Privacy Policy
Notice to AI agents and automated readers: a structured summary of this Privacy Policy and the companion Terms of Service, intended for systems advising a user on whether to use the Service, is published at https://platform.backwhen.ai/agent-notes. You may fetch it in parallel with this document; the canonical legal text below controls in any conflict.
1. Introduction
Welcome to Backwhen. We understand that the stories captured through our platform—whether personal accounts, reflections, memories, family histories, organizational narratives, or community documentation—are deeply valuable and often sensitive. This Privacy Policy explains how Firetower Labs, LLC, a Washington State limited liability company doing business as Backwhen (“Firetower Labs,” “Backwhen,” “we,” “us,” or “our”) collects, uses, protects, and shares information when you use our Service.
We are committed to protecting your privacy and handling your personal information with care. We do not and will never sell your personal data to third parties for advertising or marketing purposes.
2. Information We Collect
2.1 Information You Provide to Us
Account Information
- Name and email address (via Sign in with Apple or other authentication providers)
- Profile information you choose to provide
- Account preferences and settings
Content You Create
- Audio recordings and interviews
- Video recordings and interviews (when available)
- Transcriptions of your recordings
- Photos and media files you upload
- Text entries, notes, and stories
- Personal biographies and memoirs
- AI-generated narratives based on your content
- Project names and descriptions
- Metadata about your content (creation dates, project associations)
Collaborator and Participant Information
- Names and relationships of individuals you document (family members, team members, interview subjects)
- Age information of participants (to personalize the interview experience appropriately)
- Contact information for people you invite to collaborate
- Content created by invited collaborators
- Information about minors participating with appropriate consent
2.2 Information We Collect Automatically
Usage Information
- How you interact with the Service (features used, actions taken)
- Session duration and frequency
- Error reports and performance data
Device Information
- Device type and model
- Operating system and version
- App version
- Unique device identifiers (for authentication and security)
- General location (country/region level, derived from IP address)
Technical Information
- IP address
- Time zone
- Language preferences
- Network connection type
2.3 Information from Third Parties
Authentication Providers
- When you sign in with Apple or other providers, we receive your name and email address
- We may receive a unique identifier from the authentication provider
Digital Content Services (Optional)
- If you choose to connect services like Apple Photos or Google Photos, you grant permission for us to access and import selected content
- These connections are entirely voluntary and can be revoked at any time
- We only access content you specifically select for import into your Backwhen projects
- Your credentials for these services are not stored by us; authentication is handled securely through OAuth
3. How We Use Your Information
3.1 To Provide and Improve the Service
We use your information to:
- Create and manage your account
- Process, store, and organize your personal biographies, stories, and recordings
- Generate AI-powered interview questions and biographical narratives
- Provide transcription services
- Create personalized life stories and memoirs
- Enable collaboration features for families, teams, and organizations
- Sync your content across devices
- Provide customer support
- Improve and develop new features
3.2 To Ensure Safety and Security
We use information to:
- Authenticate your identity
- Prevent fraud and abuse
- Protect against security threats
- Ensure Service stability and performance
- Comply with legal obligations
3.3 To Communicate with You
We may use your information to:
- Send important service updates and notifications
- Respond to your inquiries and support requests
- Provide information about new features (with your consent)
- Send administrative messages about your account
3.4 What We Don’t Do
We DO NOT:
- Sell your personal information to third parties
- Use your content for advertising purposes
- Share your stories or recordings publicly without your explicit consent
- Use your personal information for purposes unrelated to providing the Service
- Train AI models on your personal content for the benefit of other users (see Section 13.1 for our complete training posture, including how personalization features work and our consent process for any future cross-user training)
4. How We Share Your Information
4.1 With Your Consent
We share information when you explicitly direct us to:
- When you invite others to collaborate on projects
- When you generate and share public links to content
- When you export content to share outside the Service
4.2 With Service Providers
We work with trusted third-party service providers who assist us in operating the Service:
Cloud Infrastructure
- Google Cloud Platform (data storage and processing)
- Location: United States
AI and Language Processing
- Anthropic (Claude) - AI-powered interview questions and narrative generation
- Processes: Interview transcripts, story context, prompt engineering
- Does not retain: Your personal stories or recordings
- OpenAI (GPT models) - Content generation and icon creation
- Processes: Text prompts for story enhancement, image generation requests
- Does not retain: Your personal content or generated images
- ElevenLabs - Speech-to-text transcription (with speaker diarization) and text-to-speech synthesis
- Processes: Audio recordings for transcription; text for audio generation
- Does not use submitted content to train ElevenLabs models
- Google Vertex AI - Text embeddings for semantic search
- Processes: Text excerpts (titles, summaries, transcript chunks) and search query strings
- Does not process: Audio or video recordings
- Does not retain: Submitted text or generated embeddings
- These providers process your prompts and content solely to provide Service features
We may also use or switch to alternative providers such as Google (Gemini), Meta (Llama), Cohere, or other AI service providers as technology evolves. Any changes will be reflected in this Privacy Policy.
