Privacy Policy

Introduction

This Privacy Policy describes how Photerra, Inc. ("Photerra", "we", "our", or "us") collects, uses, shares, and protects your personal information when you use the Photerra mobile application, the website at photerra.com, and all related services (collectively, the "Service"). This Privacy Policy should be read together with our Terms of Service.

By using the Service, you consent to the collection and use of your information as described in this Privacy Policy. If you do not agree with this policy, please do not use the Service.

Information We Collect

2.1 Information You Provide

• Account Information: When you create an account, we collect your name, email address, and any profile information you choose to provide (such as a profile photo or bio).
• User Content: When you post Spots, photographs, descriptions, ratings, tips, itineraries, or other content, we collect and store that content along with associated metadata (such as timestamps and geolocation tags).
• Communications: If you contact us for support or feedback, we collect the information you provide in those communications.

2.2 Information Collected Automatically

• Device and Usage Data: We automatically collect information about your device (device type, operating system, unique device identifiers) and your usage of the Service (pages viewed, features used, session duration, crash logs).
• Location Data: With your permission, we collect precise geolocation data from your mobile device to provide core features of the Service, including displaying nearby Spots, enabling geo-tagged content posting, and powering location-based discovery. We collect location data only while you are actively using the app (foreground), unless you explicitly grant background location permission for features such as proximity-based notifications. You can enable or disable location services at any time through your device settings. Disabling location services may limit certain features of the Service.
• Log Data: Our servers automatically record information including your IP address, browser type, referring/exit pages, and timestamps.

2.3 Information from Third Parties

• Social Login: If you sign in using a third-party service (such as Apple or Google), we receive basic profile information as authorized by that service.
• Booking Partners: If you interact with affiliate booking links, the Booking Partner may share transaction confirmation data with us for commission tracking purposes. We do not receive your payment card details from Booking Partners.

2.4 Cookies and Tracking Technologies

We use cookies and similar technologies (such as local storage and analytics SDKs) on the website and in the app to:

• Maintain your session and remember your preferences.
• Analyze usage patterns and improve the Service.
• Support analytics through third-party providers (see Section 6).

You can manage cookie preferences through your browser or device settings. Note that disabling cookies may affect the functionality of the Service.

How We Use Your Information

We use the information we collect for the following purposes:

• Provide and operate the Service: Display Spots, enable itinerary planning, power location-based discovery, and facilitate social features.
• Personalize your experience: Show relevant Spots and recommendations based on your location, preferences, and activity.
• Process affiliate transactions: Track clicks on Booking Partner links and process associated commissions.
• Communicate with you: Send service announcements, security alerts, and (with your consent) marketing communications.
• Improve and develop the Service: Analyze usage patterns, diagnose technical issues, and develop new features.
• Ensure safety and security: Detect and prevent fraud, abuse, and violations of our Terms.
• Comply with legal obligations: Respond to lawful requests from public authorities and comply with applicable laws.
• API Data provision: If you have posted public Spots and User Content, aggregate and make that data available through the Photerra API to authorized API customers (see Section 5).

How We Share Your Information

4.1 With Other Users

Spots, photographs, ratings, tips, and itineraries you make public are visible to other users of the Service. Your profile name and photo are visible alongside your contributions.

4.2 With Service Providers

We share information with third-party vendors who perform services on our behalf, such as cloud hosting, analytics, crash reporting, and customer support. These providers are contractually obligated to use your information only to provide services to us and in accordance with this Privacy Policy.

4.3 With Booking Partners

When you click an affiliate booking link, the Booking Partner may receive your IP address, device information, and referring URL. We share only the minimum information necessary for affiliate commission tracking. We do not share your name, email, or account information with Booking Partners unless you independently provide it to them.

4.4 Through the API

Public Spot data, including user-contributed photographs, geolocation coordinates, descriptions, and metadata, may be made available to authorized third parties through the Photerra API. API customers are bound by API Terms of Use that restrict how they may use this data. If you do not want your public content included in API Data, you may adjust your privacy settings or contact us.

4.5 For Legal Reasons

We may disclose your information if required by law, regulation, legal process, or governmental request; to enforce our Terms; to protect the rights, property, or safety of Photerra, our users, or the public; or to detect and prevent fraud or security issues.

4.6 In a Business Transfer

If Photerra is involved in a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change and any choices you may have regarding your information.

API Data and User Content

Photerra may offer a paid API that provides third-party developers and businesses access to Spot data, including photographs and metadata contributed by users. The following applies:

• Only public Spot data is included in the API. Private itineraries and non-public content are never shared through the API.
• API customers are required to comply with API Terms of Use that prohibit misuse, require proper attribution, and restrict redistribution.
• You may opt out of having your public content included in API Data at any time by adjusting your privacy settings in the app or by contacting us at info@photerra.com.
• Photerra retains the right to anonymize or aggregate User Content for inclusion in API Data sets.

