Privacy Policy

How we handle your memories.

Last updated July 10, 2026Contact hello@onelittleline.com

Who we are

The data controller for One Little Line is Leaf IA, Romania, Europe. You can contact us at hello@onelittleline.com.

What we collect

We collect the account and app data needed to run the service: your Apple or Google sign-in identifier, the child profile information you choose to add, your memories, optional photos, generated monthly letters or snapshots, reminder and letter preferences, subscription status, and technical data such as logs, diagnostics, telemetry, and push-token data used for security, reliability, troubleshooting, notifications, and product improvement.

Why we use it

We use this data to create and secure your account, save and sync memories across sessions, show your archive back to you, generate monthly letters and snapshots, support monthly letter editing and sealing features, manage reminders and letter notifications, handle subscriptions, let you export or share your data, and keep the service working.

Legal bases

We process most account, memory, export, and subscription data because it is necessary to provide the service you asked for. We rely on your consent where you choose to enable notifications or grant photo access. We may also process limited technical data for our legitimate interests in preventing abuse, securing the service, and troubleshooting problems.

Where your data goes

We use service providers to operate the app. This currently includes Apple and Google for sign-in, device permissions, and store billing (App Store on iOS, Google Play on Android); Supabase for authentication, database, storage, and server functions; RevenueCat for subscription status; Expo’s push-notification service for user-enabled letter notifications; and AI providers for automated memory organization and monthly letter or snapshot generation. For AI processing we make every effort to keep your data processed in the EU, using providers and models that are based, hosted, or developed in the EU. We may also use technical analytics, diagnostics, or telemetry tools to understand reliability, usage, abuse, and product performance. We do not sell your personal data and we do not use it for cross-app advertising.

Sharing within your family

If you invite a co-writer to a child's circle (or join one), the members of that circle can see the memories, photos, and monthly letters connected to that child, including the ones you add, together with your chosen signature (such as Mom or Dad). Memories you wrote stay visible to the circle if you leave or are removed. If you delete your account, you choose whether the memories you wrote stay with the circle without your name or are deleted everywhere.

How memories, photos, and tags work

Your memories and optional photos are private by default. Some functionalities of One Little Line are powered by AI: the app may process your content through AI and software-assisted systems to support features such as organization, classification, summaries, suggestions, search support, archive structure, monthly letters or snapshots, and other product experiences that may evolve over time. We never use your memories to train AI models ourselves, and the providers we work with do not train their models on this content by default. If you would like to opt out of any AI training or processing flows, contact us at hello@onelittleline.com. To improve monthly letter tone and continuity, the system may also look at recent prior entries for the same child context. Generated outputs are meant to support the app experience, may be incomplete or imperfect, and can be edited by you inside the app before sealing. They are not used for cross-app advertising and are not intended as formal factual verification or legal, medical, or professional advice.

Permissions

Reminder notifications only work if you grant notification permission on your device. Photo features only work if you grant photo library access and, if camera capture is available in your version of the app, camera access. You can change these permissions in your device settings at any time.

Retention and deletion

We keep your account and memory data for as long as needed to provide the service and apply our retention rules. If you delete a memory or delete your account, related data may still be retained for up to 365 days for recovery, operational, security, fraud-prevention, billing, legal, or compliance purposes. If your paid access ends, your archive may pause under the current product rules and removal from user access may be scheduled up to 60 days from the last successful payment, while retained data may still be kept internally for the longer retention periods described above. We may also keep limited logs and technical records for longer where required for security, fraud prevention, billing, or legal compliance.

Your rights and choices

You can review memories in the app, edit generated monthly letters where the feature is enabled, export or share a copy, change reminders and letter preferences, delete individual memories, or delete your account. Depending on where you live, you may also have rights to access, correct, erase, restrict, object to certain processing, or receive a portable copy of your data. If you are in the EEA or UK, you can also complain to your local data protection authority.

International transfers and changes

Some service providers may process data outside your country. Where that happens, we rely on the safeguards offered by those providers and the agreements we have with them. If this notice changes in a meaningful way, we will update this page and the reference URL below.