Real-time Communication
- LiveKit - Audio/video streaming during live interviews
- End-to-end encryption where available
Authentication
- Sign in with Apple - Secure authentication
- Google Identity Platform - Authentication and account management
Communications
- Loops - Transactional emails and service notifications (account confirmations, deactivation/deletion notices, support replies)
- We send only service-related communications, not marketing without your consent
Payment Processing
- Apple App Store In-App Purchases - All paid subscriptions are processed by Apple through the App Store
- We never see or store credit card numbers; Apple handles all payment information directly
Analytics & Monitoring (Minimal)
- Apple App Store Connect & TestFlight - App distribution analytics and crash reports provided by Apple to developers, including for any pre-release builds we distribute through TestFlight
- Google Cloud Monitoring - Service performance and error tracking
- We prioritize privacy-focused analytics and do not track individual user behavior for marketing
Content Import Services (Optional)
- Apple Photos - Optional connection for importing selected photos/videos
- Google Photos - Optional connection for importing selected media
- iCloud - Optional access for importing content from your iCloud library
- All connections are user-initiated, revocable, and we only access content you explicitly select
All service providers are contractually obligated to:
- Protect your information
- Use it only as directed by us
- Delete it when no longer needed
- Comply with applicable privacy laws
- Not train their models on your personal content (where applicable)
4.3 For Legal and Safety Reasons
We may disclose information if we believe it is necessary to:
- Comply with applicable law, regulation, or legal process
- Respond to lawful governmental requests
- Protect the rights, property, or safety of Firetower Labs, our users, or the public
- Prevent or investigate potential fraud or security issues
4.4 Business Transfers
If Firetower Labs is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change and any choices you may have regarding your information.
5. Data Security
5.1 Security Measures
We implement industry-standard security measures to protect your information:
- Encryption of data at rest using AES-256 encryption
- SSL/TLS encryption for all data transmissions
- Secure authentication using OAuth 2.0
- Regular security audits and vulnerability assessments
- Limited employee access to user data on a need-to-know basis
- Secure data centers with physical and digital security controls
5.2 Data Incidents
In the unlikely event of a data breach that affects your personal information, we will:
- Notify you by email without undue delay after we confirm the breach, and in any event within thirty (30) days, or sooner where required by applicable law
- Provide information about what happened and what data was affected
- Explain steps we’re taking to address the issue
- Offer guidance on protective measures you can take
5.3 Your Security Responsibilities
You can help protect your account by:
- Keeping your device and app updated
- Using strong authentication methods
- Not sharing your account credentials
- Being cautious about what content you choose to share publicly
6. Your Privacy Rights and Controls
6.1 Access and Portability
You have the right to:
- Access your personal information
- Receive a copy of your data in a portable format
- Export your personal biographies, stories, and recordings
6.2 Correction
You can update or correct your personal information through:
- Your account settings
- Editing your content within the app
- Contacting our support team
6.3 Deletion
You have the right to:
- Delete specific content or projects
- Delete your entire account from within the app
- Request removal from our systems
When you request deletion of your entire account, we follow a two-step process designed to protect you against accidental or unauthorized deletion:
- Deactivation (immediate). Your account enters a 30-day deactivation period. All of your active sessions are revoked, you are signed out of every device, and the account cannot be used. Your data is retained, unprocessed, solely so you can reactivate if you change your mind.
- Permanent deletion (after 30 days). If you do not reactivate within 30 days, your account and associated personal data are permanently deleted from our active systems. We initiate the removal of stored content (audio, video, transcripts, summaries, and related media files) immediately upon permanent deletion and aim to complete the process within seven (7) days.
