Data protection
This Privacy Policy comprehensively describes which personal data the Emoria platform processes for accounts, memorial pages, virtual memorial candles, subscriptions, media uploads, family and family-tree functions, forum, condolence and comment functions, partner and marketplace functions, email communication and support processes — for which purposes, on which legal basis, for how long and with which recipients. It also informs about international data transfers, processors used, security and bot-protection technologies in use as well as your rights as a data subject under the GDPR.
Emoria regularly processes information about deceased persons as well as information about loved ones, mourners, contributors and other living persons. For content that users publish on a memorial page, the respective user remains responsible for ensuring that there is a legal basis for it and that no third-party rights are infringed.
The platform supports three visibility levels: public, invitation only and password protected. Public content may appear in archives, feeds, search functions and social previews. Non-public content is only accessible to authorised persons and is protected by technical access restrictions.
For paid virtual memorial candles and subscriptions, Emoria processes contract, order and payment data. Payments are processed via Stripe. This may include Stripe customer numbers, checkout or payment-intent IDs, amounts, currencies, payment status and tax-relevant information.
To determine the pricing country and currency, we process the approximate geographical origin of your request based on server-side geo headers of our hosting provider. Precise location tracking or permanent storage of your IP address for this purpose does not take place.
Subscriptions and storage plans may control plan-based limits such as the number of memorial pages, storage volume, file types, file sizes and video features. To enforce these limits, plan-related usage data is processed.
Media uploads are stored in a private AWS S3 bucket in the region eu-central-1. Delivery is controlled via server-side access restrictions, stable internal media paths or time-limited access caches. Permanently signed retrieval URLs are not stored as a primary reference.
For technical optimisation, image variants, preview images, file metadata and storage usage values may be generated. Plan-based storage quotas are taken into account during uploads and further media processing.
Emoria uses technically necessary and functional cookies as well as comparable local-storage mechanisms, in particular for login sessions, password access to protected memorial pages, cart functions, stored region preferences and storing your consent selection.
Your selection regarding analytics and marketing technologies is stored in the cookie `emoria_cookie_consent`. In addition, depending on your consent, marketing cookies such as `_fbp` and `_fbc` may be set or deleted again upon withdrawal.
A separate overview of the individual cookies and local-storage mechanisms can be found in the Cookie Policy on this website. There you can also adjust your selection again.
For reach measurement, Emoria uses the Google Analytics 4 Measurement Protocol on the server side. No client-side analytics cookies are set in this context. Instead, an anonymised, daily rotating identifier is generated server-side from technical request characteristics by hashing. This processing only takes place if you have consented to the analytics category.
For marketing and campaign measurement, Emoria may use Meta Pixel in the browser as well as the Meta Conversions API on the server side after corresponding consent. This may involve the processing or transmission to Meta of, in particular, page views, UTM/campaign references, technical request data, device information, shortened or hashed identifiers, order and conversion events as well as Meta-specific cookie information such as `_fbp` and `_fbc`.
Insofar as personal or personally identifiable data is transmitted to Google or Meta in this context, this is done exclusively on the basis of your respective consent or another applicable data protection legal basis and in compliance with the safeguards required for international data transfers.
Emoria currently sends primarily transactional and system-related emails that are necessary for the performance of the contract, the management of your account and the security of the platform (e.g. registration confirmations, login codes, password notices, order confirmations, payment and invoice receipts, security-related notices and notifications about activities on memorial pages you manage or follow). These emails may also be sent without separate marketing consent insofar as they are necessary for the contract, account or security. The legal basis is Art. 6(1)(b) GDPR or Art. 6(1)(f) GDPR.
If you actively sign up in the future for a newsletter, product information or other marketing emails, this is done exclusively on the basis of your express consent pursuant to Art. 6(1)(a) GDPR and § 7(2) no. 3 UWG. We use a double opt-in procedure for this purpose: after your registration, you will receive a confirmation email which you must actively confirm. You may withdraw a given consent at any time via the unsubscribe link in any marketing email or by notifying our contact addresses, with effect for the future.
In the context of email delivery, Emoria processes your email address, sending and delivery information, language and segment data and, where applicable, the time of sign-up, confirmation, unsubscribe and individual sending events.
Emoria may use open-tracking pixels and click-tracking links in its own emails to track delivery, opens, interactions, unsubscribes and the performance of email campaigns. Unsubscribe links and legally required links are not rewritten for click measurement.
Data processing agreements pursuant to Art. 28 GDPR or the data processing agreements (DPAs) offered by the respective provider are in place with all processors that process personal data on our behalf.
Insofar as recipients are based outside the EEA or data access from third countries — in particular the USA — cannot be excluded, such transfers take place on the basis of appropriate safeguards, in particular EU Standard Contractual Clauses (SCC) pursuant to Implementing Decision (EU) 2021/914, certification under the EU-US Data Privacy Framework (where the respective provider is certified) or other legally permissible transfer mechanisms including supplementary protective measures.
In detail, we use the following recipients and processors:
Account data and publicly visible content are generally stored for as long as the user account or the respective memorial page is actively operated or there are legitimate retention interests.
In the event of prolonged inactivity of a user account (reference value: 36 months without login and without any paid booking), we may delete or anonymise the account after prior advance warning by email. The date of the last successful login is processed for this purpose.
Order, payment and accounting-relevant data are stored in accordance with statutory retention periods (in particular Section 257 HGB, Section 147 AO, regularly 6-10 years).
Server access logs (e.g. hosting logs of the Vercel infrastructure) are generally deleted or overwritten automatically within 30 days, insofar as they are not still required to defend against specific security incidents.
