Privacy Policy

1. Introduction

Welcome to Viallo (“we,” “our,” or “us”). We are committed to protecting your privacy and personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our private photo sharing platform (the “Service”).

By using Viallo, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our Service.

2. Information We Collect

2.1 Personal Information You Provide

When you register for and use our Service, we collect:

• Account Information: Email address, password (hashed), and display name
• Profile Information: Optional avatar/profile picture
• Album Content: Album titles, dates, locations, and tags you create
• Photos and Media: Images and media files you upload to your albums, including optional captions
• Location Data: Geographic coordinates and place names you add to your albums, including location information derived from photo metadata and automatic organization features
• Payment Information: Processed securely through Stripe. We do not store your credit card details.
• Feedback: If you submit feedback or bug reports through the Service, we collect the content you provide along with the page URL and your browser user agent

2.2 Information Collected Automatically

• Usage Data: Pages visited, features used, time spent on the Service
• Device Information: Browser type, operating system, device identifiers
• Cookies and Similar Technologies: Authentication tokens, preferences, GDPR region detection, and analytics data
• IP Address: For security, fraud prevention, and GDPR region detection
• Analytics Data: We use Google Analytics (GA4) and Google Ads conversion tracking to collect usage statistics and measure advertising effectiveness. When enabled, this may include page views, events, and identifiers associated with your session. In GDPR regions, analytics cookies are only set after you provide consent.
• Advertising Data: We use Meta (Facebook) Pixel to measure advertising effectiveness and understand how users interact with our Service. In GDPR regions, the pixel only tracks after you provide consent.

2.3 Photo Metadata (EXIF Data)

When you upload photos, we automatically extract and store metadata embedded in your image files, including:

• GPS Location: Geographic coordinates (latitude, longitude, altitude) if present in the photo
• Date and Time: When the photo was taken
• Camera Information: Camera make, model, and lens used
• Camera Settings: ISO, aperture, shutter speed, focal length
• Image Dimensions: Width, height, and orientation

This metadata helps organize your albums and display photos on maps. You can remove EXIF data from photos before uploading using third-party tools if you prefer not to share this information.

2.4 Share Link Analytics

When someone accesses a shared album link, we collect:

• Access Information: Date and time of access, number of views
• Visitor Fingerprint: A pseudonymous identifier derived from IP address and user agent to estimate unique visitors
• IP Address and User Agent: Collected for security and to generate access analytics
• Device Type: Whether accessed from mobile, tablet, or desktop
• Browser Type: Chrome, Safari, Firefox, etc.
• Referrer URL: How visitors found the shared link
• Approximate Location: Country and city derived from IP address

This data is used to provide album owners with analytics about their shared content. We store IP addresses and user agent strings in an access log (limited to 1,000 entries per share link) and use a derived visitor fingerprint to count unique visitors.

2.5 Third-Party Authentication

If you sign in using Google or Apple:

• We receive your email address and basic profile information
• We do not access your Google or Apple account password
• You can revoke access at any time through your Google or Apple account settings

2.6 Error Monitoring Data

We use Sentry to monitor errors and performance issues. When an error occurs, Sentry may collect:

• Error messages and stack traces
• Browser type, operating system, and device information
• Page URL where the error occurred
• Session replays (with all text masked and media blocked) to help reproduce and fix bugs

3. How We Use Your Information

We use the information we collect to:

• Provide the Service: Create and manage your account, store your albums and photos
• Process Payments: Handle subscription payments through Stripe
• Send Transactional Emails: Password reset links, album sharing notifications, and new photo notifications. We do not send marketing emails.
• Improve the Service: Analyze usage patterns, fix bugs, and develop new features
• Security: Prevent fraud, abuse, and unauthorized access using Google reCAPTCHA, rate limiting, and CSRF protection
• Analytics: Understand how our Service is used via Google Analytics and Meta Pixel to improve user experience and measure advertising effectiveness
• Share Link Statistics: Provide album owners with aggregated and pseudonymous analytics about views of their shared content
• Error Monitoring: Identify and fix bugs and performance issues using Sentry
• Legal Compliance: Comply with applicable laws and regulations

4. Information Sharing and Disclosure

4.1 Album Sharing

When you share an album with others, the recipients can view the photos and locations within that album. You control who has access and can hide specific photos from shared views.

4.2 Service Providers

We share information with trusted third-party service providers who assist us in operating our Service:

Payment Processing

• Stripe: Processes all payments securely. We do not store your credit card details. (Subject to Stripe's Privacy Policy)

Analytics & Advertising

• Google Analytics (GA4): Collects usage data to help us improve the Service. (Subject to Google's Privacy Policy)
• Google Ads: Measures advertising effectiveness and conversion tracking. (Subject to Google's Privacy Policy)
• Meta (Facebook) Pixel: Measures advertising effectiveness. In GDPR regions, tracking only occurs after consent is granted. (Subject to Meta's Privacy Policy)

Security & Monitoring

• Google reCAPTCHA: Protects against spam and abuse during registration, login, and password reset. (Subject to Google's Privacy Policy and Terms of Service)
• Sentry: Monitors errors and performance. May collect error details, browser information, and anonymized session replays. (Subject to Sentry's Privacy Policy)

Authentication

• Google Sign-In: Optional authentication method. (Subject to Google's Privacy Policy)
• Apple Sign-In: Optional authentication method. (Subject to Apple's Privacy Policy)

Email Services

• Email Delivery: We use email infrastructure to deliver transactional emails only (password reset, share notifications, new photo notifications).

