PRIVACY POLICY

Last updated: February 2026

01

INFORMATION WE COLLECT

Account Information

When you create an account, we collect your name, email address, and password. If you subscribe to a paid plan, we collect billing information through our payment processor (Stripe). We do not store your full credit card number on our servers.

Event & Photo Data

When you create events and upload photos, we store those photos on secure cloud infrastructure (Supabase Storage). Photos are associated with your account and the specific event you upload them to.

Guest Information

When event guests share photos via email or SMS, we collect the email address or phone number they provide. This information is used solely to deliver the requested photos.

AI Processing

When AI photo enhancement is used, photos are sent to our AI processing partner (Replicate) for transformation. AI processing partners do not retain your photos after processing is complete.

Usage Data

We collect standard usage data such as page views, feature usage, and device information to improve our service. This data is aggregated and not used to identify individual users.

02

HOW WE USE YOUR INFORMATION

  • Provide, maintain, and improve our services
  • Process transactions and send related information
  • Deliver photos to event guests via their chosen method (email, SMS)
  • Process AI photo enhancements
  • Send service-related communications (account updates, billing notices)
  • Respond to support requests
03

DATA SHARING

We do not sell your personal information. We share data only with:

  • Service providers: Supabase (hosting & storage), Stripe (payments), Twilio (SMS delivery), Resend (email delivery), Replicate (AI processing)
  • Legal requirements: When required by law, subpoena, or to protect our rights
04

DATA STORAGE & SECURITY

Your data is stored on secure cloud infrastructure with encryption at rest and in transit. We use industry-standard security practices including:

  • Row-level security policies on all database tables
  • Encrypted connections (HTTPS/TLS) for all data transfer
  • Secure authentication with session management
  • Regular security audits and updates
05

DATA RETENTION

Account data is retained as long as your account is active. Event photos are retained until you delete them or your account is closed. Guest contact information (email, phone) used for photo sharing is retained with the share record for your reference.

When you delete an event, all associated photos and share records are permanently removed from our servers.

06

YOUR RIGHTS

You have the right to:

  • Access the personal information we hold about you
  • Request correction of inaccurate data
  • Request deletion of your account and associated data
  • Export your photos and event data
07

COOKIES

We use essential cookies for authentication and session management. We do not use third-party advertising or tracking cookies.

08

CHILDREN'S PRIVACY

SimplePhotoShare is not intended for children under 13. We do not knowingly collect information from children under 13. If you believe we have collected such information, please contact us immediately.

09

CHANGES TO THIS POLICY

We may update this privacy policy from time to time. We will notify you of significant changes via email or through a notice on our website.

10

CONTACT

If you have questions about this privacy policy, please contact us at support@simplephotoshare.com.