Features Pricing Blog
Start Free

Privacy Policy

Last updated: February 17, 2026

This Privacy Policy for Photeria ("Photeria," "we," "us," or "our") describes how and why we might collect, store, use, and/or share ("process") your information when you use our services ("Services"), including when you:

  • Visit our website at photeria.io, or any website of ours that links to this Privacy Policy
  • Use our platform for booking, scheduling, project management, and media delivery
  • Engage with us in other related ways, including sales, marketing, or events

Questions or concerns? Reading this Privacy Policy will help you understand your privacy rights and choices. If you do not agree with our policies and practices, please do not use our Services. If you still have any questions or concerns, please contact us at privacy@photeria.io.

Summary of Key Points

This summary provides key points from our Privacy Policy. You can find more details about each topic in the sections below.

  • What personal information do we process? When you visit, use, or navigate our Services, we may process personal information depending on how you interact with Photeria and the Services, the choices you make, and the products and features you use.
  • Do we process any sensitive personal information? We do not process sensitive personal information.
  • Do we receive any information from third parties? We may receive information from third-party services you connect, such as Google Calendar or Dropbox.
  • How do we process your information? We process your information to provide, improve, and administer our Services, communicate with you, for security and fraud prevention, and to comply with law.
  • In what situations and with which parties do we share personal information? We may share information in specific situations and with specific third parties as described below.
  • How do we keep your information safe? We have organizational and technical processes and procedures in place to protect your personal information.
  • What are your rights? Depending on where you are located geographically, you may have certain rights regarding your personal information.
  • How do I exercise my rights? The easiest way to exercise your rights is by contacting us at privacy@photeria.io. We will consider and act upon any request in accordance with applicable data protection laws.

Table of Contents

  1. What Information Do We Collect?
  2. How Do We Process Your Information?
  3. When and With Whom Do We Share Your Personal Information?
  4. Do We Use Cookies and Other Tracking Technologies?
  5. How Long Do We Keep Your Information?
  6. How Do We Keep Your Information Safe?
  7. Do We Collect Information from Minors?
  8. What Are Your Privacy Rights?
  9. Controls for Do-Not-Track Features
  10. Do California Residents Have Specific Privacy Rights?
  11. Do We Make Updates to This Policy?
  12. How Can You Contact Us About This Policy?
  13. How Can You Review, Update, or Delete Your Data?
  14. Anti-Spam, Anti-Phishing, and Anti-Impersonation

1. What Information Do We Collect?

Personal Information You Provide

In Short: We collect personal information that you voluntarily provide to us.

We collect personal information that you voluntarily provide to us when you register on the Services, express an interest in obtaining information about us or our products and Services, when you participate in activities on the Services, or otherwise when you contact us.

Personal Information Provided by You. The personal information we collect may include:

  • Names
  • Email addresses
  • Phone numbers
  • Company/business names
  • Passwords
  • Profile photos and logos
  • Personal and business addresses
  • Website URLs
  • Social media handles
  • Contact preferences

Client Data. If you use our Services as a photographer or media business, you may input information about your clients, including:

  • Client names and contact information (email, phone, address)
  • Client social media handles
  • Property addresses and access information (such as lockbox codes)

Media and Content. You may upload content to the Services, including:

  • Photographs
  • Videos
  • Floor plans
  • Virtual tour URLs
  • Other files related to property listings

Sensitive Information. We do not process sensitive personal information.

SMS/Text Messaging Data. If you choose to use phone-based authentication, we collect your phone number to send one-time passcode (OTP) messages for login verification. We do not use your phone number for marketing purposes. SMS messages are sent via our third-party provider, Twilio. Your phone number is shared with Twilio solely for the purpose of delivering authentication messages. Your mobile phone number and any information collected in connection with our SMS messaging program will never be shared with or sold to third parties for their marketing or promotional purposes. You may opt out of SMS at any time by texting STOP in response to any message.

Payment Data. We may collect data necessary to process your payment if you make purchases, such as your payment instrument number and the security code associated with your payment instrument. All payment data is stored by Stripe. You may find their privacy policy at: https://stripe.com/privacy.

All personal information that you provide to us must be true, complete, and accurate, and you must notify us of any changes to such personal information.

Information Collected Automatically

In Short: Some information — such as your Internet Protocol (IP) address and/or browser and device characteristics — is collected automatically when you visit our Services.

We automatically collect certain information when you visit, use, or navigate the Services. This information does not reveal your specific identity (like your name or contact information) but may include device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, information about how and when you use our Services, and other technical information. This information is primarily needed to maintain the security and operation of our Services, and for our internal analytics and reporting purposes.

The information we collect may include:

  • Log and Usage Data. Service-related, diagnostic, usage, and performance information our servers automatically collect when you access or use our Services and which we record in log files. This log data may include your IP address, device information, browser type and settings, and information about your activity in the Services (such as date/time stamps, pages and files viewed, searches, and other actions you take).
  • Device Data. Information about your computer, phone, tablet, or other device you use to access the Services. This device data may include information such as your IP address (or proxy server), device and application identification numbers, location, browser type, hardware model, Internet service provider and/or mobile carrier, operating system, and system configuration information.

