@eirloom.com
ICO Registration: Pending – we are registered or will register as a Data Controller with the UK Information Commissioner’s Office (ICO).

We determine the purposes and means of processing personal data under the UK GDPR and the Data Protection Act 2018.

What Personal Data We Collect

We collect various types of personal data to provide, improve, and secure your experience with Eirloom.

  • Account Information: Includes your name, email address, and encrypted password, used to create and manage your account.

  • Uploaded Media & Content: Includes photos, videos, audio recordings, and text stories — the core feature of Eirloom, enabling you to store and share your memories.

  • Device & Usage Data: Such as IP address, browser type, operating system, app activity, and cookies. This helps maintain security, perform analytics, and improve our service.

  • Subscription & Billing Information: Includes transaction IDs and billing amounts. Payment details are handled securely through Stripe or Apple Pay to process subscriptions and meet legal obligations.

  • Marketing Preferences: Includes your opt-in choices and interactions with our emails so we can send updates and newsletters with your consent.

Why We Process Your Data (Lawful Bases)

We process your personal data for several lawful reasons under the UK GDPR:

  • To provide and secure your account – Performance of Contract.

  • To personalise and improve our services – Legitimate Interest or Consent (for cookies).

  • To process payments and subscriptions – Contract or Legal Obligation.

  • To send important service updates – Legal Obligation or Legitimate Interest.

  • To send marketing communications – Consent, which you may withdraw at any time.

Where Your Data Is Stored and Transferred

Your data is primarily stored on Google Cloud Platform, London Region (europe-west2).

We employ strong security measures such as encryption in transit and at rest, role-based access controls, multi-factor authentication, and regular audits.

If your data is transferred outside the UK or EEA — for instance, to email or analytics vendors based in the United States — we use Standard Contractual Clauses (SCCs) to ensure equivalent protection.

Third-Party Processors We Use

We work with trusted service providers who process data only under our instructions to help us deliver Eirloom’s features and services.

Examples include:

  • Google Cloud Platform – hosting and storage (UK region)

  • Stripe and Apple Pay – for subscription billing

  • Meta and Google Analytics – for site and advertising performance

  • Mailchimp or similar – for email communication

A current list of our sub-processors is available upon request.

How Long We Keep Your Data

We retain data for as long as necessary to fulfil the purposes outlined in this policy:

  • Active accounts are retained until you delete your account.

  • Deleted accounts are removed within 30 days, and backup copies are purged within approximately 90 days.

  • Financial records are retained for at least six years to comply with tax and audit requirements.

  • Support communications are kept for 12 months for quality assurance.

Your Data Protection Rights

If you are based in the UK or EEA, you have rights under the UK GDPR, including:
Access, Rectification, Erasure, Restriction, Portability, and Objection.

If you are based in the U.S., applicable rights under the CCPA/CPRA include:
Right to Know, Right to Delete, and Right to Opt Out of Sale or Sharing (note: we do not sell personal data).

To exercise your rights, email privacy@eirloom.com with “Data Request” in the subject line.
We will verify your identity through your registered email or, if necessary, request additional proof.

Children’s Data

Eirloom is intended for individuals aged 13 and over.

We do not knowingly collect personal information from children under 13.
If a parent or guardian believes that their child’s information has been provided to us, please contact privacy@eirloom.com for prompt removal.

This complies with COPPA (Children’s Online Privacy Protection Act) and UK GDPR age requirements.

Cookies and Tracking

Eirloom uses essential cookies for login and security, and optional analytics cookies for performance and marketing purposes.

You can accept or reject non-essential cookies via our cookie banner.
Full details are provided in our Cookie Policy.

Automated Decision-Making and Profiling

Eirloom does not use AI profiling or automated decision-making that significantly affects users.
If we introduce such processing in the future, we will update this policy and seek your consent where required.

Security of Your Data

We maintain strict administrative, technical, and physical safeguards to protect your information, including:

  • AES-256 encryption and TLS 1.3 in transit

  • Multi-factor authentication for employee access

  • Regular security audits and penetration testing

  • Limited data access based on role and necessity

Changes to This Policy

We may update this Privacy Policy periodically to reflect operational, legal, or regulatory changes.
All updates will be posted on our website, and where appropriate, we will notify you by email.
The “Last Updated” date at the top of this document indicates the most recent revision.

Contact and Complaints

If you have questions or concerns about this Privacy Policy or how your data is handled, please contact our privacy team at privacy@eirloom.com or write to us at:
[Insert Registered Address]

If you are not satisfied with our response, you may contact the Information Commissioner’s Office (ICO):
Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF, United Kingdom
Website: ico.org.uk
Phone: 0303 123 1113

Connect with us for updates!

Build your Eirloom

Join the journey toward a more meaningful way to remember.

Privacy Policy

Terms of Service

 

 

  • LinkedIn
  • Instagram
  • TikTok

12 Glenwood Close

Annitsford, United Kingdom

NE23 7SG

hello@eirloomapp.com

© 2025 Eirloom

 

bottom of page