GatherNook← Home

Privacy Policy

Last updated: 13 June 2026

GatherNook (“we”, “us”) is a private space for families to keep the people and moments that matter to them. We take your privacy seriously and only collect what we need to run the service. This policy explains what we collect, why, and the rights you have — including under the EU/UK General Data Protection Regulation (GDPR).

This is a plain-language template prepared to reflect how GatherNook works. Please have it reviewed by a qualified lawyer before relying on it for full legal compliance in your jurisdiction.

Who is responsible for your data

The data controller is the operator of GatherNook. For any privacy question or to exercise your rights, contact privacy@gathernook.com.

What we collect

  • Account data — your name and email address, and a password (stored only as a secure hash by our authentication provider).
  • Family content you create — family members and relationships, important dates, memories, notes, gift ideas, tasks, and any photos you upload.
  • Technical data — essential session cookies and basic server logs needed to keep you signed in and operate the service.

Why we use it (legal bases)

  • To provide the service (performance of a contract) — creating your account and storing the family content you choose to add.
  • To keep the service secure and working (legitimate interests) — authentication, preventing abuse, and fixing problems.
  • To send reminders/notifications you opt into (consent) — e.g. birthday push notifications, which you can turn off any time.

Who we share it with

We do not sell your data. We share it only with the processors that run the service on our behalf, under data-processing agreements:

  • Supabase — database, authentication and file storage.
  • Vercel — application hosting.
  • Resend — sending account & confirmation emails.

International transfers

Our infrastructure may process data outside your country (for example, in the United States). Where required, transfers rely on appropriate safeguards such as the EU Standard Contractual Clauses offered by our processors.

How long we keep it

We keep your data for as long as your account is active. When you delete your account (or a family workspace you own), the associated data is removed from our database. Backups are rotated on a limited schedule.

Your rights

Under the GDPR and similar laws you can:

  • access a copy of your data (we offer a one-click export in Settings);
  • correct inaccurate data;
  • delete your account and data (right to erasure, available in Settings);
  • port your data (export as a machine-readable file);
  • object to or restrict certain processing;
  • withdraw consent for notifications at any time;
  • lodge a complaint with your local data-protection authority.

Children

GatherNook is used by families to record information about their own members, which may include children, added by a parent or guardian who is responsible for that content. We do not knowingly allow children to create their own accounts without parental involvement.

Cookies

We use only essential cookies needed to sign you in and keep the app working. See our Cookie Policy for details.

Changes

We may update this policy as the product evolves; we’ll revise the date above and, for material changes, let you know in-app.

Contact

Questions or requests: privacy@gathernook.com.

Privacy Policy — GatherNook