Privacy Policy

Last updated October 1st, 2025

Introduction

Evera AG ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our digital death notice service at https://web.evera-app.com/ (the "Service").

We are a Swiss company registered in Zurich, Switzerland, and we comply with the Swiss Federal Act on Data Protection (FADP) and the European Union's General Data Protection Regulation (GDPR) where applicable.

By using our Service, you consent to the data practices described in this policy. If you do not agree with this policy, please do not use our Service.

1. Information We Collect

Account Information

When you create an account, we collect:

  • Email address (used as your unique identifier)
  • Full name
  • Password (encrypted and securely stored)
  • Language preference for the application interface
  • Account creation and last update timestamps

Death Notice Information

When you create a death notice, we collect:

  • Personal Details of the Deceased: First name, last name, gender, date of birth, date of death, location
  • Profile Pictures: Uploaded images stored securely on our servers
  • Design Preferences: Language selection, template choice, selected quotes
  • Custom Content: Custom texts, grief messages, obituary text, special requests
  • Family Information: Names and relationships of family members (stored as structured data)
  • Funeral Details: Date, time, venue, address, city, state, zip code, privacy settings
  • Reception Information: Reception details and custom invitation text
  • Donation Information: Organization names, IBAN details, donation purposes, locations, and custom texts
  • Recipients: Email addresses and names of people who will receive the death notice

Authentication & Security Data

  • Email verification status and tokens (with expiry dates)
  • Password reset tokens (with expiry dates)
  • Session information for maintaining your login state

Payment Information

  • Payment status and completion timestamps
  • Payment amounts and currency
  • Stripe payment intent IDs and session IDs (for transaction tracking)
  • Payment card information is processed by Stripe and never stored on our servers

2. How We Use Your Information

We use the collected information for the following purposes:

  • Service Provision: To create, store, and manage your digital death notices
  • Account Management: To create and maintain your user account, authenticate access, and provide customer support
  • Communication: To send death notices to specified recipients and provide service-related notifications
  • Payment Processing: To process payments for our services through our secure payment partner Stripe
  • Service Improvement: To understand how our service is used and improve functionality
  • Legal Compliance: To comply with applicable laws, regulations, and legal requests
  • Security: To protect against fraud, unauthorized access, and other security threats

3. Data Sharing and Disclosure

We do not sell, trade, or otherwise transfer your personal information to third parties except in the following circumstances:

Service Providers

  • Stripe: Payment processing (they have their own privacy policy and security measures)
  • Resend: Email delivery service for sending death notices and account-related emails
  • Amazon Web Services (AWS): Secure cloud storage for uploaded images and files
  • Database Hosting: Secure database services for storing your account and death notice information

Death Notice Recipients

When you send a death notice, we share only the information contained in the death notice with the recipients you specify. Recipients receive an email with a link to view the death notice, which contains the memorial information you have created.

4. Data Storage and Security

Data Location

Your data is stored on secure servers located in Switzerland and the United States. By using our service, you consent to the transfer and processing of your data in these locations.

Security Measures

  • All passwords are encrypted using industry-standard hashing algorithms
  • Data transmission is protected using SSL/TLS encryption
  • Access to personal data is restricted to authorized personnel only
  • File uploads are stored securely on AWS S3 with access controls
  • Regular security assessments and updates

5. Your Rights

Under the GDPR and Swiss data protection law, you have the following rights:

  • Right of Access: Request a copy of the personal data we hold about you
  • Right to Rectification: Request correction of inaccurate or incomplete data
  • Right to Erasure: Request deletion of your personal data (subject to legal and legitimate business requirements)
  • Right to Data Portability: Receive your data in a structured, machine-readable format
  • Right to Object: Object to processing based on legitimate interests

To exercise any of these rights, please contact us at contact@everaapp.com. We will respond to your request within 30 days.

6. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

Evera AG

Zurich 8004

Switzerland

Email: contact@everaapp.com

This Privacy Policy is effective as of October 1st, 2025. Please review this policy regularly as it may be updated from time to time.