Privacy Policy

Last Updated: January 31, 2026

At Photomosaic, we value your privacy. This policy explains how we handle your data when you use our service.

1. Information We Collect

When you use Photomosaic, we may collect:

• Account Information: Your email address and name (via Google or Email Sign-in).
• Usage Data: Photos you upload for processing (stored temporarily and deleted after generation).
• Payment Information: Processed securely via SafePay; we do not store your credit card details.

2. How We Use Information

We use your data solely to:

• Provide and maintain our service.
• Process your photomosaic generation requests.
• Manage your credits and account status.
• Communicate with you regarding your account.

3. Data Protection and Security

We implement robust technical and organizational security measures to protect your personal information and Google user data. All data transfers between our application, servers, and third-party APIs (like Google APIs) are encrypted in transit using Secure Sockets Layer (SSL/TLS 1.2 or higher) protocols. Your account information is stored securely in Supabase, utilizing Row Level Security (RLS) and encryption at rest. We restrict access to personal data to authorized personnel who need the data to operate, support, and improve our services.

4. Data Retention and Deletion

We do not store your data longer than necessary for the purposes outlined in this policy:

• Google User Data & Account Information: Your name, email, and authentication details are retained only as long as you maintain an active account with Photomosaic.
• Uploaded Images & Mosaics: Images you upload for generating mosaics are held temporarily in secure, volatile memory or temporary cloud storage. They are permanently deleted immediately after your mosaic generation is completed or fails. We do not persist your raw source images.
• Account Deletion and Data Purge: You have the right to delete your account and all associated data at any time. You can request complete deletion of your Google user data and account records by contacting us at hello@photomosaic.work. Upon receiving your request, we will delete all your user profile data and account records from our databases within 7 business days.

5. Third-Party Services

We use Google OAuth for authentication and Google Picker for easy file selection. These services are governed by Google's own privacy policies. We do not share Google user data or uploaded photos with any other third parties.

6. Contact Us

If you have any questions about this Privacy Policy, please contact us at hello@photomosaic.work.