Privacy Policy
Laatst bijgewerkt: June 6, 2026
This Privacy Policy explains what information RootsLore (“RootsLore”, “we”, “us”) collects when you use rootslore.com and the RootsLore mobile applications (together, the “Service”), how we use it, and the choices you have. By using the Service you agree to this policy.
RootsLore is operated by Taeeun Kim, an individual based in Switzerland 🇨🇭, who is the data controller responsible for your personal data. You can reach us at any time at support@rootslore.com.
1. Information we collect
- Family data you enter. The names, dates, places, relationships and notes you add to build your family tree. You choose what to record. You are responsible for having an appropriate basis to record information about other people (see our Terms).
- Account & authentication data. When you start using the Service we create an anonymous session for you. If you choose to register or sign in (including via a third-party provider), we store the identifier needed to recognise you on return.
- Technical & diagnostic data. Standard information your browser or device sends — such as IP address, device model, OS version and browser type. On the mobile app we also collect crash reports (stack traces, device state at the time of a crash) via Firebase Crashlytics, and usage events (screens visited, feature interactions) via Firebase Analytics. This data is used to operate, secure and improve the Service.
2. How we use information
- To provide the family-tree and map features and save your work.
- To let you share a tree with people you explicitly invite.
- To secure the Service, prevent abuse and fix problems.
- To understand usage so we can improve the product.
3. Legal bases for processing
Where the EU or UK General Data Protection Regulation or the Swiss Federal Act on Data Protection applies, we process your personal data on the following bases: to perform our contract with you (providing the Service and saving your work); our legitimate interests in operating, securing and improving the Service; your consent where we ask for it; and to comply with legal obligations.
4. How your data is stored
Your family-tree data is stored using our infrastructure provider, Supabase, on secured servers. Access to a tree is restricted by row-level security so that it is only readable by you and the people you invite. We retain your data for as long as your account exists; you can delete your account at any time from the in-app settings, which removes your tree and associated records.
Crash reports and analytics events collected in the mobile app are processed by Google Firebase(a Google LLC service) and stored on Google’s servers, which may be located in the United States or other countries where Google operates. Firebase Crashlytics retains raw crash data for 90 days; aggregated analytics data is retained per the standard Firebase Analytics retention period (up to 14 months by default).
5. International data transfers
We operate from Switzerland and use service providers that may store or process data in other countries, including the United States. Where we transfer personal data out of the EEA, the UK or Switzerland, we rely on appropriate safeguards such as the European Commission’s Standard Contractual Clauses or an applicable adequacy decision.
6. Cookies and similar technologies
We use cookies and local storage to keep you signed in, remember your active tree and operate the Service. These are essential to how the Service works. You can control or clear cookies through your browser or device settings.
7. Sharing of information
We do not sell your personal data. We share data only with:
- Supabase — database and authentication hosting.
- Google Firebase(Google LLC) — crash reporting (Crashlytics) and usage analytics on the mobile app. Google’s privacy policy is available at policies.google.com/privacy.
- People you explicitly invite to a shared tree.
- Authorities or parties where required by law.
8. Public trees
Most trees are private and visible only to you and the people you invite. Separately, the Service offers public trees — read-only genealogies, such as historical lineages or notable public figures, that are published at a public web address. Public trees are reviewed and published by us, and may draw on trees suggested or contributed by users (see our Terms).
Information in a public tree is, by design, visible to anyone on the internet and may be indexed by search engines and cached by third parties. We aim to limit public trees to facts that are already public, and for living people to general locations (such as a city) without precise addresses or sensitive details. Your private tree is never made public without action that publishes it.
If you believe a public tree contains personal data about you that is inaccurate, should not be public, or that you would like corrected or removed, email support@rootslore.com and we will review the request and, where appropriate, correct or remove it.
9. Your rights and choices
You can always access, correct or delete the data in your tree, and delete your account and associated data from the in-app settings. Depending on where you live, you may also have additional rights:
- EEA, UK and Switzerland (GDPR / FADP). You have the right to access, rectify, erase, restrict and port your data, to object to certain processing, and to withdraw consent. You may also lodge a complaint with your local data protection authority — in Switzerland, the Federal Data Protection and Information Commissioner (FDPIC).
- California (CCPA/CPRA). You have the right to know what personal information we collect, to request its deletion or correction, and to not be discriminated against for exercising these rights. We do not sell or share your personal information as those terms are defined under California law.
- Korea (PIPA). You have the right to access, correct, delete and suspend the processing of your personal data, and to withdraw consent.
To exercise any of these rights, email support@rootslore.com.
10. Children
The Service is not directed to children under 13 (or the minimum age required in your country), and we do not knowingly collect personal data from them. If you believe a child has provided us personal data, contact us and we will delete it.
11. Changes to this policy
We may update this Privacy Policy from time to time. We will revise the “Last updated” date above when we do, and significant changes will be reflected on this page.
12. Contact
For any privacy questions or requests, email support@rootslore.com.