Do I need video editing skills?

Not at all. 60 Second Message handles all the editing for you. Contributors simply record their clips, and you arrange them, choose frames, transitions, and music — then hit create. No technical skills required.

Do contributors need to download an app?

No. Contributors record directly in their browser using a unique link you send them. No app install, no sign-up — just click and record. The native app is optional and primarily for organisers.

How long can each video message be?

Each contributor records a message up to 60 seconds long. The final compiled video combines all contributions into one seamless tribute.

What occasions can I use this for?

Birthdays, memorials, farewells, retirements, weddings, graduations, baby showers, thank yous, anniversaries, get well soon messages — any occasion where a group video tribute would be meaningful.

How do I invite people to contribute?

Send personalised email invitations directly from the app. Each person receives a unique recording link. You can track who has contributed at a glance. If your invitees don't receive the invitation, please ask them to check their spam folder — some email clients aggressively quarantine emails.

What happens to my video after 30 days?

Compiled videos are hosted for 30 days, included with every event. After that, you can extend hosting for $4.99/month if you'd like to keep it available online. You can always download your video before it expires.

What video quality options are available?

Three tiers: Standard (720p HD), High (1080p Full HD), and Premium (1080p+ High Bitrate). Pricing varies by quality and the number of contributors.

Is my payment a one-time fee or a subscription?

Strictly pay-per-event. No subscriptions, no hidden fees. You only pay when you create an event.

Can I contribute a photo instead of a video?

Yes! The event organiser can intersperse photos and custom text cards between video clips when arranging the final tribute. So even if someone can't record a video, their contribution can still be part of the finished piece.

60 Second Message — Video Tributes Made Simple

Last updated: April 2026

60 Second Message ("we", "us", or "our") operates the website sixtysecondmessage.com, the 60 Second Message mobile application, and the web-based video recorder (collectively, the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

We are based in Australia and comply with the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). Where applicable, we also comply with the European Union General Data Protection Regulation (GDPR).

By using the Service, you agree to the collection and use of information in accordance with this policy.

1. Information We Collect

1.1 Account Information

When you create an account (as an organiser), we collect your name and email address. Authentication is handled through Supabase Auth, which supports email/password and social login providers.

1.2 Contributor Information

When an organiser invites contributors, we collect their name and email address (as provided by the organiser) for the purpose of sending invitations. Contributors do not need to create an account.

1.3 Video Recordings

We collect video and audio recordings that contributors submit through the web recorder or native mobile app. These recordings are uploaded to our storage infrastructure for processing and compilation into the final tribute video.

1.4 Device and Technical Information

We automatically collect certain technical information when you use the Service, including browser type and version, device type, operating system, IP address, and general location (country/region level). This information is used to ensure the Service functions correctly and to diagnose technical issues.

1.5 Payment Information

Payment processing is handled entirely by Stripe. We do not store your full credit card number, CVV, or other sensitive payment details on our servers. We receive and store a record of the transaction, including the amount paid, currency, and Stripe customer ID.

1.6 Consent Records

Before recording a video, contributors must provide explicit consent via a checkbox. We store a record of this consent, including the timestamp and the version of the terms agreed to.

2. How We Use Your Information

We use the information we collect to:

Provide, operate, and maintain the Service
Process and compile video tributes as requested by organisers
Send event invitations to contributors via email
Send reminders and notifications related to events
Process payments and manage billing
Respond to your enquiries and provide customer support
Detect and prevent fraud or abuse of the Service
Comply with legal obligations
Improve and optimise the Service

We do not use your video content for advertising, machine learning training, or any purpose other than delivering the Service to you.

3. How We Share Your Information

We do not sell your personal information. We share information with the following categories of third-party service providers solely to operate the Service:

Cloud hosting and database providers — to store your account data, event information, and consent records securely.
Media storage and content delivery providers — to store and deliver video files you upload.
Video processing providers — to compile your tribute video. Video files are only accessed during processing and are not retained by the provider.
Payment processors — to securely handle billing and transactions. We do not store full payment card details.
Email delivery providers — to send invitations, reminders, and notifications on behalf of event organisers.
Error monitoring providers — to detect and resolve technical issues. Only anonymised diagnostic data is shared.

We may also disclose your information if required by law, court order, or governmental regulation, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

4. Data Retention

We retain different types of data for different periods:

Raw contributor videos: Automatically deleted 21 days after the compiled video is generated, or when the event expires — whichever comes first.
Compiled tribute videos: Automatically deleted 30 days after compilation, or when the event expires. Organisers may extend hosting via a paid add-on ($4.99 AUD/month).
Account data: Retained for as long as your account is active. You may request deletion at any time.
Contributor contact details: Retained for the duration of the event. Deleted when the event and its associated data are removed.
Payment records: Retained for 7 years to comply with Australian tax and financial record-keeping obligations. Upon account deletion, payment records are anonymised rather than deleted.
Consent records: Retained for as long as necessary to demonstrate compliance with applicable laws.

