The 1870 Project

Privacy Policy

Last updated: April 2026

The short version: Your DNA screenshots are purged the moment we read them. Your searches are never logged. Your family stories belong to your family. We never sell any of it.

How the platform works

The 1870 Project has two distinct parts with different privacy profiles. Know which one you're using.

Research tools — fully anonymous

Discovery, DNA Decoder, Portraits, Storybook, and the AI Family Guide are all anonymous by design. No account is required. We assign your browser a session token (stored in sessionStorage and localStorage) that carries your credit balance. That token lives only in your browser — we don't associate it with a name, email, or identity. Save your session link to restore your balance later; clear your browser and it's gone.

Our Story Cloud — what you choose to share

When you create a family tree or join one, you're choosing to store family history with us. We store exactly what you put in:

  • Your tree name and a PIN (hashed one-way — we cannot read it)
  • A 30-day session JWT so family members can return without re-entering the PIN
  • Memories your family writes (capped at 1,000 characters each)
  • Photos your family uploads — processed through our quarantine pipeline (see below) and stored until you delete the tree
  • Structured people nodes extracted by AI from family stories you approve

This data is never used for advertising, never sold, and never shared outside your tree.

DNA screenshots — three hard commitments

The DNA Decoder reads screenshots of your DNA results from 23andMe, AncestryDNA, or similar services. We make three commitments that are enforced in code, not just policy:

  • Zero DNA sequencing. We read the ethnicity percentages and match names visible on your screen. We do not sequence, store, or analyze your raw genetic data.
  • Zero health data. We do not extract, store, or analyze any medical or health traits — even if they appear in your screenshot.
  • Zero data brokering. Your screenshots are purged from our servers the instant the text is extracted. Nothing is retained, sold, or shared with genetic data brokers.

Family story submissions

When you send an invite link to a relative (Aunt Sarah, for example), they can submit a story without creating an account. Here's what happens to that story:

  • The text is capped at 1,000 characters before it reaches our AI
  • Our AI (Claude Haiku) extracts names, locations, and dates — the raw story text is not permanently stored
  • The extracted people nodes sit in a pending queue until you approve them — nothing enters your tree automatically
  • If a photo is attached, it goes to an isolated quarantine bucket, is converted to .webp, has all EXIF metadata stripped (GPS, device info, timestamps), and only then moves to your tree's photo storage
  • Rejected submissions are soft-deleted — we keep an audit record but the content is not visible to anyone

What we never collect

  • Your name, address, or phone number (unless you type it into a family story)
  • Tracking cookies or behavioral profiles
  • Your search queries — we run them on your behalf and return results without logging what you searched
  • Email addresses, unless you contact us directly
  • Device fingerprints or IP addresses tied to your identity

Payments

All payments go through Stripe. We never see your card number. Stripe is PCI DSS compliant. We retain a record of the transaction amount and date for tax purposes (7 years, as required by law). No payment is linked to your search history.

Third-party services we use

  • Stripe — payment processing (PCI DSS compliant)
  • AWS — cloud hosting, Lambda compute, S3 storage (SOC 2 compliant)
  • Anthropic Claude — AI extraction for DNA screenshots and family story ingestion. Screenshots and story text are sent to Claude for processing and are not retained by Anthropic for training under our API agreement.
  • Genealogy databases — FamilySearch, Find-A-Grave, NARA, and others. We query these anonymously on your behalf.

Your rights

  • Delete your tree: Contact us and we'll permanently remove all nodes, memories, and photos associated with it
  • Export your data: Use the export button inside your tree at any time — no request needed
  • Withdraw a family story submission: Contact us with the invite link used — we'll remove the pending submission before it's approved
  • Stop using the service: Anonymous session tokens expire on their own. Our Story Cloud data persists until you ask us to delete it.

GDPR & CCPA

Because we collect so little, most rights under GDPR and CCPA are automatically satisfied — there's simply no profile to correct, port, or restrict. If you have a specific request (deletion, access, or objection), email the1870project@gmail.com and we'll respond within 48 hours.

Questions?

Email the1870project@gmail.com — we respond within 2 business days.