Document · Privacy

Privacy

What is yours stays yours. The Archive describes both the live data flows in operation today and the verified-privacy model TLTE is becoming.

Simple Summary

◆We collect only what is needed to run the platforms — alias, encrypted credentials, interactions.
◆Operated from the United Kingdom under UK data protection rules.
◆No third-party advertising trackers. No sale of personal data — ever.
◆AI features run server-side; provider keys never reach the browser.
◆You can request export or deletion at any time via Data Rights.

Era status

Now · Aarambam

Identity is alias-based. No real legal identity is collected from regular members. Authentication uses email/password with mandatory verification, or Google sign-in. Sensitive fields (only present for verified creators) are protected by row-level security and never exposed to other members.

Becoming · Nilaiththanmai

Two-layer privacy: a verified identity layer, encrypted and segmented with no central owner, alongside a member-controlled public alias. Real identity becomes mandatory for full participation; public visibility stays optional and controlled.

◇Verified identity infrastructure is in development. Until it is built to standard, alias-only is the honest answer.

What we collect today

Account essentials: alias, encrypted credentials, division and avatar selections, optional theme and notification preferences. For verified creators only: legal name, country, UK phone number, social links, and verification status.

User-generated content: messages across world, zone, and private channels; memories, reflections, channel posts, reactions, community pins, and (for creators) audio and artwork.

Behavioural and derived data: listening history, awakening progress, friend graph, blocks, presence pings, marketplace activity, audit logs of administrative actions.

What we do not collect

No facial biometrics. No KYC enforcement on regular members. No real-money payment data in the current beta. No phone numbers from ordinary members.

Where data lives

Each connected platform is an independent project with its own database. Databases are never shared across platforms. The link between platforms is your Google identity, when you choose to sign in that way.

Platform assets (avatars, audio, artwork) are stored on AWS S3 with path-based ownership enforcement. Auth-related transactional email is sent through the notify.security.vinmin.gg infrastructure.

How long we keep it

Active accounts retain data for the lifetime of the account. Deactivated accounts enter a thirty-day grace window — logging in within that window restores the account. After the window closes, profile and assets are permanently purged and message history is anonymised (the username is replaced with "Deleted User") so other participants' conversations remain coherent.

Sharing

We share data only with infrastructure providers strictly necessary to operate the platforms (Supabase Auth, AWS S3, Lovable AI Gateway, Twilio for creator phone verification), and only under contract. We do not sell, rent, or trade personal data.

Your rights

Access, correct, export, restrict, or delete your data via Data Rights. Withdraw consent at any time. Contact via the Contact page.

Need to act on this?

Make a request or ask a question.

Data request Contact