5. Your Rights Under the GDPR

If you are located in the European Economic Area (EEA), the United Kingdom, or another jurisdiction with similar data protection laws, you have the following rights regarding your personal data:

Right of Access: You may request a copy of the personal data we hold about you.
Right to Rectification: You may request that we correct inaccurate or incomplete personal data.
Right to Erasure: You may request that we delete your personal data, subject to certain legal exceptions.
Right to Data Portability: You may request a machine-readable export (JSON format) of your personal data.
Right to Restriction of Processing: You may request that we restrict the processing of your data in certain circumstances.
Right to Object: You may object to the processing of your personal data where we rely on legitimate interests as the legal basis.
Right to Withdraw Consent: Where processing is based on consent, you may withdraw consent at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, please contact us at support@sixtysecondmessage.com. You may also use the in-app Export My Data and Delete My Data features, which are available in your account settings. We will respond to your request within 30 days.

Legal Basis for Processing (GDPR): We process your data on the following bases:

Contract: Processing necessary to perform our contract with you (e.g., creating events, processing videos).
Consent: Where you have given explicit consent (e.g., recording consent checkbox).
Legitimate Interest: Processing necessary for our legitimate business interests (e.g., fraud prevention, service improvement).
Legal Obligation: Processing necessary to comply with applicable laws (e.g., tax record-keeping).

6. Australian Privacy Act Compliance

We comply with the Australian Privacy Act 1988 (Cth) and the 13 Australian Privacy Principles (APPs). Key points include:

We only collect personal information that is reasonably necessary for our functions and activities.
We collect information by lawful and fair means, and where reasonable, directly from the individual.
We take reasonable steps to ensure personal information is accurate, up-to-date, and complete.
We take reasonable steps to protect personal information from misuse, interference, loss, and unauthorised access.
You have the right to access and correct your personal information by contacting us.

If you believe we have breached the Australian Privacy Principles, you may lodge a complaint with us at support@sixtysecondmessage.com. If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC).

7. Your Data Deletion Rights

We believe you should have full control over your data. You can delete your data in the following ways:

Self-service deletion: Use the Delete My Data feature in your account settings to immediately remove your personal data, video submissions, and profile information.
Self-service export: Use the Export My Data feature to download a machine-readable copy (JSON) of all personal data we hold about you before deleting your account.
Automatic deletion: Raw contributor videos are automatically deleted 21 days after compilation or upon event expiry. Compiled videos are automatically deleted 30 days after creation or upon event expiry.
Email request: You may also request deletion by emailing support@sixtysecondmessage.com.

When you delete your data, we will remove your personal information, video submissions, and profile details. Payment records will be anonymised (rather than deleted) to comply with Australian tax and financial record-keeping obligations.

8. Children's Privacy

Our Service is not directed to children under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and you believe your child has provided us with personal information, please contact us at support@sixtysecondmessage.com and we will take steps to delete such information.

Contributors between the ages of 13 and 18 may use the Service only with the consent and supervision of a parent or guardian. The organiser is responsible for ensuring that any minor contributors have appropriate parental consent.

9. Cookies and Tracking

Essential cookies: We use session cookies and authentication tokens (managed by Supabase Auth) that are strictly necessary for the Service to function. These cannot be disabled.
Error monitoring: We use Sentry for error tracking and diagnostics to maintain service reliability. This may collect anonymised technical data about errors you encounter.
Privacy-friendly analytics: We use a self-hosted, privacy-friendly analytics system that does not use cookies, does not collect personal data, and does not track you across websites. All data is aggregated and no individual visitors can be identified. No consent banner is required.
No advertising cookies: We do not use any advertising or remarketing cookies.

10. Data Security

We take the security of your data seriously and implement appropriate technical and organisational measures to protect it, including:

All data in transit is encrypted using TLS/HTTPS.
Video files are stored in encrypted-at-rest object storage (Cloudflare R2).
Database connections use SSL encryption.
Row-level security (RLS) policies ensure users can only access data they are authorised to view.
Authentication tokens are securely managed and expire appropriately.
Payment data is handled by Stripe, a PCI DSS Level 1 certified provider.
Access to production systems is restricted to authorised personnel only.

While we strive to protect your personal information, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security.

11. International Data Transfers

We are based in Australia, and our Service uses infrastructure located in multiple countries. Your data may be transferred to and processed in countries outside your country of residence, including:

United States: Supabase (database and authentication, hosted on AWS), Stripe (payments), Resend (email), Google Cloud (video processing), Cloudflare (storage and CDN).

Where data is transferred internationally, we ensure appropriate safeguards are in place, including:

Using service providers that maintain appropriate certifications and compliance programs (e.g., SOC 2, ISO 27001).
Standard Contractual Clauses (SCCs) for transfers from the EEA, where applicable.
Compliance with the Australian Privacy Act requirements regarding cross-border disclosure of personal information (APP 8).

12. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by updating the "Last updated" date at the top of this page. For significant changes, we may also provide additional notice (such as an email notification or an in-app alert).

Your continued use of the Service after any changes constitutes your acceptance of the updated policy.

13. Contact Us

If you have any questions about this Privacy Policy, your personal data, or wish to exercise your rights, please contact us:

Email: support@sixtysecondmessage.com
Website: sixtysecondmessage.com

We aim to respond to all enquiries within 30 days.