Privacy

Message to Heaven – Privacy Notice

Summary

  • We collect only what is necessary to run the service (account data, message content, and technical logs).
  • We do not sell personal data and we do not use messages for advertising.
  • You can delete your account and data yourself.
  • Payments are processed through app stores and payment providers.
  • A release certificate confirms the release and can be verified for authenticity.

This notice is designed to meet Apple App Store requirements and EU data protection standards (GDPR). It explains what we collect, how we use it, and what rights you have.

Data controller

Nuntius OÜ (Message to Heaven)
Email: support@messagetoheaven.fi

What data we collect

  • Account data: email address or sign-in method, and display name (if provided).
  • Message content: your text, image, and audio recording. This is encrypted before leaving your device.
  • Technical logs: timestamps, app version, error logs, and performance diagnostics.
  • Payment data: payment providers process card and transaction details. We receive status, amount, and receipt identifiers, not card numbers.
  • Device and usage data: device model, OS version, language settings, and network country setting (for pricing/tax handling, where applicable).

How we use data

  • Service delivery: message release, queue handling, and certificate generation.
  • Security: abuse prevention, backups, and incident investigation.
  • Customer support: handling support requests and troubleshooting.
  • Payments: purchase processing and receipt handling via payment providers.
  • Legal obligations: accounting and tax records when required.
  • Legal bases for processing (GDPR Art. 6): contract performance, legal obligations, legitimate interests (service security and reliability), and consent where explicitly requested.

Retention periods

Messages and attachments are retained until you delete them in the app. Certificates are retained as technical proof that the release was recorded unless legal or contractual obligations require otherwise. Payment records are retained according to accounting law. Logs are retained for a limited period for reliability and support purposes.

Data sharing

We do not sell your data. We use trusted processors:

  • Firebase (Google): storage and application infrastructure.
  • Payment providers: payment processing and receipts.
  • Apple/Google: app store distribution and platform billing requirements.
  • Make.com and Trello: workflow automation for support email handling.

We may also disclose data where required by law or authority requests, or to protect legitimate interests (for example abuse investigations).

Where data is processed

Data is primarily processed within the EU/EEA. If a provider outside the EU/EEA is used, data is protected with lawful safeguards such as EU Standard Contractual Clauses.

Your rights

  • Right of access to your personal data and a copy of it.
  • Right to rectification and erasure.
  • Right to object to or restrict processing in certain situations.
  • Right to data portability where technically feasible.
  • Right to withdraw consent where processing is based on consent.

You can submit a request at support@messagetoheaven.fi. You also have the right to lodge a complaint with a data protection authority.

Security

  • Messages are encrypted before leaving your device and during transport.
  • Access is restricted using least-privilege principles.
  • Backups and logs are retained in a limited, controlled manner.

Children

The service is not intended for children under 13. We do not knowingly collect personal data from children under 13, and we remove such data when identified.

Changes to this notice

We may update this notice when features or legal requirements change. Material changes are communicated in the app or by email where appropriate.

Contact

Questions and requests related to privacy: support@messagetoheaven.fi

Last updated: 2026-04-20

Need help? Contact usContact support