Our Privacy Commitment: Pictara is designed with privacy at its core. Your photos and personal data never leave your device unless you explicitly choose to sync them. We collect only the minimum information necessary to provide you with download access to the Pictara application.
1. Overview
This Privacy Policy describes how Pictara ("we," "us," or "our") collects, uses, and protects your personal information when you visit our website and use our services. Pictara is a desktop application for Mac that helps you back up and browse your iCloud photos locally.
By using our website or downloading Pictara, you agree to the collection and use of information in accordance with this policy.
2.1 Information You Provide
When you create an account to download Pictara, we collect:
- Email Address: Used for account creation, authentication, and important product updates
- Password: Stored securely using industry-standard encryption (we never store plain-text passwords)
2.2 Automatically Collected Information
When you visit our website, we automatically collect:
- Device Information: Browser type, operating system, device type
- Usage Data: Pages visited, time spent on pages, referral sources
- IP Address: For security, fraud prevention, and analytics
2.3 Information NOT Collected
Pictara is designed to respect your privacy. We do NOT collect:
- Your iCloud username or password
- Your photos or photo metadata
- GPS locations from your photos
- Information about which photos you view or delete
- Any data from the Pictara desktop application itself
Important: The Pictara desktop application runs entirely on your Mac. Your photos, iCloud credentials, and all personal data remain on your device and are never transmitted to our servers.
We use the information we collect for the following purposes:
- Account Management: To create and maintain your account
- Authentication: To verify your identity when you sign in
- Product Delivery: To provide access to download the Pictara application
- Communication: To send important updates about Pictara (you can opt out of non-essential emails)
- Security: To detect and prevent fraud, abuse, and security incidents
- Improvement: To understand how our website is used and improve the user experience
- Legal Compliance: To comply with applicable laws and regulations
4. Data Storage and Security
4.1 How We Store Your Data
- Authentication Data: Stored securely with Supabase (our authentication provider) using industry-standard encryption
- Passwords: Hashed using bcrypt before storage (we cannot see your password)
- Data Location: Stored on secure servers in the United States
4.2 Security Measures
We implement appropriate technical and organizational measures to protect your data:
- HTTPS encryption for all data transmission
- Encrypted data storage
- Regular security audits and updates
- Access controls and authentication
- Monitoring for suspicious activity
4.3 Data Retention
- Account Data: Retained while your account is active
- After Account Deletion: Permanently deleted within 30 days
- Analytics Data: Anonymized and retained for up to 2 years
5. Data Sharing and Disclosure
We do not sell your personal information. We may share your information only in the following limited circumstances:
5.1 Service Providers
We use trusted third-party services to operate our website:
- Supabase: Authentication and user management
- Netlify: Website hosting and deployment
- GitHub: Application distribution
These providers are contractually obligated to protect your data and use it only for the services they provide to us.
5.2 Legal Requirements
We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., court orders, subpoenas).
5.3 Business Transfers
If Pictara is involved in a merger, acquisition, or sale of assets, your information may be transferred. We will provide notice before your information becomes subject to a different privacy policy.
6. Your Privacy Rights
Depending on your location, you may have the following rights:
6.1 General Rights
- Access: Request a copy of the personal information we hold about you
- Correction: Request correction of inaccurate or incomplete information
- Deletion: Request deletion of your account and personal data
- Portability: Request your data in a portable format
- Objection: Object to processing of your personal information
- Restriction: Request restriction of processing your data
6.2 GDPR Rights (EEA Residents)
If you are in the European Economic Area, you have additional rights under GDPR, including:
- Right to withdraw consent at any time
- Right to lodge a complaint with a supervisory authority
- Right to know the legal basis for processing your data
6.3 CCPA Rights (California Residents)
If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA):
- Right to know what personal information is collected
- Right to know if personal information is sold or disclosed
- Right to opt-out of the sale of personal information (we do not sell data)
- Right to deletion of personal information
- Right to non-discrimination for exercising CCPA rights
6.4 How to Exercise Your Rights
To exercise any of these rights, please contact us at privacy@pictara.com. We will respond to your request within 30 days.
7. Cookies and Tracking
7.1 What We Use
- Essential Cookies: Required for authentication and website functionality
- Local Storage: Used to store your authentication token
7.2 What We Don't Use
We do NOT use:
- Third-party advertising cookies
- Cross-site tracking
- Behavioral profiling for advertising
7.3 Managing Cookies
You can control cookies through your browser settings. Note that disabling essential cookies may prevent you from using certain features of our website.
8. Children's Privacy
Pictara is not directed to children under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at privacy@pictara.com.
9. International Data Transfers
Your information may be transferred to and maintained on servers located outside of your country of residence. We ensure that appropriate safeguards are in place to protect your data, including:
- Standard contractual clauses approved by the European Commission
- Adequacy decisions by relevant authorities
- Your explicit consent where required
10. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or for legal, regulatory, or operational reasons. We will notify you of any material changes by:
- Posting the updated policy on this page
- Updating the "Last Updated" date at the top
- Sending an email notification for significant changes (if you have an account)
Your continued use of our website after changes become effective constitutes acceptance of the updated policy.
If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:
Your Privacy Matters: We're committed to protecting your privacy and being transparent about our data practices. If you have any questions or concerns, we're here to help.