Candle Light

Legal

Privacy Policy

Version 2026-06-18 · Effective 18 June 2026

1. Who we are

Candle Light Cloud (the "Service", "we", "us") is a service of Digitalsurfing Limited, registered office 71–75 Shelton Street, Covent Garden, London, WC2H 9JQ, United Kingdom. Digitalsurfing Limited is the data controller for the personal data described in this policy.

You can reach us at legal@candlelight.cloud.

2. What data we collect

We collect only what we need to provide the Service.

  • Account data: name, email, sign-in provider (email, Google, Apple), profile photo if you add one.
  • Profile and life-story content you publish: biography text, achievements, awards, gallery photos and videos, audio, documents you upload, voice dictations, and AI biographer training Q&A.
  • Connected sources: when you link a Facebook account or paste a public page URL, we fetch only what you explicitly authorise.
  • Future-activity data: recipients and contact details for scheduled messages, gifts, tasks, AI presence committees and digital cash grants; the message content; release rules and trusted-contact lists.
  • Location data: map pins you attach to photos or videos in your gallery.
  • Payment metadata: we use Stripe for payments and receive only the metadata Stripe returns (transaction id, plan, amount, customer id). We never see or store full card numbers.
  • Legal acceptances: when you tick the agreement boxes at checkout we record the document name, version, timestamp, the IP address of the request and the browser user-agent string, alongside a unique receipt id.
  • Usage and log data: standard server logs, IP, browser, device, and pages visited, used for security, diagnostics and analytics.
  • Cookies: essential cookies for authentication and session state. We do not run advertising cookies.

3. How we use your data

  • To operate the Service: publish your life story; let the AI biographer draft from your uploads and Q&A; power your AI Presence, committees and foundation features; schedule and deliver future activity (messages, gifts, tasks, digital cash).
  • To handle payments, send transactional emails (receipts, renewal notices), and provide support.
  • To protect the Service: detect abuse, prevent fraud, enforce our Terms of Service and respond to legitimate legal requests.
  • To improve the Service: analyse aggregated, de-identified usage to fix bugs and develop features.

4. Lawful bases (UK GDPR)

  • Contract: processing necessary to provide the Service you signed up for, including paid plans.
  • Legitimate interests: securing the Service, preventing fraud, improving features, and operating our business — balanced against your rights.
  • Consent: for optional integrations (e.g. connecting Facebook) and for any future marketing email. You can withdraw consent at any time.
  • Legal obligation: tax, accounting and lawful disclosure requests.

5. Who we share data with

We do not sell your personal data. We share only with the processors we need to run the Service:

  • Cloud hosting and database providers for storage and backups.
  • Stripe for payment processing.
  • AI model providers used to draft biographies, run your AI Presence and committees, generate avatar video and synthesised voice.
  • Email and SMS delivery providers used to send transactional notices and your scheduled future messages.
  • Google Maps for the gallery map; Facebook when you choose to connect it.

Each processor is bound by a data-processing agreement limiting use of your data to the service they perform for us. When you choose to publish your life story to the open web, the content you marked as public is, by design, visible to anyone with the link.

6. International transfers

Some of our processors are located outside the UK and EEA. Where data is transferred, we rely on UK GDPR safeguards such as the UK International Data Transfer Addendum or the EU Standard Contractual Clauses, and we restrict transfers to providers offering an adequate level of protection.

7. Retention

  • Account data: while your account is active.
  • Published story: for as long as your visibility plan covers, plus a short grace period if the plan lapses.
  • Future activity: until each scheduled message, gift or task has been dispatched or you delete it.
  • Legal acceptance records: for the life of the account plus six years thereafter, to evidence consent.
  • Payment and tax records: retained as long as UK tax law requires (currently six years).
  • Deletion requests: on request we erase personal data within 30 days, subject to the legal-retention exceptions above.

8. Security

We encrypt data in transit (TLS) and at rest, use row-level security so each user can read only their own records, store secrets in a restricted vault, and limit administrative access to a small number of authorised staff. No system is perfectly secure — keep your sign-in credentials safe and tell us promptly if you suspect unauthorised access.

9. Your rights under UK GDPR

You have the right to:

  • Access the personal data we hold about you.
  • Have inaccurate data corrected.
  • Have your data erased ("right to be forgotten").
  • Restrict or object to certain processing.
  • Receive your data in a portable, machine-readable format.
  • Withdraw consent for any processing based on consent.
  • Complain to the UK Information Commissioner's Office (ICO) at ico.org.uk.

To exercise any of these rights, email legal@candlelight.cloud. We respond within 30 days.

10. Children

The Service is for adults aged 18 and over. We do not knowingly collect data from anyone under 18. If you believe a child has provided data to the Service, contact us and we will delete it.

11. Posthumous handling

The Service is designed to operate after your death. You can nominate trusted contacts, configure proof-of-life checks, and set rules for when scheduled messages, gifts and your AI Presence should be released. Trusted contacts only ever receive the information you chose to share with them. If we are notified that you have died, we will follow the instructions you have configured in-app and limit any other disclosure to what UK law requires.

12. Cookies

We use cookies and similar local storage strictly for sign-in, session continuity and security. We do not run third-party advertising trackers. Where a third-party feature you choose to use (e.g. Google Maps, Facebook) sets its own cookies, the provider's own cookie policy applies.

13. Record of your consent

When you tick the Privacy Policy and Terms of Service boxes at checkout, we store an append-only record of that acceptance: the document name, the version you accepted, the date and time, the IP and browser used, and the checkout context. You can view every acceptance and download a printable receipt from the "Legal agreements" section of your Dashboard.

14. Changes to this policy

When we change this policy we bump the version number at the top of the page and, for material changes, notify you by email before they take effect. Older versions remain referenceable from the receipt id stored against any historic acceptance.

15. Contact

Digitalsurfing Limited, 71–75 Shelton Street, Covent Garden, London, WC2H 9JQ, United Kingdom · legal@candlelight.cloud.