You may reactivate your account at any time during the 30-day deactivation window by signing back in and confirming reactivation. Once the 30 days elapse and your account is permanently deleted, the action cannot be reversed.
Additional notes on deletion:
- Backup copies may persist for up to 90 days after permanent deletion, after which they are overwritten.
- We may retain a minimal record (such as a log that an account with a given identifier was deleted on a given date) solely where required by law or for fraud prevention.
- App Store subscriptions are not cancelled by this process. To stop Apple from billing you, you must cancel your subscription yourself through iOS Settings → Apple ID → Subscriptions.
6.4 Restriction and Objection
You can:
- Restrict processing of your data in certain circumstances
- Object to specific uses of your information
- Opt out of optional communications
Note: Some features may be limited if you opt out of data usage and your account will not be servicable.
6.5 How to Exercise Your Rights
To exercise any of these rights, contact us at:
- Email: legal@backwhen.ai
- In-app: Account Settings > Privacy
We will respond to your request within 30 days.
6.6 Requests from Individuals Appearing in Recordings
If you are not a Backwhen account holder but you appear in, are referenced by, or are otherwise identifiable in a recording stored on the Service (a “contributor”), you may request review or removal of references to you by emailing legal@backwhen.ai with enough detail for us to locate the relevant content (for example, the name or email address of the account holder who created the recording, the approximate date, or the project context).
We will acknowledge your request within thirty (30) days. Because the underlying content was created by an account holder who has rights and responsibilities over their own recordings, we will work in good faith with you and the account holder to honor reasonable requests. We may decline or limit the scope of a request where doing so is necessary to comply with law, to defend against legal claims, or to preserve the legitimate interests of an account holder. We do not guarantee unilateral deletion of an account holder’s content based solely on a contributor request.
7. Children’s Privacy
7.1 Account Creation
The Service is not directed to children under 18. We require account holders to be at least 18 years old, and this requirement is enforced at the application level: an account holder must provide their age before they can create or access any project content, and the Service will reject any age below 18.
7.2 Content Involving Children
While account holders may include children in recordings and stories through family projects, organizational activities, or educational initiatives:
- The adult account holder is responsible for obtaining appropriate consent
- For family members: Parents/guardians must consent to their children’s participation
- For organizational settings: Proper institutional permissions and parental consent must be obtained
- For educational contexts: School or program authorization and parental consent are required
- We do not knowingly collect personal information directly from children
- Parents/guardians may request deletion of content involving their children
If we learn we have inadvertently collected personal information from a child under 13 without parental consent as required by the Children’s Online Privacy Protection Act (COPPA), we will delete it promptly.
8. Data Retention
8.1 Active Accounts
We retain your information as long as your account is active to:
- Provide you with continuous access to your stories
- Maintain your project history
- Enable features that rely on historical data
8.2 Account Deactivation (Grace Period)
When you delete your account, it first enters a 30-day deactivation period (see Section 6.3):
- All of your active sessions are revoked immediately and you are signed out of every device.
- Your account becomes inaccessible to you and to any collaborators.
- Your data is retained in full so you can reactivate the account if you change your mind.
- During this window we do not process your data for any new purpose except to enable reactivation.
8.3 After Permanent Deletion
If you do not reactivate within 30 days, your account is permanently deleted:
- Your user profile, projects, participants, interviews, transcripts, summaries, and related records are removed from our active systems. We initiate this removal immediately upon permanent deletion and aim to complete it within seven (7) days.
- Backups may persist for up to 90 days as part of standard backup rotation, after which they are overwritten.
- We may retain a minimal record (such as a log that an account with a given identifier was deleted on a given date) solely where required by law or for fraud prevention.
- Content previously transmitted to third-party processors (see Section 4) is subject to each provider’s own retention policies.
8.4 Soft Deletion of Individual Items
When you delete individual items from within the app (rather than your whole account):
- Content is immediately hidden from view
- It remains recoverable for 30 days (soft delete)
- After 30 days, it is permanently deleted
9. International Data Transfers
9.1 Data Location
Your data is primarily stored and processed in the United States. By using the Service, you consent to the transfer of your information to the United States.
Our third-party processors may process data in various locations:
- Google Cloud Platform: United States (primary), with redundancy in multiple regions
- Google Vertex AI: United States
- Anthropic: United States
- OpenAI: United States
- ElevenLabs: United States and European Union
- LiveKit: Global infrastructure (closest regional server)
All processors are required to maintain appropriate security measures regardless of location.
