Privacy Policy
Last updated: 2026-05-17
1. Information We Collect
We collect your email address and password (hashed) for authentication. We store the content you create: text entries, photos, and voice recordings. We also store metadata such as dates, mood tags, and milestone tags you assign to entries.
2. How We Process Photos
Photos are compressed client-side (max 800px, ~150KB) before upload. Photos are stored securely in Supabase Storage with server-side encryption. When AI story generation is enabled, photos are sent to Anthropic Claude Vision API for analysis. Anthropic does not use API data for model training. Anthropic may retain API logs for up to 30 days for abuse detection, after which they are deleted.
3. How We Process Voice Recordings
Voice recordings are sent to OpenAI Whisper API for transcription. After transcription, the original voice recording is permanently deleted from our servers. We only keep the text transcript. OpenAI does not use API data for model training.
4. AI Story Generation
Your text and photo descriptions are sent to Anthropic Claude API to generate polished stories. Anthropic does not use API data for model training. Anthropic may retain API request logs for up to 30 days for safety and abuse detection purposes, after which they are permanently deleted. The AI-generated stories are stored in our database alongside your original input.
5. Voice Profiles (ElevenLabs)
Voice cloning consent. A cloned voice is biometric data under GDPR Article 9 and KVKK Article 6. Before we record your sample, we ask you to explicitly confirm four points on a consent screen: that the voice is yours, that we may use it solely to narrate your own entries within the app, that ElevenLabs will process the sample on our behalf, and that you can delete the profile at any time. By default, only you can hear narrations rendered in your cloned voice. You may optionally grant playback access to specific contributors or viewers of your books — at that moment, the invite dialog shows you an explicit warning that a cloned voice playing on someone else’s device can be recorded and reused outside Lismil, and asks you to accept that risk on the listener’s behalf. You can revoke any grant at any time from the book’s members panel. We never expose the raw voice sample or the underlying ElevenLabs model to listeners; access is limited to playback of narrations you authored. Deleting your voice profile from Settings does two things automatically: the voice sample is removed from ElevenLabs (via their API), and the matching record in our database is dropped. The delete dialog also offers a second option — “also remove previously-rendered narrations” — which, when ticked, sweeps every narration audio file we have already generated from that voice across every book you own. With that option chosen, no trace of the cloned voice remains on our infrastructure.
6. Payment Information
Payments are processed by Stripe. We never store credit card numbers or payment details on our servers. We only store your Stripe customer ID and pack purchase status. Stripe is PCI-DSS Level 1 certified. For details on how Stripe handles your data, see Stripe's privacy policy.
7. Data Storage & Security
All data is stored in Supabase (PostgreSQL) with AES-256 encryption at rest. All connections use TLS/SSL encryption in transit. File storage (photos) uses server-side encryption. Row Level Security (RLS) ensures users can only access their own data. We never expose service-level credentials to the client application.
8. Analytics & Usage Data
We use two analytics tools to understand how the service is used and to improve it. Vercel Analytics records aggregate, anonymized page views and basic device information (browser, country, device type) without setting cookies and without any personally identifying data. Microsoft Clarity records anonymized session interactions — mouse movements, clicks, scroll depth, and rage-click signals — and produces heatmaps and short session recordings. Clarity masks form inputs by default, so the text you type into Lismil is never sent to Microsoft. We do not link Clarity data to your account. Microsoft Corporation acts as our data processor for this purpose under its standard Clarity terms. You can opt out at any time by enabling Do Not Track in your browser, by using a privacy or ad-blocking extension, or by contacting us at info@lismil.com to be excluded.
9. Data Sharing
We do not sell your data to third parties. We share data only with the service providers needed to run the service: Anthropic (Claude — story text and photo captions), OpenAI (Whisper — voice transcription), ElevenLabs (voice cloning and narration audio), Stripe (payments), Resend (transactional emails such as confirmations, magic links, and notifications), and — when you order a physical book — Cloudprinter (for UAE, US, EU shipments) or Lulu (for Türkiye shipments), which receive your shipping address and the print-ready PDF in order to print and deliver the book. If you invite viewers or contributors to your book, they can see the entries you share. Public memory pages (/memory/[slug]) are accessible via unique, unguessable URLs.
10. Data Retention
Your data is retained for as long as your account is active. Voice recordings are deleted immediately after transcription. When you delete your account, all your data is permanently removed within 30 days, including entries, photos, voice profiles, and personal information from third-party services we control (ElevenLabs voice profile, Stripe customer record). AI processing providers (Anthropic, OpenAI) may retain anonymised API logs independently for up to 30 days for abuse-detection purposes, as set out in their own privacy policies — this retention is outside Lismil's control.
11. Your Rights
You can access all your data through the app at any time. You can delete individual entries, photos, or your entire account. You can request a copy of your data by contacting us. You can delete your voice profile from the settings page. EU/EEA users have additional rights under GDPR, including the right to data portability and the right to be forgotten.
12. Cookies
We use essential cookies for authentication sessions (Supabase Auth), active book selection, and language preference. Microsoft Clarity (see Section 8) stores a short session identifier in browser storage to group page views into a single session. Vercel Analytics is cookieless. We do not use advertising or cross-site tracking cookies.
13. Children's Privacy
Lismil is not directed at children under 16. If a parent creates a book about their child, the parent controls all data and is responsible for their child's privacy. We do not knowingly collect data from children under 16 without parental consent.
14. Changes to This Policy
We will notify you of significant changes to this privacy policy via email. The updated policy will be posted on this page with a new "last updated" date.
15. Contact
For privacy questions or data requests, contact us at info@lismil.com.