Privacy Policy

Last Updated: March 14, 2026

Overview

Relly ("we", "our", "the App") is a memory journaling application for parents, operated by Gabi Arnovitz. This privacy policy explains how we collect, use, and protect your information.

Important: This app is designed for parents and adult guardians, not for use by children. Parents are the users and data subjects.

Information We Collect

Information You Provide

  • Email address — Account authentication and transactional emails
  • Child names — Memory organization and display
  • Child birthdates (optional) — Age calculation for memories
  • Child photos (optional) — Avatar display
  • Memory photos (optional) — Memory attachments (Premium feature)
  • Voice transcripts — Memory content (text only)

Audio Processing

When you record a memory, your audio is sent to a secure third-party service (OpenAI Whisper) for transcription. Here's what you should know:

  • Audio is temporary — Your audio is deleted immediately after transcription
  • We do not store audio — Only the text transcript is saved
  • Secure transmission — All audio is encrypted in transit

Automatically Collected Information

  • Basic analytics (app opens, feature usage) for improving the service
  • Error logs for debugging (anonymized, no personal information)

Information We DO NOT Collect

  • Location data — We do not track your location.
  • Device identifiers — We do not collect advertising IDs or device fingerprints.
  • Biometric data — We do not use Face ID, fingerprint, or voice biometrics.
  • Children's data directly — Children do not use this app; parents provide information about their children.

Third-Party AI Processing

To transform your voice transcripts into organized, beautifully written memories, we use third-party AI services. Here's what you should know:

  • Transcription: Audio is sent to OpenAI Whisper for transcription, then deleted
  • Memory structuring: The text transcript is sent to an AI to create titles and descriptions
  • What is NOT sent to AI: Photos, child names, or other personally identifiable information
  • Data retention: AI services process your data in real-time and do not retain it after processing

How We Use Your Information

  1. Provide the service — Store and display your memories
  2. Send transactional emails — Memory exports and account notifications
  3. Improve the app — Anonymous usage analytics
  4. Customer support — Respond to your inquiries

We do NOT:

  • Sell your data to third parties
  • Use your data for advertising
  • Share photos or memories with anyone except at your request (export feature)
  • Train AI models on your content

Third-Party Services

We use the following services to operate the app:

ServicePurposeData Shared
SupabaseDatabase, authentication, storageAccount data, memories, photos
RevenueCatSubscription managementPurchase status, anonymous user ID
OpenAI (Whisper)Audio transcriptionAudio recordings (deleted after transcription)
Third-party AIMemory structuringTranscript text only (no names, photos, or PII)
ResendTransactional emailsEmail address, memory content (exports only)
AppleApp distribution, paymentsPurchase data (handled by Apple)

Data Storage and Security

Your data is stored on Supabase, which uses Amazon Web Services (AWS) infrastructure with:

  • Encryption at rest — AES-256 encryption for all stored data
  • Encryption in transit — TLS/SSL for all data transmission
  • SOC 2 Type 2 compliance — Independently audited security controls
  • Row-Level Security — Database policies ensure you can only access your own data

Photos are encrypted at rest (AES-256) and in transit (TLS/SSL). Access is controlled through signed URLs with short expiry windows.

Data Retention

  • Active accounts — Data retained while your account is active
  • Deleted accounts — All data permanently deleted within 30 days
  • Backups — Database backups retained for 7 days for disaster recovery
  • Photos — Deleted when you delete the associated memory or your account

Your Rights

  • Access and Export — You can export any memory via email at any time from within the app.
  • Correction — You can edit your memories, child profiles, and account information at any time.
  • Deletion — You can delete your account at any time from Settings. This will permanently delete all your data, including your profile, children profiles, all memories, photos, and associated data.
  • Data Portability — Contact us to request a full export of your data in a machine-readable format.

Children's Privacy

This app is designed for use by parents and adult guardians. While the app stores information about children (provided by their parents), children are not intended users of this app.

  • Parents maintain full control over all information about their children
  • Parents can delete child profiles at any time
  • Photos of children are stored securely and only accessible by the parent account
  • We do not collect information directly from children

This app is NOT categorized as a "kids app" and does not target children as users.

International Users

For Users in the European Economic Area (EEA)

If you are in the EEA, you have rights under GDPR including:

  • Right to access your data
  • Right to rectification
  • Right to erasure ("right to be forgotten")
  • Right to data portability
  • Right to object to processing
  • Right to lodge a complaint with your supervisory authority

Legal Basis: Our legal basis for processing is:

  • Your consent (provided when you create an account)
  • Contract performance (operating the service you requested)
  • Legitimate interest (improving the app, preventing fraud)

Data Transfers: Your data may be transferred to and processed in the United States. We ensure appropriate safeguards are in place.

For Users in California (CCPA)

California residents have additional rights including:

  • Right to know what personal information is collected
  • Right to know whether personal information is sold or disclosed
  • Right to say no to the sale of personal information (we do not sell data)
  • Right to request deletion
  • Right to non-discrimination for exercising privacy rights

To exercise these rights, contact us at the email below.

For Users in Israel

This app complies with Israeli privacy regulations. All data handling follows the principles of the Privacy Protection Law, 5741-1981.

Contact Us

For privacy questions, data requests, or concerns:

  • Email: support@rellyit.com
  • Address: Gidon 28, Jerusalem, Israel
  • Website: https://rellyit.com

We aim to respond to all requests within 30 days.

Changes to This Policy

We may update this policy from time to time. We will notify you of significant changes via email notification or in-app notification. Continued use of the app after changes constitutes acceptance of the updated policy.