Information from Third Parties

We may receive information from third-party services you choose to connect to our platform:

  • OAuth Providers: Information from services you connect, such as Google Calendar or Google Sign-In
  • Cloud Storage: Information from connected storage services like Dropbox
  • Payment Processors: Transaction confirmations and fraud prevention data from Stripe

2. How Do We Process Your Information?

In Short: We process your information to provide, improve, and administer our Services, communicate with you, for security and fraud prevention, and to comply with law. We may also process your information for other purposes with your consent.

We process your personal information for a variety of reasons, depending on how you interact with our Services, including:

  • To facilitate account creation and authentication and otherwise manage user accounts
  • To deliver and facilitate delivery of services to you, including enabling photographers to deliver media to their clients
  • To fulfill and manage your orders, payments, returns, and exchanges made through the Services
  • To send administrative information such as updates, security alerts, and support messages
  • To request feedback and to contact you about your use of our Services
  • To send marketing and promotional communications (you can opt out at any time — see "What Are Your Privacy Rights?" below)
  • To evaluate and improve our Services, products, marketing, and your experience
  • To detect, prevent, and address technical issues, fraud, and security threats
  • To comply with our legal obligations

3. When and With Whom Do We Share Your Personal Information?

In Short: We may share information in specific situations described in this section and/or with the following third parties.

Service Providers

We share information with third-party vendors who perform services on our behalf, including:

  • Cloud hosting and database: Supabase
  • Payment processing: Stripe
  • SMS messaging: Twilio
  • Email services: Postmark
  • Calendar integration: Google Calendar
  • Cloud storage: Dropbox

Your Clients

When you use the Services to deliver media to your clients, we share relevant content and information with those clients as directed by you.

Business Transfers

We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company. We will notify you before your personal information is transferred and becomes subject to a different privacy policy.

Legal Requirements

We may disclose your information where we believe it is necessary to comply with applicable law, governmental requests, judicial proceedings, court orders, or legal processes, such as in response to a court order or a subpoena.

Vital Interests and Legal Rights

We may disclose your information where we believe it is necessary to investigate, prevent, or take action regarding potential violations of our policies, suspected fraud, situations involving potential threats to the safety of any person, or as evidence in litigation in which we are involved.

With Your Consent

We may share your information for other purposes with your explicit consent.

We do not sell your personal information.

4. Do We Use Cookies and Other Tracking Technologies?

In Short: We may use cookies and other tracking technologies to collect and store your information.

We use cookies and similar tracking technologies to access or store information. We currently use:

  • Essential Cookies: Required for the Services to function, including authentication and session management
  • Functional Cookies: Used to remember your preferences, such as theme settings

We do not currently use advertising or marketing cookies. If we add analytics or other tracking technologies in the future, we will update this Privacy Policy accordingly.

You can control cookies through your browser settings. Disabling certain cookies may affect the functionality of the Services.

5. How Long Do We Keep Your Information?

In Short: We keep your information for as long as necessary to fulfill the purposes outlined in this Privacy Policy unless otherwise required by law.

We will only keep your personal information for as long as it is necessary for the purposes set out in this Privacy Policy, unless a longer retention period is required or permitted by law (such as tax, accounting, or other legal requirements). No purpose in this policy will require us keeping your personal information for longer than the period of time in which you have an account with us.

When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize such information. If this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.

Account Deletion: Upon your request to terminate your account:

  • We will delete your personal information from our active systems within 30 days
  • Data may persist in backup archives for up to 90 days before being purged
  • We may retain certain information as required by law for tax, accounting, or legal compliance purposes

6. How Do We Keep Your Information Safe?

In Short: We aim to protect your personal information through a system of organizational and technical security measures.

We have implemented appropriate and reasonable technical and organizational security measures designed to protect the security of any personal information we process, including:

  • Encryption of data in transit using TLS/SSL
  • Encryption of sensitive data at rest using AES-256 encryption
  • Secure authentication systems
  • Row-level security policies to ensure data isolation between organizations
  • Regular security assessments and monitoring

However, despite our safeguards and efforts to secure your information, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security and improperly collect, access, steal, or modify your information. Although we will do our best to protect your personal information, transmission of personal information to and from our Services is at your own risk. You should only access the Services within a secure environment.

7. Do We Collect Information from Minors?

In Short: We do not knowingly collect data from or market to individuals under 18 years of age.

We do not knowingly solicit data from or market to children under 18 years of age. By using the Services, you represent that you are at least 18 years of age. If we learn that personal information from users less than 18 years of age has been collected, we will deactivate the account and take reasonable measures to promptly delete such data from our records. If you become aware of any data we may have collected from individuals under age 18, please contact us at privacy@photeria.io.

8. What Are Your Privacy Rights?

In Short: You may review, change, or terminate your account at any time.

