The Time Post

Privacy Policy

Last updated: April 13, 2026

1. Introduction

The Time Post ("we", "our", "us") is operated by Axion Web Studio Ltd, a company registered in Ireland (CRO Number: 797850). This Privacy Policy explains how we collect, use, and protect your personal information when you use our digital time capsule service at timepost.ie.

2. Information We Collect

We collect the following information:

  • Account and profile data - Your primary email address, and if you choose to add them, your backup email, name, date of birth, avatar, and preferred payment method
  • Letter and delivery data - Your subject line, letter content, sender signature, recipient email, delivery date, and any videos, photos, or file attachments you upload
  • Payment and transaction data - Payment status, amount, provider, and related transaction metadata. Card and wallet details are processed by our payment providers and are not stored by us
  • Technical and security data - Authentication session data, cookies, anti-abuse verification data, and limited device, browser, IP, and request data needed to secure and operate the service
  • Support and feedback data - Messages you send us and optional feedback you submit about the product

3. How We Use Your Information

  • To create, store, schedule, and deliver your time capsules
  • To authenticate your account using email magic links and support backup-email recovery
  • To process payments and remember your preferred payment method
  • To send service emails such as sign-in links, confirmation links, payment and delivery updates, and recipient confirmation messages
  • To create optional share links for delivered letters when you choose to share them
  • To prevent abuse, fraud, spam, and unauthorized access
  • To review product feedback and, where enabled, measure site usage or ad conversions

4. Data Security

We take security seriously. Letter content is encrypted before storage using AES-256-GCM. Media attachments are stored in managed cloud storage, and access to private media is generally provided through authenticated or signed URLs. We use passwordless authentication via email magic links. If you upload a profile avatar, it may be stored using a public asset URL.

5. Data Retention

Your letters are stored so they can be edited, scheduled, delivered, and viewed afterward. Unpaid or unconfirmed letters may expire and are typically removed after 24 hours. Recipient-confirmation records and public share links may also be deleted when a related letter is deleted or expires. You can delete individual letters or permanently delete your account from within the product. If you need help with a broader data-deletion request, contact us at support@timepost.ie.

6. Third-Party Services

We use the following third-party services:

  • Supabase - Authentication, database, and storage
  • Resend - Transactional email delivery
  • Stripe, PayPal, and Revolut - Payment processing
  • Cloudflare Turnstile - Abuse and bot prevention
  • Google - Analytics or ad-conversion measurement, if enabled in our configuration
  • Vercel - Application hosting and deployment infrastructure

7. Your Rights (GDPR)

Under GDPR, you have the right to:

  • Access your personal data
  • Rectify inaccurate data
  • Request deletion of your data
  • Object to processing
  • Data portability

To exercise these rights, contact us at support@timepost.ie.

8. Contact

For privacy-related inquiries:
Email: support@timepost.ie
Axion Web Studio Ltd, Ireland