Skip to main content

Privacy Policy

Effective Date: March 23, 2026

In Plain English

Before the legal text, here is what matters most:

We do NOT sell your data. Ever.
We cannot read your encrypted documents — only you can.
You control who sees your information and when.
Your data is encrypted with AES-256 and protected at rest and in transit.
We only act based on the instructions you configure.
We do not store your banking credentials or access your funds.

Why This Matters

Constellation holds some of the most sensitive information in your life — your accounts, your documents, your family's instructions. We built this platform knowing that trust is earned through transparency, not promises. Every architectural decision, from zero-knowledge encryption to user-controlled access, exists because we believe your data should be yours alone.

Table of Contents

1. Introduction

Constellation (“we,” “our,” or “us”) is a digital life management platform that helps individuals organize their accounts, protect their family, and prepare for life's unexpected moments.

We understand that you are trusting us with deeply personal information — financial accounts, legal documents, family contacts, and private instructions. We take that responsibility seriously. This Privacy Policy explains exactly how we collect, use, and protect your data.

We treat your data like it's our own family's.

2. Information We Collect

A. Information You Provide

  • Your name, email address, and phone number
  • Account credentials (managed securely via Clerk — we never see your password)
  • Trusted contact information (names, emails, phone numbers, roles)
  • Content you upload: documents, photos, videos, messages, and instructions
  • Your preferences for emergency access, activation protocols, and delivery settings

B. Automatically Collected Information

  • Device type and browser information
  • IP address
  • Usage patterns and interaction data (to improve the product)
  • Log files and diagnostic data

C. Financial Information

We do not hold custody of any funds or store banking credentials.

  • When you connect financial services via Plaid, we receive limited metadata only (account names, types, institutions)
  • We never access, control, or move your money
  • Payment processing is handled entirely by Stripe — we never see your card number

D. Identity & Exposure Monitoring

  • If you enable dark web monitoring, we receive breach data from third-party providers
  • This data is used solely to alert you and recommend actions

3. How We Use Your Information

  • Operate the platform and provide your requested services
  • Store and organize your digital life inventory
  • Deliver messages, documents, and instructions to your designated recipients
  • Execute emergency and activation workflows based on your configuration
  • Send transactional notifications (email and SMS) related to your account
  • Improve product performance, reliability, and user experience
  • Detect and prevent fraud, abuse, or unauthorized access

Access is always controlled by you.

4. Delivery of Content to Recipients

When you configure trusted contacts or recipients:

  • We may send them emails or SMS messages containing secure access links
  • Recipients can view content you've designated — they do not automatically receive full access to your account
  • Content access is restricted based on the sensitivity levels and verification methods you configure

Your control: You decide what is shared, with whom, and under what conditions. Recipients only receive access based on your configured rules — never more.

You are responsible for ensuring you have permission to share content with your designated recipients. We are not responsible for how recipients use, store, or distribute content once accessed.

5. Sharing of Information

We never sell your personal information.

We share information only with:

Service Providers

Essential partners that help us operate the platform:

  • Clerk (authentication)
  • Stripe (payment processing)
  • AWS / cloud infrastructure (encrypted storage)
  • Postmark / Twilio (email and SMS delivery)

Legal Requirements

We may disclose information if required by law, regulation, subpoena, or legal process.

Business Transfers

In the event of a merger, acquisition, or sale, your data may be transferred. You will be notified of any material changes.

6. Data Storage and Security

Your data is stored using enterprise-grade cloud infrastructure with multiple layers of protection:

  • Encryption at rest: AES-256-GCM with per-item encryption keys
  • Encryption in transit: TLS 1.2+ for all data transmission
  • Access controls: Role-based permissions and authentication
  • Audit logging: Every significant action is recorded

Zero-knowledge intent: Documents stored in your encrypted vault are protected with per-item keys. Our architecture is designed so that we cannot read your private documents.

No system is completely immune to all threats. While we implement industry-leading safeguards, we cannot guarantee absolute security against every possible attack vector.

7. Data Retention

  • We retain your data while your account is active and as needed to provide services
  • Some data may be retained for legal, compliance, or dispute resolution purposes
  • Upon account deletion, your data is removed subject to backup retention periods (typically 30 days)
  • You can request deletion at any time through your account settings or by contacting support

8. Your Rights and Choices

Depending on your jurisdiction, you may have the right to:

  • Access a copy of your personal data
  • Correct inaccurate information
  • Request deletion of your data
  • Restrict or object to certain processing
  • Export your data in a portable format

You can manage most of these through your account settings, or contact us at support@myconstellationplan.com.

9. Third-Party Services

Constellation integrates with third-party services to provide functionality like authentication, payments, and financial discovery.

  • We are not responsible for the privacy practices of those providers
  • We are not responsible for outages, inaccuracies, or data handling by third parties
  • We recommend reviewing their privacy policies independently

10. Children's Privacy

Constellation is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If we learn that a child has provided us with personal data, we will delete it promptly.

11. International Data Transfers

Your information may be processed and stored in the United States or other jurisdictions where our service providers operate. By using the platform, you consent to such transfers. We take steps to ensure your data is protected in accordance with this policy regardless of where it is processed.

12. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the effective date and notify you via email or in-app notification. We encourage you to review this policy periodically.

13. Contact

If you have questions about this Privacy Policy or how we handle your data:

support@myconstellationplan.com

← Back to Home