Privacy Policy

This policy explains what AllPicture collects, how it is used, how connected photo sources work, and what privacy choices you have when using AllPicture.

1. Scope and controller

This Privacy Policy applies to AllPicture websites, waitlist and support forms, web and desktop apps, mobile apps, sync agents, cloud functions, connected-provider workflows, AI-assisted organization, sharing, publishing, billing, and related services.

For privacy questions or data requests, contact support@allpicture.ai. If a different controller, company address, data protection officer, or representative is listed in the Imprint, checkout, or account materials for your region, that information supplements this policy.

2. Information you provide

• Account and profile data, such as email address, authentication identifiers, display name, settings, consents, terms acceptance, recovery status, and account preferences.
• Waitlist and launch data, such as email address, approximate photo or video count, consent timestamp, source page, locale, and launch-credit metadata.
• Support data, such as email address, topic, subject, message, support consent, ticket number, troubleshooting context, and follow-up communications.
• Billing data, such as plan, credits, usage counters, invoices, payment status, tax or VAT information, processor identifiers, and purchase history. Full payment card details are handled by the payment processor, not stored directly by AllPicture.

3. Photos, videos, library records, and local data

• Media and library data you choose to upload, import, sync, preview, render, share, or publish, including originals where applicable, thumbnails, Smart Proxies, albums, folders, captions, favorites, trash state, edit history, export jobs, share records, and publishing jobs.
• Metadata and organization data, such as EXIF data, timestamps, camera data, approximate or embedded location, file names, file paths, local folder or NAS paths, provider paths, checksums, duplicate clusters, best-version decisions, tags, face clusters, person labels, embeddings, search indexes, and cleanup signals.
• Desktop and device data, such as install channel, app version, operating system, release/update state, sync health, local indexing status, storage availability, key-provisioning state, device identifiers used for sync, and diagnostic logs.

4. Connected-provider data

When you connect a provider, AllPicture receives and stores the tokens, scopes, account IDs, refresh status, provider labels, cursors, file IDs, media references, thumbnails, metadata, and API responses needed to run the connected workflow. This may include Google Photos, Dropbox, iCloud, OneDrive, Instagram, Facebook, TikTok, YouTube, local folders, NAS locations, and phone or WhatsApp media sources depending on what you connect.

Google API Services disclosure: AllPicture's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. We use Google user data only to provide or improve user-facing AllPicture features you request, maintain security, troubleshoot, comply with law, or communicate with you about the service. We do not sell Google user data or use it for advertising.

5. Information collected automatically

• Technical data, such as IP address, user agent, device and browser information, operating system, language, time zone, referring page, source page, session metadata, and approximate location derived from technical data.
• Usage and security data, such as feature interactions, sync events, import/export status, storage consumption, credit consumption, errors, audit events, rate-limit signals, fraud-prevention signals, and crash or diagnostic data.
• Cookie and similar-technology data needed to run the website, remember choices, protect forms, route sessions, measure reliability, or support analytics where enabled. See the Cookie Policy for more detail.

6. How we use information

• Provide, secure, troubleshoot, and improve AllPicture, including sync, storage, encrypted vaults, previews, search, duplicate detection, AI organization, face recognition, Family Hub, sharing, publishing, billing, support, and account recovery.
• Authenticate users, maintain sessions, provision keys, detect abuse, enforce terms, protect infrastructure, maintain audit trails, and comply with legal, tax, accounting, provider, and security obligations.
• Send service messages, waitlist updates, beta access notices, support replies, billing notices, security alerts, product availability messages, and marketing emails where you have consented or where law allows. You can opt out of marketing emails.
• Analyze aggregate reliability, performance, feature usage, plan usage, and support trends so we can improve the product and operate the service.

7. Legal bases for EEA, UK, and similar users

Where data-protection law requires a legal basis, we rely on performance of a contract to provide the service you request, consent for optional waitlist, marketing, connected-provider, cookie, or device-permission flows where required, legitimate interests for security, fraud prevention, service improvement, diagnostics, and basic business operations, and legal obligation for tax, accounting, compliance, and lawful requests.