Analytics and Third-Party Services

We use the following third-party services to help us understand how the Service is used:

Google Analytics / Firebase

Google Analytics is a web analytics service and Firebase is an analytics and crash reporting service, both provided by Google. Google uses the data collected to track and monitor the use of our Service.

For more information on the privacy practices of Google, please visit the Google Privacy Terms web page: policies.google.com/privacy

We also encourage you to review Google's policy for safeguarding your data: support.google.com/analytics/answer/6004245

You may opt out of certain Firebase features through your mobile device settings, such as your device advertising settings or by following the instructions provided by Google in their Privacy Policy.

We review our third-party service providers periodically and will update this section as services are added or removed. We do not currently use advertising or behavioral remarketing services.

Data Retention

We retain your personal information for as long as your account is active or as needed to provide you the Service. Specifically:

• Account information: Retained until you delete your account.
• User Content: Retained until you delete the content or your account. After deletion, content may persist in backups for up to 90 days.
• Location data: Precise location data associated with Spots is retained as part of the Spot record. Device location data used for real-time features is not stored beyond the active session unless attached to a Spot you create.
• Usage and analytics data: Retained in an aggregated or anonymized form for up to 24 months for analytical purposes.
• Legal obligations: We may retain certain information for longer periods as required by applicable law.

Data Security

We implement commercially reasonable technical and organizational measures to protect your personal information, including encryption in transit (TLS), access controls, and secure cloud infrastructure. However, no method of transmission over the Internet or method of electronic storage is completely secure, and we cannot guarantee absolute security.

If we become aware of a data breach affecting your personal information, we will notify you and any applicable regulatory authorities as required by law. Please report any security concerns to legal@photerra.com.

Your Rights and Choices

9.1 All Users

• Access and update: You can access and update your account information through the app settings.
• Delete your account: You can request account deletion through the app settings or by emailing info@photerra.com. We will delete your account and associated personal data within 30 days, subject to our retention obligations.
• Location permissions: You can enable or disable location services at any time through your device settings.
• Marketing communications: You can opt out of marketing emails using the unsubscribe link in any marketing email or through your notification settings in the app.
• API opt-out: You can opt out of having your public content included in API Data through your privacy settings.

9.2 California Residents (CCPA/CPRA)

If you are a California resident, you have the following rights under the California Consumer Privacy Act as amended by the California Privacy Rights Act (CPRA):

• Right to Know: You may request that we disclose the categories and specific pieces of personal information we have collected about you, the categories of sources, the business purposes for collection, and the categories of third parties with whom we share it.
• Right to Delete: You may request that we delete the personal information we have collected about you, subject to certain exceptions.
• Right to Correct: You may request correction of inaccurate personal information.
• Right to Opt Out of Sale/Sharing: We do not sell your personal information. If we share personal information for cross-context behavioral advertising in the future, we will provide a mechanism to opt out.
• Right to Non-Discrimination: We will not discriminate against you for exercising any of these rights.

To exercise these rights, contact us at info@photerra.com. We will verify your identity before processing your request. You may designate an authorized agent to make a request on your behalf.

9.3 European Economic Area, UK, and Swiss Residents (GDPR)

If you are located in the EEA, UK, or Switzerland, you have additional rights under the General Data Protection Regulation (GDPR):

• Lawful basis for processing: We process your personal data based on: (a) your consent (e.g., location data, marketing communications); (b) performance of our contract with you (e.g., providing the Service); (c) our legitimate interests (e.g., analytics, security, fraud prevention); and (d) compliance with legal obligations.
• Data subject rights: You have the right to access, rectify, erase, restrict processing, object to processing, and port your data. You also have the right to withdraw consent at any time.
• Data transfers: Your data may be transferred to and processed in the United States. We rely on appropriate safeguards, including Standard Contractual Clauses, to protect your data during international transfers.
• Complaints: You have the right to lodge a complaint with your local data protection authority.

To exercise your rights, contact us at info@photerra.com.

Do Not Track

The Service honors Do Not Track (DNT) signals. When we detect a DNT signal, we do not track, plant cookies, or use advertising technologies for that session.

Children's Privacy

The Service is not intended for anyone under the age of 18. We do not knowingly collect personal information from anyone under 18. If we learn that we have collected personal information from a person under 18, we will delete that information promptly. If you believe a minor has provided us with personal information, please contact us at info@photerra.com.

International Data Transfers

Photerra is based in the United States. If you access the Service from outside the United States, your information will be transferred to and processed in the United States, where data protection laws may differ from those in your jurisdiction. By using the Service, you consent to this transfer. Where required by applicable law, we implement appropriate safeguards for international data transfers, including Standard Contractual Clauses.

Data Breach Notification

In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will notify affected users without undue delay and in accordance with applicable law. Where required, we will also notify the relevant supervisory authorities.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on the Service, updating the Effective Date above, and, where appropriate, notifying you by email or in-app notification. We encourage you to review this Privacy Policy periodically.

Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us: