Privacy Policy
Last updated: June 9, 2026
1. Introduction
This privacy policy describes how Reminiscio, referred to as we, us, our or the Publisher, collects, uses and protects the personal data of users of the Reminiscio application, referred to as the Service, in accordance with the General Data Protection Regulation (GDPR) and the French Data Protection Act.
2. Data Controller
The controller of personal data is Telly D., publisher of the Reminiscio service as an individual acting in a non-professional capacity. For any question about your data, you can contact us at: privacy@reminiscio.com
2.1 Minor users
The Service is intended for people aged 16 or older. Use of the Service by a minor under 16 requires the consent of a legal representative. A legal representative may contact us for any question related to a minor's data or account.
3. Data Collected
3.1 Data provided directly
- Identification data: name, first name or display name, email address, username, profile picture, login provider and information necessary to manage the account. This data may come from a third-party identity provider, including Google or Apple, or from email login.
- User content: text, photos, audio, captions, dates, categories, comments, reactions, private messages and metadata associated with memories published or transmitted through the Service.
- Location data: places associated with memories, coordinates, accuracy, place label, city, region, country and location source, only when the user chooses to add or confirm a location. This information may come from manual entry, the device's current position, the photo library, EXIF metadata from a photo or geocoding services.
- Media, camera, photo library and microphone: the application may access your device camera, photo library and microphone to let you create photo or audio memories, choose a profile picture, retrieve certain useful metadata and, if you enable it, transcribe audio.
- Social data: friend requests, friendships, memory visibility, notifications, presence or recent activity related to conversations, as well as information necessary to display profiles and interactions.
- Sharing data: temporary public links created by the user, expiration date, revocation status and data necessary to display the shared memory.
3.2 Data collected automatically
- Technical data: device type, operating system, application version, compatibility information, technical logs and errors necessary for the proper operation and security of the Service.
- Connection data: IP address, login date and time, session identifier
- Notification data: push notification token when the user enables notifications
- Email messaging data: email address and information strictly necessary to send login links, service messages and administrative notifications. When an account is created, an internal notification may be sent to the Publisher with essential information about the new user in order to monitor Service activity.
4. Purposes and Legal Bases
- Provision of the Service (performance of a contract): account creation, storage and display of memories, timeline features, profile, friends, comments, reactions, private messages, notifications, sharing links and audio transcription requested by the user.
- Service improvement (legitimate interest): internal functional statistics, error diagnosis and improvement of features and user experience.
- Security (legitimate interest): fraud detection and protection against unauthorized access
- Moderation and abuse prevention (legitimate interest): review of published or uploaded content, notably photos, to prevent unlawful, abusive or fraudulent content, or content that violates the Terms of Use.
- Communications (performance of a contract, legitimate interest or consent depending on the case): email login links, service messages, notifications related to interactions, important updates and push notifications when the user enables them.
- Compliance with legal obligations (legal obligation): retention of certain information when required by law or in the event of a request from a competent authority.
4.1 Manual content moderation
To prevent abuse and protect the Service, photos and other content published or uploaded may be manually reviewed by the Publisher. This review is limited to content necessary for moderation, Service security, handling a report, user support or compliance with a legal obligation.
This review is not intended to use your content for commercial, advertising or other purposes unrelated to the operation, security and moderation of the Service.
5. Retention Period
Your personal data is kept for the duration of your account use. If an account is deleted, account data and associated content are deleted as soon as technically possible and no later than 30 days, except where legal retention obligations apply or where technical constraints related to backups, security logs and traces necessary to prevent abuse require otherwise. Public sharing links expire automatically after a limited period, currently 24 hours, and may be revoked by the user. Email login links expire after a short period.
6. Data Sharing
We never sell your personal data. Your data may be shared with:
- Technical processors: website hosting (Vercel), database and file storage (Supabase), authentication services (Google and Apple), email sending (Resend), location, geocoding and place autocomplete services (Google Maps/Places), audio transcription when requested by the user (OpenAI), push notifications and app updates (Expo, Apple and Google), only to the extent necessary to provide the Service.
- Other users: some content may be visible to your friends or to users with whom you interact, depending on visibility settings and features used.
- Recipients of a public link: when you voluntarily create a temporary sharing link, anyone with that link can view the shared memory during its validity period. Public sharing links do not support audio memories.
- Publisher and Service administration: necessary data may be accessed by the Publisher to manage the Service, provide support, manually review content for moderation purposes, process deletions and protect user security.
- Competent authorities: in the event of a legal obligation or judicial request
7. Data Transfers
Some data may be processed outside the European Union by our processors. In that case, we ensure that appropriate safeguards are in place, such as European Commission standard contractual clauses or an adequacy decision.
8. Cookies
The Reminiscio website uses only cookies strictly necessary for the Service to operate, such as session and authentication cookies. No advertising or third-party tracking cookie is used.
9. Your Rights
Under the GDPR, you have the following rights over your data:
- Right of access: obtain a copy of your personal data
- Right to rectification: correct inaccurate or incomplete data
- Right to erasure: request deletion of your data
- Right to portability: receive your data in a structured and readable format
- Right to object: object to the processing of your data on legitimate grounds
- Right to restriction: request restriction of processing in certain cases
To exercise these rights, contact us at: privacy@reminiscio.com
You also have the right to lodge a complaint with the French data protection authority, the Commission Nationale de l'Informatique et des Libertés (CNIL): www.cnil.fr
10. Data Security
We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, loss, destruction or alteration. This includes encryption of data in transit (HTTPS/TLS), strict access control and system monitoring.
11. Minors
The Service is intended for people aged 16 or older. Use of the Service by a minor under 16 requires the consent of a legal representative. The legal representative may exercise rights related to the minor's data by contacting us at the address indicated on this page.
12. Changes
We reserve the right to modify this privacy policy. In the event of a substantial change, we will inform you by notification in the application. The last updated date is shown at the top of this page.
13. Contact
For any question about this privacy policy or your personal data: privacy@reminiscio.com