You may withdraw consent where processing is based on consent. Withdrawal does not affect processing that happened before withdrawal or processing based on another legal basis.

8. AI, face recognition, and sensitive media

Photos and videos can reveal sensitive information about people, places, relationships, children, health, beliefs, or private events. AllPicture is designed to keep private-library processing local or encrypted where possible, but specific features may create derived data such as embeddings, face clusters, person labels, AI tags, transcript cues, render prompts, review signals, or moderation/safety results.

Face recognition and private analysis are intended to help you organize your own library. They are not used to identify people outside your account. AI outputs may be inaccurate, and you can correct labels, disable supported features, delete generated data where available, or request help through support.

9. Encryption and security

AllPicture uses technical and organizational safeguards such as transport encryption, access controls, token protection, encrypted provider-token storage, audit controls, and encrypted storage modes. Secure Vault uploads and desktop encrypted sync paths use client-side encryption before cloud storage when enabled. Standard or legacy upload paths may not be zero-knowledge unless an encrypted mode is explicitly active.

No system is perfectly secure. Keep your account credentials, devices, recovery keys, and provider accounts protected. If client-held keys are lost, AllPicture may not be able to recover encrypted originals.

10. Sharing with service providers and third parties

• Infrastructure providers that host, store, transmit, process, secure, monitor, or deliver the service, including Firebase, Google Cloud, and related hosting, storage, database, auth, and functions infrastructure.
• Connected providers you authorize, such as Google Photos, Dropbox, iCloud, OneDrive, Meta services, TikTok, YouTube, local folders, NAS devices, or platform APIs needed for import, sync, preview, revocation, or publishing.
• Operational providers, such as Zoho Campaigns for waitlist emails, Zoho Desk or Zoho Mail for support, Paddle or another payment processor for billing, and analytics, diagnostics, security, or email providers where enabled.
• AI, rendering, safety, or media-processing providers only where needed for a feature you use, for security review, or for operational processing.
• Authorities, courts, advisors, payment networks, or counterparties where required to comply with law, enforce terms, prevent harm, handle disputes, or complete a corporate transaction such as financing, merger, acquisition, or asset transfer.

11. International transfers

AllPicture may process information in the European Economic Area, the United States, and other countries where we or our providers operate. Where required, we use appropriate transfer safeguards such as contractual protections, provider data-processing terms, adequacy mechanisms, or other lawful transfer methods.

12. Retention and deletion

We keep information for as long as needed to provide the service, maintain your account, run connected workflows, keep security and audit records, comply with law, resolve disputes, and operate backups. Media and library records are generally retained until you delete them, disconnect a source, close your account, or request deletion, subject to backup and legal retention windows.

Provider tokens are removed or scheduled for cleanup when you disconnect a provider or delete your account, unless we must retain limited records for security, compliance, disputes, or fraud prevention. Support tickets, waitlist records, billing records, logs, and backups may have separate retention periods based on operational or legal needs.

13. Your rights and choices

• Access, correct, export, or delete account information where the app provides controls.
• Disconnect providers, revoke third-party permissions, delete imported media, remove share links, adjust privacy settings, disable supported AI or face-recognition features, and unsubscribe from marketing emails.
• Request access, correction, deletion, portability, restriction, objection, or withdrawal of consent where applicable law gives you those rights.
• EEA, UK, Swiss, and similar users may lodge a complaint with a data-protection authority. California and other US state residents may have rights to know, access, correct, delete, opt out of sale or sharing, limit certain sensitive-data uses, and avoid discrimination for exercising privacy rights. AllPicture does not sell personal information or share it for cross-context behavioral advertising as those terms are commonly used in US state privacy laws.

14. Children

AllPicture is not intended for children under 13, and certain regions may require a higher minimum age or parental consent. Do not create an account or submit personal information if you are below the minimum age that applies to you.

15. Changes and contact

We may update this Privacy Policy as AllPicture, providers, infrastructure, laws, and launch plans change. If changes are material, we will provide notice through the website, app, email, account flow, or another reasonable method.

Questions, privacy requests, and deletion requests can be sent to support@allpicture.ai.