Souvenyr.film
How it worksWeddingsEventsFamiliesPricingExamples
Sign inCreate event
Data & Security

How we hold your memories.

Souvenyr is built like a private archive, not a social platform. This page is the plain-language version of how the system is engineered to keep your event yours — without dwelling on the parts of the architecture that aren't part of your experience.

Where your media lives

Every file you and your guests upload is held in encrypted storage, keyed under each event's private path. Photos, videos, and voice memories never share a namespace with other people's events. Encryption at rest is AES-256; transport uses TLS 1.2 or higher.

Who can see what

By default, only the host can view an event. Guests can reach the upload page but not the gallery. The reveal page is sealed behind a private share token — never indexed, never linked publicly. You can revoke or replace that token at any time; the prior URL stops working immediately.

Row-level isolation

The underlying database enforces row-level isolation gated by your identity. Even within our own infrastructure, the database itself ensures that your events are visible only to you.

Automated direction

Your contributions are processed by a small number of contracted partners that compose the soundtrack, write editorial captions, and add cinematic light to the film. We have written data-processing agreements with each that forbid retention of your event content beyond what is strictly required to fulfil the request, and that explicitly prohibit use of your content for any model training. If you need the full list for a compliance review, write to security@souvenyr.film and we'll send it.

What we never do

We do not run a public feed. We do not sell your media. We do not allow search engines to index your event pages. We do not enrich your profile from third-party sources. We do not sell or share your contact information. We do not use your event content to train any model, ours or anyone else's.

Backups and retention

Encrypted backups are taken daily and rotated for 14 days. When you archive or delete an event, all media is removed from primary storage within 24 hours and from backups on the standard rotation window.

Export and deletion rights

You can export your data at any time from /settings/privacy. Deleting your account triggers a 30-day grace window, after which all media is permanently destroyed. Guests can request deletion of their own contributions at any point.

Reporting a vulnerability

Write to security@souvenyr.film. We respond within one business day and credit verified findings in our security history.

Data & Security · Souvenyr.film