Your Rights

Depending on your location, you may have the following rights regarding your personal information:

  • Right to Access: Request a copy of the personal information we hold about you
  • Right to Correction: Request correction of inaccurate or incomplete information
  • Right to Deletion: Request deletion of your personal information
  • Right to Portability: Request a copy of your data in a portable, machine-readable format
  • Right to Opt-Out: Opt out of marketing and promotional communications

To exercise these rights, please contact us at privacy@photeria.io. We will respond to your request within 30 days.

Withdrawing Consent

If we are relying on your consent to process your personal information, you have the right to withdraw your consent at any time. You can withdraw your consent by contacting us at privacy@photeria.io. However, please note that this will not affect the lawfulness of the processing before its withdrawal.

Opting Out of Marketing

You can unsubscribe from our marketing and promotional communications at any time by clicking on the unsubscribe link in the emails that we send, or by contacting us at privacy@photeria.io. You will then be removed from the marketing lists. However, we may still communicate with you — for example, to send you service-related messages that are necessary for the administration and use of your account.

Account Information

If you would at any time like to review or change the information in your account or terminate your account, you can contact us at privacy@photeria.io.

Upon your request to terminate your account, we will deactivate or delete your account and information from our active databases. However, we may retain some information in our files to prevent fraud, troubleshoot problems, assist with any investigations, enforce our legal terms, and/or comply with applicable legal requirements.

9. Controls for Do-Not-Track Features

Most web browsers and some mobile operating systems and mobile applications include a Do-Not-Track ("DNT") feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. At this stage, no uniform technology standard for recognizing and implementing DNT signals has been finalized. As such, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online. If a standard for online tracking is adopted that we must follow in the future, we will inform you about that practice in a revised version of this Privacy Policy.

10. Do California Residents Have Specific Privacy Rights?

In Short: Yes, if you are a resident of California, you are granted specific rights regarding access to your personal information.

CCPA Privacy Rights

California Civil Code Section 1798.83, also known as the "Shine The Light" law, permits our users who are California residents to request and obtain from us, once a year and free of charge, information about categories of personal information (if any) we disclosed to third parties for direct marketing purposes and the names and addresses of all third parties with which we shared personal information in the immediately preceding calendar year.

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA):

  • Right to Know: You have the right to request that we disclose what personal information we collect, use, disclose, and sell
  • Right to Delete: You have the right to request deletion of your personal information, subject to certain exceptions
  • Right to Opt-Out of Sale: You have the right to opt out of the sale of your personal information. We do not sell personal information.
  • Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights

Categories of Personal Information Collected

We have collected the following categories of personal information in the past twelve (12) months:

Category Examples Collected
A. Identifiers Name, email address, phone number, account name YES
B. Personal information (California Customer Records) Name, contact information, address YES
C. Protected classification characteristics Gender, date of birth NO
D. Commercial information Transaction information, purchase history, payment information YES
E. Biometric information Fingerprints, voiceprints NO
F. Internet or network activity Browsing history, search history, interactions with our Services YES
G. Geolocation data Device location NO
H. Audio, electronic, visual information Images, videos uploaded to the Services YES
I. Professional or employment information Business contact details, job title YES
J. Education information Student records NO
K. Inferences Profiles reflecting preferences or characteristics NO

To exercise your California privacy rights, contact us at privacy@photeria.io.

11. Do We Make Updates to This Policy?

In Short: Yes, we will update this policy as necessary to stay compliant with relevant laws.

We may update this Privacy Policy from time to time. The updated version will be indicated by an updated "Last updated" date and the updated version will be effective as soon as it is accessible. If we make material changes to this Privacy Policy, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to review this Privacy Policy frequently to be informed of how we are protecting your information.

12. How Can You Contact Us About This Policy?

If you have questions or comments about this policy, you may email us at privacy@photeria.io.

13. How Can You Review, Update, or Delete Your Data?

Based on the applicable laws of your country or state of residence, you may have the right to request access to the personal information we collect from you, change that information, or delete it in some circumstances. To request to review, update, or delete your personal information, please contact us at privacy@photeria.io.

14. Anti-Spam, Anti-Phishing, and Anti-Impersonation

Photeria is committed to protecting our users and the integrity of our Services. We do not send unsolicited messages ("spam") to advertise or promote our website, products, or Services, and we strictly prohibit the use of our infrastructure for such purposes.

We also prohibit:

  • The use of Photeria's email sending capabilities for phishing attempts or impersonation of other companies, services, or individuals
  • Any attempt to misuse our systems to send fraudulent, deceptive, or misleading communications
  • The advertising of our website, products, or services through bulk, unsolicited email, SMS, or other electronic communications

All communications originating from Photeria are permission-based, sent only to recipients who have explicitly opted in, and include clear identification of the sender along with a functional unsubscribe mechanism. We actively monitor and enforce this policy to ensure that our brand and infrastructure are never used to distribute unsolicited or fraudulent content.

Photeria reserves the right to investigate and take immediate action against any party that violates this policy, including suspension or termination of accounts, blocking of email sending privileges, and pursuing legal remedies.