Privacy Policy

    Effective date: 14 October 2025Last updated: 14 October 2025help@photome.online

    By using Photome.online (the "Service"), you agree to this Policy.

    1) Who We Are

    • Data Controller: Photome.online
    • Contact for privacy requests: help@photome.online
    • We seek to comply with the UK Data Protection Act 2018 and UK/EU GDPR where applicable.

    2) Data We Collect

    a) You provide

    • Uploaded photos and enhancement selections.
    • Email address when you purchase, request support, or opt in to updates.
    • Payment metadata from our processor (no card numbers stored by us).
    • Support content you send us.

    b) Collected automatically

    • Technical/usage data: IP, device/browser info, timestamps, pages, referral, errors.
    • Cookies/local storage: Session IDs, quota counters, fraud prevention, and optional analytics.

    c) Derived data

    Non-identifying aggregate product metrics and quality signals.

    3) How We Use Data

    • Provide, maintain, and improve the Service.
    • Process images and deliver outputs.
    • Authenticate sessions, enforce quotas, prevent fraud/abuse.
    • Billing and receipts via our payment processor.
    • Analytics in aggregate to improve reliability, pricing, and UX.
    • Legal compliance and security.

    Legal bases (GDPR): performance of a contract, legitimate interests, consent (where required), and legal obligations.

    4) Retention and Deletion

    • Photos and outputs: Deleted by default within ~24 hours. We may retain longer if you opt to keep copies, for abuse prevention, debugging, audits, or if law requires.
    • Account, billing, and support records: Kept as required for tax, accounting, and legal obligations.
    • Logs/analytics: May be kept in aggregated or pseudonymized form for reliability and security.

    Retention windows may change; updates will appear here.

    5) Sharing and Processors

    We do not sell personal data. We share limited data with:

    • AI processing vendors to render enhancements.
    • Payment processor (Stripe) for payments and fraud checks.
    • Cloud/hosting/CDN and email providers.
    • Analytics and security services for performance and abuse detection.
    • Authorities when legally required or to protect rights and safety.

    6) International Transfers

    Data may be processed outside your country. We use appropriate safeguards such as Standard Contractual Clauses or adequacy decisions, plus technical and organizational controls.

    7) Security

    Encryption in transit and at rest, access controls, monitoring, and least-privilege practices. No system is perfectly secure.

    8) Your Rights (where applicable)

    • Access, correction, deletion.
    • Restrict or object to processing.
    • Data portability.
    • Withdraw consent where processing relies on consent.

    Request via help@photome.online. We may verify identity.

    9) Children

    Not for use by persons under 16. We do not knowingly collect children's data.

    10) Cookies

    Essential cookies are required for core functions. Optional analytics may be used to improve the Service. Manage cookies in your browser or see our Cookie Policy.

    11) Changes to this Policy

    We may update this Policy at any time. The latest version controls. Continued use means acceptance.

    12) Contact

    Privacy questions or requests: help@photome.online

    13) Reservation of Rights

    We reserve the right to adjust data categories, retention windows, processors, and protection measures as permitted by law and reflected in the latest posted Policy.