PRIVACY POLICY - LASTMSGS

Last Modified: January 13, 2024

1. INTRODUCTION

LastMsgs ("we," "our," "the Site", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our delayed message delivery service ("Service"). We take your privacy seriously and have implemented strict policies to ensure your information remains secure and confidential.

2. INFORMATION WE COLLECT

2.1 Account Information

  • Your email address
  • Authentication credentials
  • Check-in preferences and schedule
  • Payment information. If you make a purchase or payment on the Site, such as for a subscription, we collect transactional information provided in connection with your purchase or payment. Please note that we use third party payment processors, including Stripe, to process payments made to us. As such, we do not retain any personally identifiable financial information such as credit card numbers. Rather, all such information is provided directly by you to our third-party processor. The payment processor’s use of your personal information is governed by their privacy notice. To view Stripe’s privacy notice, please visit: https://stripe.com/privacy.

You are free to choose which personal information you want to provide to us or whether you want to provide us with personal information at all. However, some information, such as your name, payment transaction information, and information on your requested Services may be necessary for the performance of our contractual obligations.

2.2 Message Content and Recipient Information

  • Messages stored for future delivery
  • Recipient contact information
  • Delivery preferences and conditions
  • Message delivery history

3. HOW WE USE YOUR INFORMATION

We use your information solely for:

  1. Providing the core message storage and delivery service
  2. Processing and confirming check-ins
  3. Delivering messages when triggered
  4. Maintaining service security and preventing fraud
  5. Meeting legal obligations

4. COMMUNICATION POLICY

4.1 User Communication

  • We will never proactively contact users except for:
    1. Check-in verification
    2. System-critical security notifications
    3. Legal requirements
  • We do not send marketing communications
  • We do not send service updates or newsletters
  • We do not conduct user surveys or request feedback

4.2 Check-in Communications

  • Check-in requests may or may not identify as LastMsgs
  • Check-in methods may vary based on user preferences
  • Check-in communications are minimal and verification-focused
  • No additional content will be included in check-in communications

4.3 Recipient Communication

  • Recipients are only contacted when message delivery is triggered
  • We identify as "Message Delivery Agent for [User Name]" during delivery
  • No communication with recipients occurs before delivery trigger
  • Recipients receive only the stored message and necessary delivery information

5. DATA SHARING AND DISCLOSURE

5.1 Information Collection and Third Party Services

5.1.1 Third Party Information Sharing

We DO NOT share, sell, rent, or trade your personal information with third parties for any purpose, including:

  • Marketing
  • Research
  • Analytics
  • Commercial purposes
  • Service improvement

5.1.2 Single Sign-On Services

We support Single Sign-On ("SSO") authentication through select providers like Google to simplify account access. When you choose to use SSO:

  • We receive limited information from the SSO provider as authorized by their procedures, which may include:

    • Name
    • Username
    • Email address
    • Language preference
    • Profile picture

  • This information is used solely for:

    • Account authentication
    • Service operation and maintenance
    • Core service functionality

In connection with SSO authentication, we may send strictly necessary communications regarding:

  • Account verification
  • Critical security notices
  • Technical notifications
  • Check-in verifications
  • Message delivery events

These communications maintain our core commitment to minimal contact and are limited to essential service functionality.

5.1.4 Data Protection

All information received through SSO providers is:

  • Subject to the same strict privacy protections as directly provided information
  • Never shared with third parties
  • Used only for core service operations
  • Deleted according to our standard data retention policies
  • Protected by our security measures

5.1.5 User Control

Users can:

  • Choose whether to use SSO or standard authentication
  • Disconnect SSO at any time
  • Control what information is shared through SSO settings
  • Request deletion of SSO-provided information
  • Maintain separate service credentials if preferred

5.2 Limited Disclosure

We will only disclose information when:

  1. Required by law
  2. Compelled by valid legal process (subpoena, court order)
  3. Necessary to protect life, safety, or property
  4. Requested by law enforcement with valid warrants

When legally required to disclose information, we:

  1. Notify affected users when legally permitted
  2. Provide minimum required information
  3. Challenge overly broad requests
  4. Maintain detailed disclosure records

6. DATA SECURITY

6.1 Storage Security

  • End-to-end encryption of message content
  • Segregated storage of contact information
  • Regular security audits and updates
  • Multiple layers of access control
  • Encrypted backup systems

6.2 Transmission Security

  • Encrypted data transmission
  • Secure protocols for all communications
  • Protected API endpoints
  • Verified security certificates
  • Regular vulnerability scanning

7. DATA RETENTION

7.1 Active Accounts

  • Messages retained until delivery or deletion
  • Check-in history maintained for security
  • Account information preserved while active
  • Regular data integrity verification

7.2 Account Termination

  • All user data deleted within 30 days
  • Complete removal from primary storage
  • Removal from backup systems
  • Deletion verification process
  • No retained user information

8. USER RIGHTS

You have the right to:

  1. Access your stored information
  2. Modify recipient information
  3. Delete stored messages
  4. Close your account
  5. Request data export
  6. Receive disclosure notifications when legally permitted

9. CHANGES TO PRIVACY POLICY

  • Policy updates notified through service interface
  • Changes effective 30 days after posting
  • Critical changes may require acknowledgment
  • Previous versions available upon request
  • Change history maintained

10. CONTACT INFORMATION

For privacy inquiries required by law:

  • Email: privacy@lastmsgs.com
  • Response within 30 days
  • Identity verification required
  • Legal representatives only

Note: As per our communication policy, we will only respond to legally required privacy inquiries and will not engage in general correspondence or support requests through these channels.

11. JURISDICTION AND APPLICABLE LAW

This Privacy Policy is governed by the laws of New Hampshire and applicable U.S. federal law. Any disputes regarding this policy will be handled in accordance with the dispute resolution provisions in our Terms of Service.

Last updated: January 13, 2024