Privacy Policy

Last updated: May 5, 2026

Treva (“we”, “our”, “us”) is committed to protecting your personal data. This policy explains how we collect, use, and protect information about you when you use Treva.

Data we collect

• Account information: name, email address, and password hash
• Family tree data: names, dates, and biographical information you enter
• Photos and videos you upload, stored securely via Amazon S3
• Payment information processed by Stripe (we never see your card number)
• Usage analytics via PostHog (anonymised where possible)
• Error reports via Sentry to help us fix bugs

How we use your data

• To provide and improve the Treva service
• To send transactional emails (invites, receipts, notifications) via AWS SES
• To process payments via Stripe
• To send SMS notifications you have opted into via AWS SNS

Third-party services

We use: Neon (database), Amazon S3 (media storage), Stripe (payments), AWS SES/SNS (email/SMS), Upstash (rate limiting), PostHog (analytics), Sentry (error monitoring). Each has their own privacy policy.

Your rights (GDPR)

You have the right to access, correct, export, or delete your data at any time from Account Settings. To exercise any right, contact us at privacy@trevaroots.com.

Data retention

Your data is retained for as long as your account is active. When you delete your account, all personal data and media are permanently deleted within 30 days.

Contact

Questions? Email privacy@trevaroots.com.