Privacy Policy
Last updated: April 15, 2026
1. Controller
The data controller under GDPR is the operator named in the Imprint. Privacy contact: [email protected].
2. What we process
2.1 Account data
- email address
- optional display name
- hashed password (never plaintext) or Google account ID if you use "Sign in with Google"
- registration timestamp, last sign-in, session tokens
- email verification codes
Legal basis: Art. 6(1)(b) GDPR (contract performance).
2.2 Photos and derived data
When you sort photos with Equipora we transmit preview-sized copies (max. 2048 px long edge) to our servers. On those previews we run:
- AI analysis of content, quality, composition (e.g. "beach", "blurry", "screenshot")
- perceptual hashing for near-duplicate detection
- optionally: face embeddings to cluster recurring people (clustering only, no identification)
We store: the preview (temporarily, see retention), file hashes, analysis results (tags, categories, quality scores), derived album and cleanup suggestions.
Your original photos stay on your device. Equipora never writes photos to external services unless you explicitly authorize it per sort run.
Legal basis: Art. 6(1)(b) GDPR.
2.3 Technical data
For operations and debugging the server logs:
- IP address (truncated after 7 days)
- timestamp, HTTP method, path, status code
- user agent (app version, Android version)
Legal basis: Art. 6(1)(f) GDPR (legitimate interest in secure operation).
3. Third-party recipients (processors)
| Recipient | Purpose | Location | Basis |
|---|---|---|---|
| OpenAI, LLC (USA) | AI image analysis (GPT Vision) | USA (SCCs) | Art. 6(1)(b), 46 GDPR |
| Google LLC (USA) | AI image analysis (Gemini), Google Sign-In | USA / EU (SCCs) | Art. 6(1)(b), 46 GDPR |
| Hetzner Online GmbH | Server hosting, database, preview storage | Germany | Art. 6(1)(f), 28 GDPR |
| Brevo (Sendinblue) | Transactional email | Germany / France | Art. 6(1)(b) GDPR |
| Google Play (on purchase) | Subscription and one-time purchase billing | USA / EU | Art. 6(1)(b) GDPR |
4. Retention
| Data | Retention |
|---|---|
| Account data | until account deletion |
| Uploaded previews | max. 30 days after last scan, then auto-purge |
| Analysis results | until account deletion or manual reset |
| Face embeddings | until account deletion or feature disable |
| IP addresses | 7 days (truncated), then anonymized |
| Billing records | 10 years (German tax law) |
5. App permissions
- Read photos & videos (READ_MEDIA_IMAGES, READ_MEDIA_VIDEO) – to analyze your library; only preview copies leave the device
- Post notifications (POST_NOTIFICATIONS) – inform you when a scan finishes
- Foreground service (data sync) – finish scans while the screen is off; defaults to Wi-Fi only
- Internet – upload previews, receive results
6. Your rights
- Right of access (Art. 15)
- Right to rectification (Art. 16)
- Right to erasure (Art. 17) – in-app via Settings → Delete account, or by email
- Right to restriction (Art. 18)
- Right to data portability (Art. 20)
- Right to object (Art. 21)
- Right to lodge a complaint with a supervisory authority (Art. 77)
Privacy contact: [email protected]
7. Security
- All client–server traffic runs over TLS (HTTPS) only.
- Passwords are hashed with bcrypt/PBKDF2, never stored in plaintext.
- API keys, OAuth secrets, and service account credentials are AES-256-GCM encrypted at rest.
8. Cookies
The website equipora.de does not use tracking cookies. Technical session cookies are only set for the admin panel.
9. Changes
We update this policy when features or processors change. Material changes are announced in the app. The current version is always available at equipora.de/privacy.
10. Contact
Privacy: [email protected]
Support: [email protected]