SafeAlias
Back

Privacy

Draft, pending counsel review · Last updated 2026-05-03

This page explains, in plain language, what data SafeAlias collects, why, who can see it, and how to remove it. It is the binding privacy notice for your use of the service. If anything below is unclear, write to privacy@safe-alias.app and we will rewrite it.

Who we are

SafeAlias provides privacy and safety tooling for independent professionals. We are not a marketplace: we do not facilitate bookings, take commissions, or display public profiles. The contact address for privacy questions is privacy@safe-alias.app.

What we collect

Account data: a verified email address and the handle you choose. We do not ask for your real name, date of birth, government ID, or photo. Inbox data: aliases you create, message content sent to your aliases by other people, the email of senders who write to you (after they verify it), per-thread notes you write, and the personal blocklist you maintain. Safety data: trusted-contact labels and emails, scheduled check-in details, and the timestamps of confirmations or alerts. Operational logs: a hash of the IP address used to fill the waitlist (salted, non-reversible) so we can rate-limit abuse. We do not retain raw IP addresses beyond the immediate request lifetime.

Why we collect it (lawful basis under GDPR Art. 6)

Performance of a contract (Art. 6(1)(b)) for everything required to operate the inbox, safety check-ins, and account: account, inbox, and safety data above. Legitimate interests (Art. 6(1)(f)) for fraud and abuse prevention via rate-limit hashes and short-lived OTP records. Consent (Art. 6(1)(a)) is not used as a basis for any cookie we set, because every cookie we set is either strictly necessary or set by your explicit action (e.g. choosing a language in Settings).

Who can see your data

Inside the database, row-level security policies restrict each row to its owner: you. SafeAlias staff cannot read your message bodies, notes, contacts, or check-in history through the application. Database administrators may incidentally see metadata (account creation times, message volumes) during operational work. Sub-processors with no application-level access are listed below.

Sub-processors

Supabase (managed Postgres + auth, EU region). Resend (transactional email delivery for OTPs, sender verification, reply notifications, and trusted-contact alerts). Netlify (application hosting and the scheduled functions that drive safety check-in alerts). Lemonsqueezy (payment processing and subscription management for paid plans). Sentry (optional crash and error reporting; only activated when a DSN is configured). All sub-processors are bound by data-processing agreements aligned with GDPR. We will list any new sub-processor here at least 30 days before granting access to production data.

International transfers

Where a sub-processor stores data outside the European Economic Area, we rely on the European Commission's Standard Contractual Clauses (SCCs) and on the sub-processor's own GDPR-Article-32 technical and organisational measures. We do not transfer data to jurisdictions without an adequacy decision or SCC coverage.

Retention

Account, inbox, and safety data are retained for as long as your account is active. When you delete your account from Settings, your profile and everything keyed off it (aliases, threads, messages, notes, trusted contacts, check-ins, and blocklist) are removed from the live database immediately. Encrypted backups roll out within 30 days. Waitlist entries are deleted within 30 days of you signing up for a full account, or on request. Hashed rate-limit and OTP records are short-lived (minutes to hours) and are not used for analytics.

Your rights

Under the GDPR you have the right to access, correct, and delete your personal data; to obtain a copy in a portable format; to object to processing based on legitimate interests; and to lodge a complaint with your supervisory authority. The Settings page lets you correct your handle and delete your account directly. For access and portability requests outside of the in-app flows, email privacy@safe-alias.app and we will respond within 30 days.

Children

SafeAlias is not directed at children under 18. We do not knowingly collect data from minors. If you believe a minor has created an account, write to privacy@safe-alias.app and we will delete the account.

Changes to this policy

We will update this page as the product evolves. Material changes (new sub-processors, new categories of data, changes to retention) will be announced via in-app banner before they take effect. The date below is the last revision.

See also our /cookies, /terms, and /security pages.