Privacy Policy

AsemTiRekla is the operator of the Application.

For privacy questions, support requests, or data-rights requests, contact: support@asemtirekla.eu.

Depending on how you use the Application, we may process account information, message-related metadata, invitee email addresses, unlock timestamps, and operational security information.

For authentication and service operation, we may also process provider-related account identifiers, session data, preference data, and device or browser-related technical information.

• user email address and basic account profile data
• invitee email addresses and invitation status information
• encrypted message payload and selected metadata such as display name, tags, category, region, or public/private status
• unlock time, creation time, and deletion-related status
• IP-related technical records, request logs, rate-limit counters, and abuse-prevention signals
• cookie or local-storage related session and preference data

We primarily receive personal data directly from you when you create an account, send invitations, create messages, or use the Application.

Some data may also come from authentication providers, infrastructure providers, or from technical events generated during use of the service.

We process personal data to provide and secure the service, send invitations and notifications, operate accounts and sessions, enforce limits, prevent abuse, comply with legal obligations, and improve reliability.

We do not sell personal data and we do not store plaintext private message content or decryption keys.

Where GDPR applies, we rely on one or more of the following legal bases: performance of a contract, legitimate interests, legal obligation, and consent where required.

Legitimate interests may include service security, fraud prevention, abuse detection, moderation of public content, and maintaining the reliability of the platform.

When a user enters an invitee’s email address, we process that address to send the invitation, track invitation status, and help the invitee access the relevant flow in the Application.

Invitation links may include unique tokens and may expire after a defined period. Expired or invalid invitations may remain stored for audit, security, and abuse-prevention purposes for a limited period.

Users must only invite persons they have a legitimate reason to contact. Invitation features may be limited, throttled, or suspended if abused.

Private message content is encrypted before upload on the user’s device. The Application is designed so that the operator does not need plaintext private content in order to provide the core service.

The viewing key is not stored by the operator. If the key or viewing link is lost, the message may not be recoverable.

We use cookies, local storage, or similar technologies for login sessions, security, language or UI preferences, consent state, and other necessary site functions.

Where required by law, non-essential technologies are used only after obtaining valid consent.

We may use hosting, email, infrastructure, authentication, analytics, security, or support providers that process data on our behalf under appropriate contractual safeguards.

We may also disclose data where required by law, to protect rights and safety, to respond to abuse, or in connection with legal claims.

We do not sell user data to third parties.

Some providers may process data outside your country or the European Economic Area. Where required, we use appropriate safeguards such as standard contractual clauses or equivalent legal mechanisms.

We keep personal data only for as long as needed for the purposes described in this policy, including account operation, invitation flow, security, abuse prevention, legal compliance, and dispute handling.

Invitation records may be retained until they expire, are used, are deleted, or are no longer needed for operational or legal reasons. Logs and security records may be retained for limited periods according to operational needs.

Depending on applicable law, you may have the right to access, correct, delete, restrict, or object to processing, and the right to data portability or to withdraw consent where consent is the basis.

You may exercise privacy-related rights by contacting support@asemtirekla.eu. You may also have the right to lodge a complaint with a supervisory authority.

We use reasonable technical and organizational measures to protect the Application and the data we process, including HTTPS, access control, logging, and abuse protection.

No method of storage or transmission is completely secure, and we cannot guarantee absolute security.

The Application is not intended for unlawful use or for storing highly sensitive information as the sole copy of record.

Users should not rely on the service as their only backup for critical secrets, legal originals, or emergency-recovery material.

We may update this Privacy Policy from time to time. The current version will be indicated by the “Last updated” date on this page.