Legal
Effective date: May 19, 2026 · Operated by Nathan Crowther
Heirloom (“we,” “our,” or “the service”) turns ancestor documents into illustrated children’s stories using AI. This policy explains what information we collect, how we use it, and your rights as a user.
By using Heirloom, you agree to the practices described here.
When you upload a document, your file is briefly and securely staged in Vercel Blob storage while we extract its text. The original file is deleted immediately after text extraction — typically within seconds. Only the extracted text is retained in our database. That text is used solely to identify story candidates and generate stories, and is processed by Anthropic’s Claude API (see Third-Party Services below).
If you create an account, we collect your email address — either directly (email/password sign-up) or via Google OAuth. We do not collect your name unless it appears in a document you upload.
Before you create an account, we assign your browser an anonymous session ID stored in your browser’s localStorage. This is used to track story generation limits for free, anonymous users. It is not a tracking cookie and is not used for advertising.
Subscription payments are processed entirely by Stripe. Heirloom stores only your Stripe customer ID and subscription status. We never see or store your card number, expiration date, or CVV.
When you choose to add ancestor details during story generation, we may collect: the ancestor’s name, nicknames or document aliases, cultural heritage, birth and death years, and birth location. This information is used to create an ancestor profile that improves illustration accuracy and maintains visual consistency across stories.
Photos you upload for appearance analysis are not stored. If you optionally upload a photo of an ancestor, the image is sent to Anthropic’s Claude API to generate a plain-text appearance description (e.g. “a woman with silver hair and kind eyes”), then immediately discarded. Only the derived text description is stored — never the original image.
Stories and AI illustrations you generate are stored in your account so you can access them later. When ancestor profiles are created, an AI-generated portrait illustration may also be generated and stored. If you edit a story’s text, the original AI-generated version is preserved privately in your account so you can revert if needed.
Reference photos for image regeneration are not stored. If you optionally upload a reference photo when regenerating an illustration, that image is sent to Anthropic’s Claude API alongside the current illustration to improve the regenerated image. The photo is then immediately discarded — only the updated illustration prompt text is stored, never the original image.
Family plan subscribers can create shared family groups and invite others — including free-plan users — to join via a shareable invite link. When you participate in a group, we store: the group name, your membership role (owner or member), and the date you joined. Group owners can see the email addresses of all group members within the group settings panel.
When you share a story to a group, that story’s title, text, illustration, and ancestor name become visible to all current members of that group. Group-shared stories are only accessible to authenticated group members — they are not accessible via a public URL and do not appear in search engines. You can remove a story from a group at any time, which immediately removes other members’ access to it.
Group invite links do not expire by default. Anyone who receives your invite link can use it to join your group. Group owners can rotate the invite link at any time from group settings to prevent new joins with the old link.
Stories are private by default. If you choose to share a story using the “Share story” feature, the story’s title, text, illustration, and ancestor name become accessible to anyone with that link. When a shared link is posted to social media or messaging apps, those platforms may generate a link preview and cache a copy of the story’s illustration. You can disable sharing at any time from the story page, but previews already cached by third-party platforms may persist. Only share stories whose content you are comfortable making publicly accessible.
| Purpose | Data used |
|---|---|
| Generate story candidates | Document text → Anthropic Claude API |
| Generate story illustrations | Story text, ancestor context → Google Gemini Imagen 4 API |
| Analyze ancestor photos (optional) | Uploaded photo (temporary, not stored) → Anthropic Claude Vision API |
| Regenerate story illustrations (paid plans) | Current illustration + optional reference photo (temporary, not stored) + text feedback → Anthropic Claude Vision API → Google Gemini Imagen 4 API |
| Generate ancestor portraits | Ancestor name, heritage, appearance description → Google Gemini Imagen 4 API |
| Store ancestor profiles | Name, heritage, years, derived appearance description → Supabase |
| Authenticate your account | Email address → Supabase Auth |
| Process subscription payments | Email, billing info → Stripe |
| Enforce plan usage limits | Session ID or user ID, story count |
| Manage family group membership | Group name, member associations, shared story links → Supabase |
| Provide customer support | Email address |
We do not use your information for advertising, and we do not sell or rent your data to third parties.
When you use Heirloom, your document text or story content may be transmitted to these services as part of generating your story.
| Service | What we share | Purpose |
|---|---|---|
| Anthropic | Document extracted text; optionally, photos you upload for ancestor appearance analysis or image regeneration (photos are not retained by us or Anthropic beyond the API call) | AI story generation, appearance analysis, and illustration prompt refinement (Claude) |
| Google (Gemini) | Generated story text; ancestor name, heritage, and appearance descriptions | AI illustration generation (stories and ancestor portraits) |
| Google (OAuth) | Email address | Sign-in |
| Supabase | All stored data | Database, auth, and file storage |
| Stripe | Email, subscription info | Payment processing |
| Vercel | Request metadata; uploaded files (briefly staged in Vercel Blob during upload processing, then deleted) | Hosting, infrastructure, and temporary file staging |
Document text, story candidates, generated stories, and ancestor profiles are automatically deleted 30 days after creation. Ancestor profiles that are not linked to any generated story are also deleted on this schedule.
Your data is retained as long as your account is active. You can delete individual stories at any time from the Gallery. Ancestor profiles are retained alongside your account. To request full account deletion — including all stories, documents, and ancestor profiles — contact us at the email below.
Stripe retains transaction records as required by financial regulations, independent of your Heirloom account.
Heirloom creates stories for children, but the service is directed at and intended to be used by adults (18 and older). We do not knowingly collect personal information from children under 13. If you believe a child under 13 has submitted information through Heirloom, please contact us and we will delete it promptly.
If you are a California resident, you have the following rights under the California Consumer Privacy Act:
To exercise any of these rights, contact us at the email below.
We use industry-standard practices to protect your data. Specific measures include:
No method of transmission or storage is 100% secure. We encourage you to use a strong password and to avoid uploading documents containing highly sensitive information beyond what’s needed to tell a family story.
We may update this policy from time to time. We will notify registered users by email or via an in-app notice when material changes are made. Continued use of the service after changes are posted constitutes acceptance of the updated policy.
For privacy questions, data requests, or account deletion, contact us at: hello@heirloomstories.app