Privacy Policy

1. Introduction

OurLens ("we", "us", "our") operates the ourlens.app website and service. This Privacy Policy explains how we collect, use, and protect your information when you use our event photo-sharing platform.

2. Information We Collect

Event Organizers

• Email address (for dashboard access and event notifications)
• Event name and configuration preferences
• Payment information (processed securely by Stripe — we never store card details)

Event Guests

• Photos uploaded to the event gallery
• Optional display name (if provided when uploading)
• IP address (for rate limiting and abuse prevention only)

Automatically Collected

• Basic usage analytics (page views, if analytics cookies are accepted)
• Device type and browser information (via standard HTTP headers)

3. How We Use Your Information

• To provide and operate the event photo-sharing service
• To send event-related emails (dashboard links, expiry notifications)
• To process payments via Stripe
• To prevent abuse and enforce rate limits
• To improve our service through anonymized analytics

4. Data Storage & Security

Photos are stored in Amazon Web Services (AWS) S3 with encryption at rest. Access to photos is controlled through time-limited presigned URLs. Our database is hosted on Neon (PostgreSQL) with encryption in transit and at rest.

Payment processing is handled entirely by Stripe. We never receive, store, or have access to your full credit card number.

5. Data Retention & Deletion

Photos and event data are retained for the duration of the selected retention tier (4 hours, 24 hours, 7 days, or 30 days from event start). After the retention period expires, all associated photos are permanently deleted from our storage within 24 hours.

Event organizers can delete individual photos at any time from the dashboard. When an event is deleted, all photos and metadata are permanently removed.

6. Cookies

We use essential cookies and localStorage for core functionality (e.g., remembering your cookie consent preference). Optional analytics cookies (Google Analytics) are only set after you provide explicit consent via our cookie banner. You can decline analytics cookies without any impact on service functionality.

7. Third-Party Services

• Stripe — payment processing (Stripe Privacy Policy)
• Amazon Web Services (S3) — photo storage (AWS Privacy Policy)
• Resend — transactional email delivery (Resend Privacy Policy)
• Google Analytics — anonymized usage analytics (only with consent) (Google Privacy Policy)
• Vercel — hosting and edge network (Vercel Privacy Policy)

8. Your Rights (GDPR)

If you are in the European Economic Area, you have the right to:

• Access the personal data we hold about you
• Request correction of inaccurate data
• Request deletion of your data
• Object to processing of your data
• Request data portability
• Withdraw consent at any time

To exercise any of these rights, contact us at hello@ourlens.app.

9. Children's Privacy

Our service is not directed to children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact us and we will delete it promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify users of significant changes by posting a notice on our website. Your continued use of the service after changes constitutes acceptance of the updated policy.

11. Contact Us

If you have any questions about this Privacy Policy, please contact us at hello@ourlens.app.