Privacy Policy

Last Updated: January 2, 2026

1. Introduction

Welcome to Pho-To. We are committed to protecting your privacy. This policy explains how we collect, use, and safeguard your information when you use our photo and video sharing platform at pho-to.me (the "Service").

2. Information We Collect

Account Information: Email address, full name, and hashed password for authentication.

User Content: Photos and videos you upload, including media metadata (file size, dimensions, and timestamps) and album organization details.

Usage Statistics: Aggregate data such as total storage used and account activity logs.

Technical Data: Browser type, operating system, and IP address collected for security and analytics.

3. How We Use Your Information

We use your data to:

  • Provide the Service: Delivering, hosting, and displaying your media.
  • Manage Accounts: Authenticating identity and processing subscriptions.
  • Communicate: Sending transactional emails regarding your account status.
  • Improve Performance: Analyzing user interactions to optimize the platform.
  • Security: Detecting and preventing unauthorized access or fraudulent activity.

4. Third-Party Service Providers

We engage trusted third-party providers to perform essential functions. These providers are bound by confidentiality agreements and are prohibited from using your data for any other purpose:

  • Authentication & Database: We use specialized providers to securely store account data and manage user sessions.
  • Content Delivery & Storage: Media is hosted via global Content Delivery Networks (CDNs) to ensure fast and secure access.
  • Payment Processing: All payments are handled by a PCI-DSS compliant processor. We do not store your credit card information on our servers.
  • Analytics: We use industry-standard tools to monitor website performance and user behavior.

5. Data Sharing and Disclosure

We do not sell or trade your personal information. We only share data:

  • With your consent: Such as when you set an album to "Public."
  • For legal reasons: If required to comply with a subpoena or court order.
  • Service Operations: With the infrastructure providers mentioned in Section 4.

6. Your Data Rights & Deletion

Retention: We keep your data only as long as your account is active. Payment records are kept for 7 years to comply with tax laws.

Deletion: You may delete your account at any time. Upon deletion, your media and metadata are permanently removed from our active databases, subject to standard backup retention cycles (up to 30 days).

Access and Portability: You have the right to request a copy of your data or request corrections to your information.

7. Security Measures

We employ industry-standard security to protect your data, including:

  • Encryption: All data in transit is protected via HTTPS/TLS encryption.
  • Access Control: We use row-level security to ensure users can only access their own content.
  • Hashed Credentials: Passwords are never stored in plain text.

8. Cookies

We use essential cookies for authentication and functional cookies to remember your display preferences. You can manage cookie settings in your browser, though some features of Pho-To may not function correctly without them.

9. International Transfers

Your information may be processed in countries other than your own. We ensure that all service providers maintain appropriate safeguards to protect your information in accordance with applicable data protection laws.

10. Contact Us

For questions regarding this policy or to exercise your privacy rights, please contact:

Privacy: [email protected]
Legal: [email protected]

View Terms of Service Back to Home