Privacy Policy

Last Updated: March 15, 2026 · Effective Date: March 15, 2026

1. Introduction

LastReach LLC ("LastReach," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, store, and protect your personal information when you use our service at lastreach.app (the "Service").

By using the Service, you consent to the data practices described in this Privacy Policy. LastReach LLC is a Wyoming limited liability company. For questions about this Privacy Policy, contact us at privacy@lastreach.app.

2. Information We Collect

2.1 Information You Provide Directly

We collect information that you voluntarily provide to us, including:

Account Information:

  • Email address (required for account creation)
  • Full name
  • Password (stored as encrypted hash only)
  • Phone number (if you enable SMS features)

Content You Create:

  • Task titles and descriptions
  • Message content and SMS message text (stored encrypted)
  • Email subjects
  • File attachments and uploads
  • Recipient information (names, email addresses, phone numbers)

Proof-of-Life Preferences:

  • Check-in frequency settings (daily, weekly, monthly)
  • Grace period settings
  • Missed check threshold settings
  • Custom proof-of-life schedules (for Max tier users)

Payment Information:

  • Billing information (processed and stored by Stripe, our payment processor)
  • Subscription plan and billing history
  • We do not store your full credit card numbers

2.2 Information Collected Automatically

When you use the Service, we automatically collect:

  • Pages you visit within the Service and features you use
  • Actions you take (creating tasks, responding to proof-of-life checks)
  • IP address, browser type and version, operating system
  • Device type (desktop, mobile, tablet)
  • Session cookies (required for Service functionality)
  • Authentication tokens

We do not use third-party advertising cookies or tracking pixels.

2.3 Information from Third Parties

Stripe provides transaction status and subscription information. We do not purchase or otherwise obtain personal information from data brokers.

3. How We Use Your Information

We use your information to:

  • Create and maintain your account and authenticate your identity
  • Store and encrypt your messages and files
  • Send automated proof-of-life check-in emails and SMS
  • Deliver your messages to designated recipients when triggered
  • Process your subscription payments and provide customer support
  • Analyze usage patterns and improve Service functionality
  • Detect and prevent fraud, spam, and abuse
  • Comply with applicable laws and regulations

4. How We Share Your Information

4.1 With Message Recipients

We share your content (messages, files, subject lines) with the recipients you designate when a proof-of-life check deadline is missed and conditions are met. We only share content with recipients you specify.

4.2 With Service Providers

We share information with trusted third-party service providers:

  • Vercel — Web hosting and content delivery
  • Supabase — Database hosting and management
  • Resend — Email delivery service
  • Twilio — SMS delivery service
  • Stripe — Payment processing and subscription management
  • Google reCAPTCHA — Spam prevention and bot detection

4.3 For Legal Reasons

We may disclose your information when required by law, to comply with valid subpoenas or court orders, to enforce our Terms of Service, or to prevent imminent physical harm.

4.4 What We Do NOT Share

We do not sell your personal information to third parties, share your information with advertisers, or rent or lease your information.

5. Data Security

We implement industry-standard security measures:

  • AES-256-GCM encryption for all stored file attachments
  • AES-256-GCM encryption at rest for all task message bodies and SMS content — content is only decrypted when you view your task or when delivered to recipients
  • Bcrypt password hashing with salt (we never store plain-text passwords)
  • HTTPS/TLS encryption for all data in transit
  • Role-based access controls and multi-factor authentication
  • Regular security testing and audits

In the event of a data breach, we will notify affected users within 72 hours of discovering the breach and report to relevant authorities as required by law.

6. Data Retention

  • Active Accounts: Data retained indefinitely while account is active
  • Deleted Accounts: Data permanently deleted within 30 days of account deletion
  • Backup Systems: Data removed from backups within 90 days
  • Legal Holds: Data preserved as required by law or litigation

7. Your Privacy Rights

You have the right to:

  • Access your data — View and export all personal information we hold about you
  • Correct inaccurate information — Update your profile information directly in your dashboard
  • Delete your account — Delete your account and all associated data at any time from your dashboard
  • Object to processing — Opt-out of marketing emails at any time
  • Withdraw consent — Where processing is based on consent

To exercise your rights, log into your account dashboard or email privacy@lastreach.app. We will respond within 30 days.

8. Cookies and Tracking Technologies

We use the following types of cookies:

  • Essential Cookies (Required): Session cookies for authentication, security cookies to prevent fraud
  • Analytics Cookies (Optional): Vercel Analytics to understand Service usage (anonymized, do not identify you personally)
  • Google reCAPTCHA: Used for spam prevention
  • Stripe: May set cookies during checkout

Note: Disabling essential cookies may prevent you from using the Service.

9. Third-Party Services

Our Service relies on these third-party providers:

  • Stripe — Payment processing
  • Resend — Email delivery
  • Twilio — SMS delivery
  • Vercel — Hosting and analytics
  • Supabase — Database hosting
  • Google reCAPTCHA — Spam and bot prevention

10. International Data Transfers

Your data may be stored and processed in the United States and other countries where our service providers operate. By using the Service, you consent to these transfers. We implement appropriate safeguards including standard contractual clauses for international transfers.

11. Children's Privacy

Our Service is not intended for users under 18 years of age. We do not knowingly collect information from children. If we discover that we have collected information from a child under 18, we will delete that information immediately and terminate the account. Parents may contact privacy@lastreach.app.

12. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the CCPA:

  • Right to Know — What personal information we collect, how we use it, and who we share it with
  • Right to Delete — Request deletion of your personal information
  • Right to Opt-Out — We do not sell personal information; no opt-out is necessary
  • Right to Non-Discrimination — We will not discriminate against you for exercising your rights

California residents can exercise these rights by emailing privacy@lastreach.app. We will respond within 45 days of receiving a verifiable request.

13. European Privacy Rights (GDPR)

For users in the EEA, UK, and Switzerland, we process your data based on contract performance, legitimate interests, legal obligation, and consent. You have the right to:

  • Access and rectify your personal data
  • Erase your data ("right to be forgotten")
  • Restrict processing and data portability
  • Object to processing
  • Not be subject to automated decision-making

For GDPR inquiries, email privacy@lastreach.app with subject line "GDPR Request". You also have the right to lodge a complaint with your local data protection authority.

14. Marketing Communications

We may send transactional emails (proof-of-life checks, account notifications, security alerts, billing updates) which are required for Service operation and cannot be opted out of. We may also send optional marketing emails (product updates, tips, promotions) which you can opt out of by clicking "unsubscribe" in any marketing email or updating preferences in your account settings.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will update the "Last Updated" date at the top of this page. For material changes, we will notify you by email. Your continued use of the Service after changes take effect constitutes acceptance of the updated Privacy Policy.

16. Contact Us

For questions about this Privacy Policy or our privacy practices:

Email: privacy@lastreach.app

General Support: support@lastreach.app

Abuse Reports: report@lastreach.app

Legal Matters: legal@lastreach.app

LastReach LLC · Wyoming, United States

BY USING THE SERVICE, YOU ACKNOWLEDGE THAT YOU HAVE READ, UNDERSTOOD, AND AGREE TO THIS PRIVACY POLICY.

© 2026 LastReach LLC. All rights reserved.

30 N Gould St Ste N, Sheridan, WY 82801