Privacy policy

This policy covers anyone who creates an experience on Uspamin (the sender), anyone who opens a shared link (the recipient), and anyone who pays the £10 permanent-keep fee.

We don't require accounts. We don't ask for email addresses. We don't run third-party analytics. We don't track you across sites. We don't set advertising or marketing cookies.

When you create an experience, we store:

• The recipient's name and your name (first names only are enough)
• The occasion, if you entered one
• The final message and any type-specific content (questions, pairs, story pages, dates, etc.)
• Any images you upload — stored under random filenames so they are not guessable
• Two unguessable tokens (share token and delete token) that act as the only keys to the experience

When someone opens a share link, we store:

• A view counter (how many times the link has been opened)
• The time of the last view
• The IP address of the opener briefly — only as part of normal web-server request logging on our hosting provider. We do not cross-reference it with other data.

We do not store the recipient's email, phone number, device identifier, or name (unless the sender typed it in the recipient field).

Your content and images are held by reputable European infrastructure providers on our behalf, each under their own privacy terms.

Image URLs are random and unguessable, and are not listed anywhere. The only way to reach them is through the share link.

Free experiences auto-expire 30 days after they are created. They are soft-expired for up to 7 further days (either side can still pay to restore them), and then hard-deleted — content, images, everything. After hard-deletion, we do not keep a copy.

Paid experiences (kept forever) remain until you delete them via the contact page or we shut the service down.

Standard web-server request logs are retained for a short rolling window by our hosting provider.

Payments are handled by Stripe. When you click "Keep it forever", you are redirected to Stripe's own hosted checkout. We do not see or store your card number, CVC, or billing address. Stripe returns to us only a payment ID, which we attach to the experience so we know it has been paid for.

Stripe's handling of your payment data is governed by their own privacy policy: stripe.com/privacy.

We do not use cookies for tracking, analytics, or advertising. The only cookies that may be set are essential cookies used to serve the site and, during a payment, by our payment processor's checkout flow.

You can delete your experience at any time from your delete link (unless it has been paid to keep forever; in that case, use the contact page).

Because we do not collect identifying information beyond the names and content you chose to include, we cannot usually locate an experience from a person's name alone. To exercise any data rights granted by your local law (access, correction, deletion, portability), use the contact page with the share link or delete link so we can find the specific record.

Uspamin is not directed at children under 13, and we ask that senders do not upload content that would identify a child.

If this policy changes materially, the date at the top of this page will be updated. There is no email list to notify, by design.

For any privacy question or removal request: use the contact page.