Your memories are your own.
Period.
We built yeerbook on the belief that your most personal reflections shouldn't be accessible to anyone but you. Not even us.
Security Architecture
Hybrid End-to-End Encryption
Traditional services trade privacy for convenience. True encrypted services trade convenience for privacy. yeerbook uses a hybrid model that gives you both: total cryptographic privacy by default, with "just-in-time" permissions for AI features and printing.
User-Held Keys
Your master keys are derived from your password on your device. We never see your password, and we never store your master keys.
Ephemeral Grants
When you want our AI to process your month, your app provides Just-in-Time Access using a temporary, short-lived key. It is deleted the moment the task is done.
Signer Privacy
Signer links use URL hash fragments. Browsers never send these to servers, meaning the decryption key for a signature never touches our database.
How we compare
| Feature | Legacy Cloud Apps | yeerbook hybrid | Standard E2EE |
|---|---|---|---|
| Who holds the keys? | You & The Company | Only You | Only You |
| Can the server read it? | Yes (permanently) | Only ephemerally (Briefly, when you request) | No (never) |
| AI Features & Processing | Supported | Supported | Impossible |
| If database is leaked? | Your data is exposed | Your data is safe | Your data is safe |
Privacy Policy
Data Collection & Minimization
We only collect what is necessary to run the service. This includes your email for your account, your shipping address for book delivery, and technical logs (like your IP address) used for security and fraud prevention. Payment information is handled exclusively by Stripe; we never see or store your credit card details. Your content, including photos, voice reflections, and signatures, is encrypted before it ever reaches our servers.
How We Use Your Data
We use your data to generate your monthly reflection prompts, layout your yearbook, and print your physical book. When you authorize AI features, we process your content using temporary keys that are destroyed immediately after use.
Retention & Deletion
You are in control. You can export your data or delete your account at any time. When you delete your account, all your encrypted content is purged from our servers within 30 days.
AI Training & Data Usage
We never use your personal memories, photos, or voice reflections to train AI models. Your data is used exclusively to provide the yeerbook service to you. We believe your history should belong to you, not an algorithm.
Third-Party Sub-processors
We use a small number of trusted partners: Supabase for database and storage, Google AI (Gemini) for temporary photo clustering and transcription, and Stripe for payments. We use enterprise-grade APIs which explicitly state that data sent via the API is not used to train their foundation models.
The "No Master Key" Guarantee
Because we do not hold your master keys, we cannot recover your data if you lose your password. Please ensure you keep your Recovery Phrase in a safe place. Without it, your memories are cryptographically lost forever.
Cookies & Tracking
We believe in a clean web. We do not use cross-site tracking cookies. We only use essential session cookies to keep you logged in and functional.