Temporary tokens, upload intermediate states, access caches and comparable auxiliary data are stored for significantly shorter periods or deleted automatically as soon as they are no longer needed.
When a user account is deleted, account master data is anonymised insofar as this is necessary to safeguard data integrity, fulfil statutory retention obligations or document completed processes.
Requests regarding data subject rights can be addressed to privacy@emoria.app or hello@emoria.app.
Requests for access, data portability or erasure are processed via the contact channels mentioned. An automated self-service data export is in preparation; until it is available, we answer access and data portability requests manually within the statutory deadlines.
Emoria is aimed at users aged 16 and over. By registering, you confirm that you are at least 16 years old. If your residence is in an EU member state in which a higher age limit applies under Art. 8 GDPR, this higher age limit applies.
If we become aware that a person under the age of 16 has created an account without the consent of their legal guardians, we will block or delete the account and the associated data.
Emoria offers an integrated feedback function via which users can submit bug reports, suggestions for improvement and other feedback directly from within the platform.
The following data is processed in this context: the message entered by the user, the selected category, an optional title, the optionally provided email address, as well as automatically captured technical context data (current page URL, page path, language setting, viewport size, browser and device information).
For logged-in users, the feedback is associated with the existing user account. Users who are not logged in may optionally provide an email address for follow-up contact.
The legal basis for processing is Art. 6(1)(a) GDPR (consent). Consent is obtained via a checkbox before the feedback is submitted and can be withdrawn at any time with effect for the future.
Feedback data is used exclusively for bug fixing, quality assurance and further development of the platform. No disclosure to third parties takes place unless this is necessary for the technical provision of the platform (e.g. hosting provider).
Feedback data is deleted as soon as the associated matter has been resolved and there are no longer any legitimate retention interests, but no later than 24 months after submission. Users may request the deletion of their feedback data at any time via hello@emoria.app or privacy@emoria.app.
The family-tree and family functions allow users to model relationships between deceased persons, living relatives and other contributors. In particular, this involves processing kinship designations, life dates, places of birth and death, photo links and voluntary profile information.
If you create relationships involving living persons or store data of living persons (e.g. parents, siblings, children), you as the uploading user remain responsible for ensuring that a legal basis exists for the processing of this data (in particular consent of the data subject or another legal basis under Art. 6(1) GDPR).
Insofar as automated link suggestions (e.g. potential family-tree merges) compare data from different users, this is done exclusively server-side on the basis of data already stored. A consolidation of family-tree content is only carried out after express confirmation by both participating users.
Entries in the condolence book, in forum areas or in comment functions are published with the display name you have chosen and, where applicable, a profile picture. If the associated memorial page is public, these entries are likewise publicly accessible; for private or password-protected memorial pages, the respective access restrictions apply.
For moderation, spam mitigation and enforcement of the terms of use, we may review, approve, block, unpublish or delete entries with regard to their content. To this end, content, creation timestamps, language settings, technical metadata and, where applicable, reports from other users are processed. The legal basis is Art. 6(1)(b) GDPR (performance of contract) and Art. 6(1)(f) GDPR (legitimate interest in platform integrity and protection of third parties).
Insulting, unlawful or grief-violating entries will be removed without undue delay upon notice or upon obtaining knowledge.
To protect the platform against abusive use, automated attacks, brute-force attempts, spam bots and scraping activities, we use technical security mechanisms. These include in particular Cloudflare Turnstile (free CAPTCHA alternative on login, registration and contact forms) as well as the server-side bot protection Vercel BotID.
In the context of every HTTP request, the hosting infrastructure temporarily processes technical data such as IP address, date and time of the request, requested URL, HTTP status code, referrer URL, user agent, approximate geographical origin (based on server-side geo headers) and security-relevant headers. This data is processed exclusively for security, performance and stability purposes.
Server logs of the Vercel infrastructure are generally deleted or overwritten automatically within 30 days, insofar as they are not still required to defend against specific security incidents. The legal basis is Art. 6(1)(f) GDPR (legitimate interest in IT security and stability).
We implement technical and organisational measures (TOMs) to protect your data against unauthorised access, loss and manipulation. These include in particular continuous transport encryption via TLS 1.2/1.3, controlled delivery of media from private S3 buckets exclusively via server-side signed or access-checked paths, hashing of passwords using modern procedures, pseudonymisation of internal identifiers and a strict separation of production, preview and development environments.
The database infrastructure (Neon) and object storage (AWS S3) are operated in European data centres (region eu-central-1, Frankfurt). Backups are stored in encrypted form and created at regular intervals.
Access to productive systems is restricted to a small group of authorised persons and is logged.
Automated individual decision-making with legal effect for you or with similarly significant impact within the meaning of Art. 22 GDPR does not take place. In particular, no automated profiling for credit decisions, contract conclusions or the automatic blocking of accounts is carried out.
Upstream technical protection mechanisms (e.g. bot detection, rate limits, CAPTCHA) may temporarily block individual requests; this does not, however, constitute automated decision-making within the meaning of Art. 22 GDPR, since no final legal or comparably significant effect is produced.
We reserve the right to adapt this Privacy Policy so that it always meets current legal requirements or to implement changes to our services, for example when introducing new functions or new processors.
The respective current version is available on this page. In the event of significant changes, in particular changes that require renewed consent, we will actively inform you (e.g. by email to the stored contact address or via a notice within the platform).
Status of this Privacy Policy: 07 May 2026. For questions please contact privacy@emoria.app.