Privacy Policy

Última actualización: April 29, 2026

1. Introduction

AlbumDrive ("we" or "us") is committed to protecting your privacy. This policy explains how we collect, use, and protect your information.

2. Information We Collect

A. Personal Information (Organizers)

When you log in with Google, we collect:

  • Email: To identify your account and communicate with you
  • Name and profile picture: To personalize your experience
  • Google user ID: To link your events to your account

B. Google Drive Data

We request the drive.file scope, which allows us to access ONLY files and folders created by AlbumDrive. We cannot view, read, or modify any other files in your Drive.

We create a folder called "AlbumDrive" with subfolders for each event.

C. Guest Data

Guests who upload photos do not need an account. We collect:

  • The uploaded photos — processed temporarily and transferred immediately to the organizer's Drive
  • Upload timestamp
  • Device and browser type — for technical diagnostic purposes only

We do not keep permanent copies of photos on our servers after the transfer is complete.

D. Usage Data

We collect anonymous platform usage data to improve the service — pages visited, actions taken, technical errors.

E. Cookies

We use essential cookies to keep your session active and for language and theme preferences. We do not use tracking or advertising cookies.

3. How We Use Your Information

  • To provide and maintain the Service
  • To transfer photos to the organizer's Google Drive
  • To authenticate you and protect your account
  • To send transactional emails related to your event — reminders, confirmations, notifications
  • To communicate about updates or support

4. Google API Policy Compliance

AlbumDrive's use complies with the Google API Services User Data Policy, including the Limited Use requirements.

We do not use Google Workspace data to:

  • Train AI or ML models
  • Show advertising
  • Sell data to third parties

5. Service Providers

We share the minimum necessary information with these providers to operate the Service:

  • Vercel: Hosting and serverless functions
  • Firebase (Google): Authentication and database
  • Resend: Transactional email delivery
  • Paddle: Payment processing (users outside Argentina)
  • MercadoPago: Payment processing (users in Argentina)

None of these providers are authorized to use your data for their own purposes.

6. Data Retention

  • Account data: kept as long as the account is active
  • Upon deleting your account: we delete your data within 30 days
  • Guest photos: not kept on our servers after transfer to Drive

7. Your Rights (GDPR and applicable laws)

If you are a user from the European Union or Spain, you have the right to:

  • Access: Request a copy of your data
  • Rectification: Correct inaccurate data
  • Deletion: Request that we delete your data
  • Portability: Receive your data in an exportable format
  • Objection: Object to the processing of your data

To exercise any of these rights, contact us at hello@albumdrive.app

8. Security

We implement industry-standard measures:

  • Encryption in transit (HTTPS/TLS)
  • Sensitive token encryption (AES-256)
  • Limited data access following the principle of least privilege

No internet transmission method is 100% secure.

9. Changes to This Policy

We will notify you of significant changes via email or through a visible notice on the platform at least 7 days in advance.

10. Contact

For privacy inquiries:

hello@albumdrive.app