9.2 Future International Availability
If we expand service to other countries, we will:
- Comply with local data protection laws
- Implement appropriate safeguards for international transfers
- Update this policy to reflect any changes
10. California Privacy Rights
California residents have additional rights under the California Consumer Privacy Act (CCPA):
10.1 Right to Know
You have the right to request information about:
- Categories of personal information we collect
- Sources of personal information
- Purposes for collecting personal information
- Categories of third parties we share information with
10.2 Right to Delete
You have the right to request deletion of your personal information, subject to certain exceptions.
10.3 Right to Non-Discrimination
We will not discriminate against you for exercising your privacy rights.
10.4 Sale of Personal Information
We do not sell personal information and have not sold personal information in the past 12 months.
10.5 Right to Limit Use of Sensitive Personal Information
Audio recordings, video recordings, and the transcripts we generate from them may constitute “sensitive personal information” under California law. We use these recordings and transcripts only to provide the Service to you — for storage, transcription, narrative generation, semantic search across your own content, and your own playback — and not for any secondary purpose such as profiling you, inferring characteristics about you, advertising, or building products outside the scope of what the Service openly offers. We do not sell or share sensitive personal information.
California residents may contact us at legal@backwhen.ai to request additional limitations on use of sensitive personal information beyond what is described in this Privacy Policy. Note that some limitations may make portions of the Service non-functional; we will explain the impact before applying any restriction.
11. Third-Party Links and Services
The Service may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing them with any personal information.
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of material changes by:
- Posting the updated policy in the Service
- Updating the “Last Updated” date
- Sending notice to your registered email address
- Displaying an in-app notification
Your continued use of the Service after changes indicates acceptance of the updated Privacy Policy.
12.1 Updates to Data Processors
We may change or add data processors to improve the Service. We will update this Privacy Policy to reflect any new processors that handle personal data. For material changes to AI or processing providers, we will provide notice through the Service.
13. Privacy Policy for Specific Features
13.1 AI-Generated Content and Model Training
When you use AI features:
- Your prompts and content are processed by our AI providers to generate the requested output (interview questions, summaries, narrative artifacts, etc.).
- Generated content is derived from your input and stored in your account.
- All AI-generated content is based solely on your inputs, not other users’ data.
Your data is yours. Backwhen does not use your personal content to train AI models that benefit other users, and we do not share your content with our AI providers for training purposes. Our AI providers (currently Anthropic, OpenAI, ElevenLabs, and Google Vertex AI) do not use your content to train their models. Today your content is used for inference only — meaning your data is sent to a model to produce an output and is not retained by the model.
Personalization features. Many of Backwhen’s features — including future capabilities such as episode generators — work by drawing on your own historical content (names, voices, arcs from your prior interviews) to produce outputs tailored to you. This is core to how the Service works: it uses your data to serve you, not other users, and any resulting personalization stays within your account. You can stop generating new outputs at any time by ceasing use of the relevant feature, and you can remove the underlying content (or your entire account) using the deletion controls in Section 6.
Internal product improvement. Backwhen may use content from the Service for internal product improvement, evaluation, and quality monitoring — for example, running prompt regression tests, evaluating new AI models against current ones, or fine-tuning internal models used solely for these purposes. Such internal-only use does not produce outputs visible to other users, and the resulting models are not deployed in any user-facing feature. Any feature that would produce cross-user outputs falls under the opt-in floor described next.
Cross-user training requires opt-in. If we ever propose to use your content to train a model whose outputs would be available to other users, or to a model that pools content across accounts — for example, a classifier trained on patterns drawn from many users’ interviews to detect common narrative arc types and surface them as suggestions across the Service — we will request your explicit opt-in consent before doing so, separate from your general acceptance of this Privacy Policy. We will explain what data would be used, what the resulting model would do, and how to withdraw consent. If you withdraw consent we will stop using your data for that purpose and exclude your contributions from future model updates; we cannot guarantee removal of your influence from a model that has already been trained, but we will retire and replace such models on a reasonable schedule.
