Legal

Privacy Policy

Last updated: April 2026

First Light is not a law firm and does not provide legal advice. Documents generated through First Light should be reviewed by a licensed attorney before signing.

What data we collect

First Light is designed to protect your privacy. Here is exactly what we collect and why:

Assessment answers— Your responses to the 20 estate planning questions are stored in your browser's sessionStorage only. They are not sent to our servers unless you choose to create an account and generate documents.
Account information — If you create an account, we collect your email address through Supabase (our authentication provider). We do not collect your name unless you provide it.
Vault data — If you use First Light Vault to store your documents, your document data is encrypted and stored in Supabase. We do not read the contents of your documents.
Payment information — Payments are processed by Stripe. First Light never sees or stores your card number, expiration date, or CVV. Stripe handles all payment data.

What we do not collect

No third-party analytics (no Google Analytics, no Meta Pixel)
No advertising trackers or ad targeting cookies
No payment card data (handled entirely by Stripe)
No session data if you do not create an account

How we use your data

If you create an account, we use your email to:

Authenticate you when you log in
Deliver document download links
Send transactional emails related to your account (receipts, document access)

We do not sell your data. We do not share your data with third parties except as required to operate the service (Supabase for auth and storage, Stripe for payments).

Supabase

First Light uses Supabase for authentication and document vault storage. Supabase stores data in the United States. You can review Supabase's privacy practices at supabase.com/privacy.

Stripe

Payment processing is handled by Stripe, Inc. When you purchase a document, you interact directly with Stripe's secure payment form. First Light receives a confirmation of the transaction but never your payment card information. You can review Stripe's privacy policy at stripe.com/privacy.

Cookies

First Light uses only functional cookies necessary to operate the site — for example, to keep you logged in. We do not use tracking or advertising cookies.

Data retention

If you do not create an account, no personal data is retained on our servers after your browser session ends. If you create an account, your data is retained until you request deletion.

To request deletion of your account and data, email legal@getfirstlight.com.

Changes to this policy

We may update this policy as First Light evolves. Material changes will be communicated to users with accounts via email. The date at the top of this page reflects when the policy was last updated.

Contact

Questions about your data or this policy? legal@getfirstlight.com