🔒 Privacy
Privacy Policy
Last updated: 2 April 2026
This Privacy Policy explains how uploadiYo collects, uses, and protects your personal data when you use our service. We comply with the EU General Data Protection Regulation (GDPR / DSGVO), the German Federal Data Protection Act (BDSG), and applicable US privacy laws including the California Consumer Privacy Act (CCPA).
1. Data controller
uploadiYo is the data controller for personal data collected through our platform. Contact: hello.uploadiyo@proton.me
2. What data we collect
When you sign in with Google we collect your name, email address, and Google profile image. We store encrypted Google OAuth tokens (access token and refresh token) so we can upload files to your Drive on your behalf. We store the IP addresses of guest uploaders for rate-limiting and abuse prevention purposes. We store optional guest names if provided during upload. We do NOT collect payment card details - these are handled entirely by Stripe. We do NOT store any photos, videos, or files you or your guests upload - these go directly to your Google Drive.
3. Legal basis for processing (GDPR Art. 6)
We process your data on the following legal bases: Performance of a contract (Art. 6(1)(b)) - processing your name, email, and Google tokens is necessary to provide the service you signed up for. Legitimate interests (Art. 6(1)(f)) - we store uploader IP addresses to prevent abuse and enforce rate limits. Legal obligation (Art. 6(1)(c)) - we may retain certain data to comply with tax, accounting, or legal requirements. Consent (Art. 6(1)(a)) - for marketing communications, if you opt in.
4. Google Drive access
We use Google OAuth with the restricted drive.file scope. This means we can only access files and folders that uploadiYo itself created - we cannot see or access any other files in your Drive. Your OAuth tokens are stored encrypted using AES-256. We use these tokens solely to: create a Drive folder for your album, and upload guest photos/videos into that folder. We do not transfer your Google Drive data to any third party, do not use it for advertising, and do not allow any human to read your Drive content.
5. Third-party processors
External Hosting
This website is hosted externally. Personal data collected on this website is stored on the host's servers. This may include IP addresses, contact requests, meta and communication data, contract data, contact details, names, website access data and other data generated via a website. External hosting is carried out for the purpose of fulfilling contracts with our potential and existing customers (Art. 6(1)(b) GDPR) and in the interest of providing our online services securely, quickly and efficiently through a professional provider (Art. 6(1)(f) GDPR). Where consent has been requested, processing takes place exclusively on the basis of Art. 6(1)(a) GDPR and § 25(1) TDDDG, insofar as consent covers the storage of cookies or access to information on the user's device within the meaning of the TDDDG. Consent may be withdrawn at any time. Our host(s) will process your data only to the extent necessary to fulfil their service obligations and will follow our instructions regarding such data. We use the following host: Vercel Inc., 440 N Barranca Ave #4133, Covina, CA 91723, USA
Resend
For sending transactional emails (e.g. registration confirmations), we use the Resend service provided by Plus Five Five, Inc. (d/b/a "Resend"), 2261 Market Street #5039, San Francisco, CA 94114, USA. Email addresses are processed for this purpose. The legal basis for processing is Art. 6(1)(b) GDPR (performance of contract).
Neon
For our database we use the Neon service provided by Neon, Inc., 160 Spear Street, 15th Floor, San Francisco, CA 94105, USA. User accounts, album data and guest messages are processed. The legal basis for processing is Art. 6(1)(b) GDPR (performance of contract).
Stripe
Stripe, Inc. processes payments. Stripe receives your email address and payment information. Stripe is PCI-DSS Level 1 certified. Privacy policy: stripe.com/privacy.
Pusher
Pusher Ltd. provides real-time websocket connections for the live slideshow feature. Only album IDs and upload metadata (not photo content) are transmitted.
Google LLC (Gemini API)
Powers the AI Toast Generator and MC Script Generator features. When you use these tools, the text you enter (speaker name, role, couple names, personal memories, tone preferences) is sent to Google's Gemini API to generate a speech or script. This data is processed by Google in accordance with their API Terms of Service and Privacy Policy. No photo data or account data is sent to Gemini. The feature is voluntary — it is only activated when you explicitly use the generator. Privacy policy: policies.google.com/privacy
6. Data retention
Account data (name, email, tokens) is retained as long as your account is active. You can delete your account at any time from the dashboard, which permanently deletes all your data from our systems. Upload records (file names, uploader IP, guest names) are deleted when you delete the album or your account. Payment records are retained for 7 years to comply with German tax law (§ 147 AO) and EU VAT requirements. IP addresses of uploaders are retained for a maximum of 90 days.
7. Your rights (GDPR)
Under the GDPR, you have the following rights: Right of access (Art. 15) - request a copy of all data we hold about you. Right to rectification (Art. 16) - request correction of inaccurate data. Right to erasure / 'right to be forgotten' (Art. 17) - request deletion of your data. Right to restrict processing (Art. 18). Right to data portability (Art. 20) - receive your data in a structured, machine-readable format. Right to object (Art. 21). Right to withdraw consent at any time. To exercise any of these rights, email hello.uploadiyo@proton.me. We will respond within 30 days. You also have the right to lodge a complaint with a supervisory authority, e.g. the Berlin Commissioner for Data Protection (Berliner Beauftragte für Datenschutz und Informationsfreiheit).
8. California residents (CCPA)
If you are a California resident, you have the right to know what personal data we collect and how it is used, request deletion of your personal data, opt out of the sale of your personal data (note: we do not sell personal data), and not be discriminated against for exercising your rights. We do not sell personal information to third parties. To exercise your CCPA rights, contact hello.uploadiyo@proton.me.
9. Cookies
We use a single session cookie for authentication purposes. This cookie is strictly necessary for the service to function and does not require consent under GDPR (Art. 6(1)(b)). We do not use advertising cookies, tracking pixels, or third-party analytics cookies.
10. Data security
All data is transmitted over HTTPS/TLS. Google OAuth tokens are encrypted at rest using AES-256. Our database is hosted in the EU with access restricted to essential personnel only. We conduct regular security reviews. No method of internet transmission is 100% secure - we cannot guarantee absolute security.
11. International transfers
Our service is operated primarily within the EU/EEA. Some third-party processors (Stripe, Pusher) may process data in the United States. These transfers are covered by Standard Contractual Clauses (SCCs) under GDPR Art. 46(2)(c) or other appropriate safeguards.
12. Children's privacy
uploadiYo is not directed at children under 13. We do not knowingly collect personal data from children under 13. If you believe a child has provided us with personal data, contact hello.uploadiyo@proton.me and we will delete it promptly.
13. Changes to this policy
We may update this policy periodically. We will notify you by email at least 14 days before material changes take effect. The current version is always available at uploadiyo.app/privacy.
14. Contact & supervisory authority
Data protection enquiries: hello.uploadiyo@proton.me. Supervisory authority (Germany): Berliner Beauftragte für Datenschutz und Informationsfreiheit, Friedrichstr. 219, 10969 Berlin, mailbox@datenschutz-berlin.de