Privacy Policy

1. Who we are

ShiftPhotos ("we", "us") operates shiftphotos.com and related services. We comply with the Digital Personal Data Protection Act, 2023 (India), the IT Act, 2000, the Consumer Protection (E-Commerce) Rules, 2020, and the Google API Services User Data Policy.

2. What we collect

• Account: name, email, password (hashed), optional phone.
• Payment: via Stripe/Razorpay; we never store card numbers.
• Google Photos (with consent): photos, videos, and metadata — read-only scope (photoslibrary.readonly).
• Usage: IP, browser, device, pages viewed (for security & analytics).
• Cookies: see our Cookie Policy.

We do NOT collect: biometric data (unless you opt into face grouping), financial account numbers, location beyond photo EXIF, data from third-party apps other than Google Photos.

3. How we use your data

We process your personal data only for the specific purposes listed below, under the legal bases defined in the DPDP Act §4:

• Create and manage your account (contract).
• Migrate photos from Google Photos (your explicit consent).
• Store, display, and serve your photos (contract performance).
• Process payments (contract performance).
• Send transactional emails (contract performance).
• Generate AI features, if you opt in (explicit consent).
• Detect illegal content (legal obligation — PhotoDNA for CSAM).
• Respond to legal requests (legal obligation).

What we will never do with your photos:

• Train AI models.
• Display ads based on photo content.
• Sell or rent your data to third parties.
• Share photos with anyone other than recipients you explicitly designate.
• Access your photos without a technical reason (all admin access is audit-logged).

4. How we share your data

Only with the following processors under binding Data Processing Agreements:

• Backblaze B2 (USA): encrypted photo archive.
• Cloudflare (Global): CDN, DDoS, WAF.
• Supabase (Mumbai/Singapore): database, auth.
• Stripe / Razorpay (India): payment processing.
• Resend (USA): transactional email.
• Anthropic (USA): AI features, if you opt in.
• Google (USA): OAuth sign-in, Photos API read.
• Law enforcement: only under valid legal compulsion.

5. How we protect your data

• TLS 1.3 in transit; AES-256 at rest.
• Signed URLs with 5-minute expiry; no public buckets.
• Envelope encryption for sensitive metadata.
• Role-based access, 2FA for admin, quarterly key rotation.
• Annual CASA audit (required by Google API Policy).
• 72-hour breach notification per DPDP Act.
• PhotoDNA scan on every upload for CSAM prevention.

See our full Security Whitepaper.

6. Data retention

• Active photos: while your account is active.
• Payment records: 8 years (Income Tax Act).
• Audit logs: 7 years.
• Deleted photos (trash): 30 days, then erased.
• Deleted accounts: 30-day grace period, then erased within 60 days.

7. Your rights (DPDP Act)

You have the right to:

• Access your data (download JSON export).
• Correct inaccurate data.
• Delete your account.
• Withdraw consent anytime.
• Redress grievances via our Grievance Officer.
• Nominate someone to exercise rights on your behalf.
• Port data in machine-readable format.

Email support@shiftphotos.com to exercise any right. We respond within 30 days.

8. Children

ShiftPhotos is not intended for users under 18. We do not knowingly collect data from minors. If you believe a minor has an account, email grievance@shiftphotos.com and we'll delete within 24 hours.

9. Cookies

See our Cookie Policy. We don't use Facebook Pixel, Google Analytics on the web app (only marketing site with consent), or third-party advertising trackers.

10. Grievance Officer

In compliance with IT Act, 2000 and DPDP Act, 2023:

11. Contact

Questions about this policy? Email support@shiftphotos.com or the DPO at legal@shiftphotos.com.