top of page
LOGO_MDT

Privacy & Refund Policy

Your privacy matters to us.
This policy explains what personal data we collect, why we collect it, how we protect it and what your rights are.
We keep it human and honest.
 

Version 1.1 · May 10, 2026 

​

1. WHO WE ARE

​

My Dear Tomorrow is operated by JOY, an independent founder based at 8300 Knokke-Heist, Belgium. VAT number: BE 0459.222.546. Contact: hello@mydeartomorrow.com.

​

2. WHAT DATA WE COLLECT

​

We collect only what is necessary to provide our service. This includes your name, email address, the recipient's name and email address, your letter content, your delivery date or conditions, payment confirmation data and technical data necessary for account management and letter delivery.

We do not collect sensitive personal data such as health information, political opinions or financial account details.

​

3. WHY WE COLLECT IT

​

We collect your data for the following purposes: to create and manage your account, to store and deliver your letter on the chosen date or under the chosen conditions, to process your payment through our trusted payment providers, to send you transactional emails related to your purchase and letter management, and to comply with our legal obligations under Belgian and European law.

We do not use your data for advertising, profiling or marketing purposes.

​

4. LEGAL BASIS FOR PROCESSING

​

We process your personal data on the following legal bases: performance of a contract (delivering the service you purchased), compliance with legal obligations (GDPR and Belgian law), and our legitimate interest in operating and maintaining the platform securely.

​

5. WHO HAS ACCESS TO YOUR DATA

​

My Dear Tomorrow works with a limited number of trusted technical partners:

Wix: website hosting and CMS (servers located in Ireland and the United States)

Mollie: payment processing (servers located in the Netherlands and the EU)

PDFShift: PDF generation for letter downloads

Each partner is bound by strict data protection agreements and has no access to the content of your letters for their own purposes.

We do not sell, rent or share your personal data with any third party for commercial purposes.

​

6. YOUR LETTER CONTENT

​

The content of your letter is stored securely and is never read, reviewed or accessed by My Dear Tomorrow staff in normal operations. It is accessible only to you via your secure management link, and to your recipient via their unique delivery link on delivery day.

In exceptional circumstances, such as a court order or legal obligation, My Dear Tomorrow may be required to provide access to account data. The content of letters will only be disclosed if explicitly required by law.

​

7. DATA RETENTION

​

We retain your data as follows:

​

  • Letter content and personal data: deleted 30 days after delivery

  • Cancelled letters: deleted 30 days after cancellation

  • Legacy Letters with unused codes: deleted after 10 years

  • Financial transaction records: retained for 7 years as required by Belgian law

  • Account data: retained for as long as your account is active

 

If you request deletion of your data, we will comply within 30 days, subject to our legal retention obligations.

​

8. YOUR RIGHTS UNDER GDPR

​

As a user based in the EU, you have the following rights:

​

  •   The right to access your personal data

  •   The right to correct inaccurate data

  •   The right to request deletion of your data

  •   The right to restrict or object to processing

  •   The right to data portability

  •   The right to withdraw consent at any time

 

To exercise any of these rights, please contact us at privacy@mydeartomorrow.com. We will respond within 30 days.

If you believe your rights have been violated, you have the right to lodge a complaint with the Belgian Data Protection Authority (Gegevensbeschermingsautoriteit) at www.dataprotectionauthority.be.

​

9. COOKIES

​

My Dear Tomorrow uses cookies that are necessary for the platform to function. We do not use cookies for advertising or tracking purposes beyond what is essential. A cookie notice is displayed on your first visit to our website.

​

10. SECURITY

 

Your data is protected by AES-256 encryption at rest and TLS encryption in transit. All connections to My Dear Tomorrow run over HTTPS. We apply industry best practices to protect your data at every level.

In the unlikely event of a data breach, we will notify affected users and the Belgian Data Protection Authority in accordance with GDPR requirements.

​

11. REFUND AND CANCELLATION POLICY

​

My Dear Tomorrow letters are custom-made digital products, prepared, stored and scheduled from the moment of payment.

Because each letter is created uniquely for you and held securely until its delivery date, all purchases are final.

My Dear Tomorrow does not offer refunds on letter purchases. Once paid, the payment is final, regardless of whether the letter is later delivered, activated, edited or cancelled. This applies to all letter types (Future Letter, Timed Letter, Annual Letter, Legacy Letter and Gift Letter) and to all additional fees paid for changes after purchase.

Future, Timed, Annual and Gift Letters can be cancelled at any time before delivery, from your personal management page,

for a €4 cancellation fee. Cancelling stops future delivery. The letter price itself is not refunded.

The Legacy Letter cannot be cancelled. Once paid, it is sealed and held until your secure unlock code is used by a trusted contact,

or until it expires after 10 years. Without that code, the letter cannot be opened. Not by us. Not by anyone. Ever.

This permanence is part of what makes it a Legacy.

My Dear Tomorrow explicitly invokes the digital content exception under Article 16(m) of the EU Consumer Rights Directive (Directive 2011/83/EU). The service begins immediately upon purchase with the user's explicit consent.

By placing your order, you acknowledge that the right of withdrawal does not apply.

If something goes wrong on our side technically that prevents the service from being delivered as agreed,

please reach out to hello@mydeartomorrow.com and we will resolve the technical issue.

​

12. CHANGES TO THIS POLICY

​

My Dear Tomorrow may update this Privacy & Refund Policy from time to time. The current version is always available at mydeartomorrow.com. We encourage you to review it periodically.

​

13. CONTACT

​

For any privacy-related questions or requests, please contact: privacy@mydeartomorrow.com

For general questions: hello@mydeartomorrow.com

bottom of page