Privacy Policy

Family Tree by Replica Replica is a personal genealogy tool. You record your family on a private canvas that only you can see. We do not sell your data, we do not use it to train models, and we do not run ads. Your tree is stored on servers in Australia. You can export it any time, and you can delete your account from settings.

This policy is the long version of the same idea. It applies to everyone who uses familytree.replicareplica.xyz.

Family Tree is operated by a sole trader trading as Replica Replica, registered in Australia. Replica Replica is the data controller for the personal information described in this policy.

You can reach us at support@replicareplica.xyz. The same address handles privacy questions, data-subject requests, and general support.

Your account

When you sign up we collect your email address and a hashed password. We use a third-party identity provider, Stack Auth, to handle sign-in, password storage, and session tokens. Stack Auth holds this information on our behalf. We do not see your password in plain text at any point.

Your account is also associated with a session cookie that we set on your browser when you sign in. The cookie is HTTP-only, secure, and used only to keep you signed in.

Your tree

Everything you record in a tree is held in a database operated by Neon, hosted in Australia (Sydney). This includes:

• Names, dates, gender, and relationships of the people you add.
• Optional fields you choose to record, including nicknames, maiden name, occupation, religion, nationality, title, suffix, burial place, cause of death, and free-text notes.
• Life events you attach to a person, with dates and notes.
• Photo URLs you paste in. We store the URL as plain text. We do not download the image, we do not host it, and we do not extract any metadata from it.
• Your layout preferences and other settings tied to the tree.

Server logs

Our server keeps short-lived request logs to operate the service and catch abuse. Logs include the IP address the request came from, the user agent, the URL requested, and a timestamp. They are retained for up to 30 days and are not joined with your tree contents.

• We do not sell, rent, or trade your data to anyone.
• We do not use your tree, or anything in it, to train models.
• We do not run advertising on the service.
• We do not load third-party trackers inside the app. The pages you see after signing in load assets only from our own domain.
• We do not collect or process DNA data, ever.
• We do not use AI to guess your relatives, suggest matches, or enrich your records.

A genealogy tool is unusual: when you record your family, you enter personal information about people who did not sign up for our service. We take that seriously and we want to be honest about how we handle it.

Trees are private by default. Only the account that owns a tree can see it. Trees are not search-indexed and there is no public profile page. We do not have any product surface that exposes one user's tree to another user, and we have no plans to build one.

If you believe a relative of yours holds a tree that includes you, and you would like to know what is recorded or have it removed, email us at support@replicareplica.xyz with your name, your date of birth, and the name of the relative you suspect holds the tree. We will search our records, contact the tree owner with a 30-day removal request, remove the disputed fields if the owner does not respond, and tell you the outcome. We cannot share the tree itself, and we cannot disclose who else may be on it.

This process applies to records you typed in by hand and to records you imported from a GEDCOM file or other format. Importing a third-party file does not change your obligations as the author of the tree.

Your tree is stored in a database in Australia (Sydney). The application that serves the website also runs in Sydney. We do not replicate or back up your data outside Australia.

Your account credentials (email, hashed password, sessions) are held by Stack Auth, our identity provider, which may store them outside Australia. We do not control the residency of credential data, but we do control everything we store about your tree.

You can ask us for any of the following at any time. Australia's Privacy Principles cover most of these for people inside Australia, and we extend the same rights to anyone, anywhere, who asks.

• Access. A copy of the personal information we hold about you. You can export each of your trees as PDF, JSON, or GEDCOM from the tree menu without asking us. For account-level data and anything else, email support@replicareplica.xyz from your account address.
• Correction. Most fields can be edited directly from the tree. For anything you cannot reach in the product, email us.
• Deletion. You can delete your account from /settings → Delete account. Deletion is hard: the account, every tree, and every person on it is removed immediately, and we keep an encrypted backup for up to 30 days against operational mishap before purging it. We do not delete accounts in response to email alone, because email addresses are not strong authentication for an irreversible action.
• Portability. Tree exports come in machine-readable formats (JSON, GEDCOM) so you can move your data to another service.
• Complaint. If you believe we have mishandled your data, you can complain to us first, and you can also complain to your local data protection authority. In Australia that is the Office of the Australian Information Commissioner (OAIC), reachable at oaic.gov.au.

• Your tree and account: until you delete the account, or 12 months after the account becomes inactive (no sign-in, no edits) and we send a notice. We have not yet automated the inactivity sweep.
• Server logs: up to 30 days.
• Encrypted backups of deleted accounts: up to 30 days, then purged.

We set one cookie, used only to keep you signed in. It is HTTP-only and secure, and it is removed when you sign out or when it expires.

We do not use third-party cookies inside the app. We do not use tracking pixels.

We use TLS for everything. Passwords are hashed by our identity provider. We follow the security headers and content security policy described in our changelog. We do not promise the service is unbreakable, but we treat security work as a first-class part of operating it.

If you believe you have found a security issue, please email security@replicareplica.xyz. We commit to a 90-day responsible-disclosure window, and we will not pursue legal action against good-faith research.

Family Tree is not designed for children. By creating an account you confirm you are at least 13 years old. If we learn that an account belongs to a child below this age, we will close the account and delete the data on request. Reach us at support@replicareplica.xyz.

Cosmetic edits (typos, link fixes, clearer wording) ship without notice. The “Last updated” date at the top of the page changes when they do.

Material changes trigger an email to all account holders with the amended text and a 30-day notice before the change takes effect. Material means: expanding the categories of data we collect, narrowing your rights, or introducing a new third party that processes your data on our behalf.

Everything except security disclosures: support@replicareplica.xyz. The same address handles privacy questions, data-subject requests, and general support.

Security issues: security@replicareplica.xyz.