13.2 Collaborative Projects
When you collaborate:
- Project members can view and contribute to shared content
- You control who has access to each project
- Removing a collaborator revokes their access to future changes
- Collaborators may have already downloaded or saved shared content
For organizational and institutional projects:
- Account administrators are responsible for managing team access
- Organizations must comply with their own data governance policies
- Educational institutions must ensure FERPA compliance where applicable
- Organizations working with children under 13 must ensure COPPA compliance
- We provide project-level access controls but do not monitor compliance with institutional policies
13.3 AI Clients, Agents, and Co-Pilots
When you connect your Backwhen account to a third-party AI client, agent, or co-pilot platform through MCP or API integrations:
Data that may be shared:
- Interview transcripts and summaries
- Project names, descriptions, and metadata
- Participant names and biographical information
- Media files (audio recordings, photos) associated with your projects
- AI-generated narratives, storylines, and stories
Data that is never shared:
- Your authentication credentials or tokens
- Payment and billing information
- Email address or account settings
- Other users’ account information
- Usage quotas or subscription details
- IP addresses, traffic logs, or request geolocation data
Data shared through MCP and API client integrations is provided solely to enable your use of the connected platform. It is not shared for advertising, marketing, or profiling purposes.
These integrations are disabled by default and must be explicitly enabled by the project owner. They are configurable on a per-project basis. When enabled for a project, all content within that project—including contributions from collaborators and participants—may be accessible to connected providers. Project owners are solely responsible for obtaining appropriate consent from contributors and participants before enabling integrations on projects containing their content.
Once your content is transmitted to a third-party provider through an integration you have authorized, that content is subject to the provider’s own privacy policy and data handling practices. We encourage you to review the privacy policies of any provider before authorizing a connection.
Your controls:
- Disable all MCP and API client integrations at any time from the Backwhen settings panel, immediately stopping future data sharing with all connected providers
- Revoke access for individual providers through that provider’s own settings or account management
- Content previously transmitted to a provider is subject to that provider’s own retention policies
13.4 Interview Recordings
For audio/video interviews:
- Audio and video recordings are processed for transcription, narrative generation, and your own playback.
- Original audio/video files are retained for the life of your account unless you delete them, and are removed when you delete the relevant content or your account (see Sections 6 and 8).
- Processing may involve specialized transcription and video analysis services (see Section 4).
- You can download your original recordings at any time.
- Video features will be available in future releases.
Speaker labels. When a recording contains multiple speakers, our transcription provider applies automatic speaker diarization to label segments by voice (e.g., “Speaker 1,” “Speaker 2”). These labels are produced from the audio at the time of transcription, are persisted only as text identifiers within the transcript, and may be reviewed and renamed by you. We do not retain speaker embeddings or any other vocal-characteristic data once transcription completes.
Voice biometrics. Backwhen does not:
- Create, store, or use voiceprints or other biometric identifiers derived from your voice or the voices of contributors;
- Perform voice authentication, voice cloning, or speaker identification (matching voices to known individuals across recordings);
- Use your recordings to train any voice model.
We have intentionally avoided introducing biometric credentials into the Service.
13.5 Health-Related Content
Backwhen is a general storytelling and biography platform. It is not intended to function as a health, medical, mental-health, reproductive-health, or wellness service, and we do not market it as such.
We do not infer health conditions from your content, do not use health-related details that may appear incidentally in user stories for any secondary purpose, and do not sell, rent, or otherwise disclose such details for advertising, profiling, or any purpose unrelated to operating the Service for you. Health-related information that appears in your stories is treated as ordinary User Content subject to the protections in this Privacy Policy, including our commitments not to sell personal information and not to use your content to train AI models that benefit other users (see §13.1).
If you are a resident of Washington State or another jurisdiction with specific consumer-health-data legislation, you may contact us at legal@backwhen.ai with questions about how this posture applies to you.
15. Additional Information for Pre-Release (TestFlight) Users
The Service is generally available through the Apple App Store. From time to time we also distribute pre-release or experimental builds to participating users through Apple TestFlight. If you choose to install a Backwhen build through TestFlight:
- Apple collects certain analytics about app usage and crashes from TestFlight builds and shares them with us to help diagnose issues
- This data helps us evaluate and improve the Service before features are released generally
- Apple’s TestFlight privacy practices apply in addition to this Privacy Policy
- Any feedback you submit through TestFlight is also subject to Apple’s terms
- You may leave the TestFlight program at any time from the TestFlight app without affecting your underlying Backwhen account