Maps & Geocoding

• Carto (CartoCDN): Provides map tiles used in the interactive map feature.
• OpenStreetMap Nominatim: Provides reverse geocoding (turning GPS coordinates into place names) for automatic album organization.

Infrastructure & Hosting

• Cloudflare R2: Stores your uploaded photos and media files securely in the EU. (Subject to Cloudflare's Privacy Policy)
• MongoDB Atlas: Cloud database that stores your account and album data. (Subject to MongoDB's Privacy Policy)
• Vercel: Hosts our web application. (Subject to Vercel's Privacy Policy)
• Railway: Hosts our API server. (Subject to Railway's Privacy Policy)

4.3 Legal Requirements

We may disclose your information if required by law or in response to:

• Valid legal processes (subpoenas, court orders)
• Requests from law enforcement or government authorities
• Protection of our rights, property, or safety
• Prevention of fraud or security threats

4.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity. We will notify you of any such change.

5. We Do Not Sell Your Information

We do not sell, rent, or trade your personal information to third parties for marketing purposes. We only share data with service providers as described above, who are contractually obligated to protect your information and use it only for the purposes we specify.

We do not use your photos or album content for advertising. Your memories remain private unless you choose to share them.

6. Data Security

We implement industry-standard security measures to protect your information:

• Encryption of data in transit (HTTPS/TLS)
• Password hashing using bcrypt
• Secure httpOnly authentication cookies
• CSRF protection on all state-changing requests
• Rate limiting to prevent abuse
• Content Security Policy (CSP), HSTS, and other security headers to protect against common web attacks

However, no method of transmission over the Internet is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

7. Your Rights and Choices

7.1 Access and Correction

You can access and update your account information at any time through your account settings, including your display name, avatar, and password.

7.2 Data Deletion

You can delete your account at any time through your account settings. Upon deletion, all your data is permanently and immediately removed from our systems, including your account, albums, photos (from storage), places, visits, share links, and sharing permissions. This action is irreversible.

7.3 Data Portability

You can export your data at any time through your account settings. The export includes your account information, album metadata, photo metadata (including EXIF data), places, visits, and sharing information in a machine-readable JSON format.

7.4 Cookies

You can manage your cookie preferences through our cookie consent banner or the Cookie Preferences page. You can also control cookies through your browser settings. Note that disabling essential cookies may affect the functionality of the Service. See our Cookie Policy for more details.

8. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. Our primary infrastructure is located in the EU (Cloudflare R2 for photo storage) and the US (Vercel, Railway, MongoDB Atlas). These countries may have different data protection laws.

For users in the European Economic Area (EEA), we ensure appropriate safeguards are in place for international data transfers in compliance with GDPR.

9. Children's Privacy

Our Service is not intended for children under the age of 13 (or 16 in the EEA). We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately at [email protected].

10. Region-Specific Rights

10.1 GDPR (European Economic Area, UK, Switzerland)

If you are located in the EEA, UK, or Switzerland, you have additional rights under GDPR:

• Right to access your personal data
• Right to rectification of inaccurate data
• Right to erasure (“right to be forgotten”)
• Right to restrict processing
• Right to data portability
• Right to object to processing
• Right to withdraw consent at any time
• Right to lodge a complaint with a supervisory authority

Legal basis for processing: We process your personal data based on: (a) contract performance - to provide the Service you requested; (b) consent - for analytics cookies and advertising tracking; (c) legitimate interests - to improve our Service, prevent fraud, and ensure security; (d) legal obligation - to comply with applicable laws.

For more information about your GDPR rights, see our GDPR Compliance page.

10.2 CCPA/CPRA (California)

If you are a California resident, you have rights under the California Consumer Privacy Act:

• Right to know what personal information is collected
• Right to know if personal information is sold or shared
• Right to opt-out of the sale of personal information (we do not sell your information)
• Right to deletion of personal information
• Right to non-discrimination for exercising your rights

We do not respond to Do Not Track (DNT) browser signals at this time.

11. Data Retention

We retain your information for as long as:

• Your account is active
• Needed to provide you the Service
• Required to comply with legal obligations
• Necessary to resolve disputes or enforce agreements

When you delete your account, all associated data is permanently removed immediately, including photos from storage, album data, sharing data, and your user account.

12. Third-Party Links

Our Service may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by:

• Posting the new Privacy Policy on this page
• Updating the “Last Updated” date

Your continued use of the Service after changes become effective constitutes acceptance of the revised policy.

14. Contact Us

If you have questions about this Privacy Policy or our privacy practices, please contact us: