Privacy Policy

• Account data: email address, display name, username, password (hashed), and optional profile picture.
• Content you upload: photos and videos you post to events, captions, comments, reactions, likes and tags.
• Messages: direct messages and any media you share inside them.
• Event data: events you create or join, invite codes, member lists.
• Order data: if you order prints, the shipping address, contact details and order status (payment is processed by Stripe — we never store your card number).
• Technical data: device type, browser, IP address and basic usage logs needed to keep the service secure and reliable.

• To create and manage your account and authenticate you.
• To let you share photos, videos and messages with people in your events.
• To deliver notifications about activity in your events and chats.
• To process print orders and arrange delivery.
• To keep the service secure, prevent abuse and comply with legal obligations.

We do not sell your personal data, and we do not use your photos, videos or messages to train AI models or for advertising.

Photos and videos you upload are stored in private, encrypted cloud storage. Access is restricted by row-level security so that only members of the same event can view your event uploads, and only participants of a conversation can view media shared in that chat. Public posts (where you have explicitly toggled "public") may be visible to any signed-in Icona user.

Videos may be transcoded by our media partner (Cloudinary) so they play reliably across devices. Profile pictures are stored in a public bucket because they are shown alongside your name across the app.

Direct messages are stored on our backend so they are available across your devices. Only members of a conversation can read its messages. Messages are not end-to-end encrypted — we, as the operator, can access message content if strictly required to investigate abuse, comply with a legal request, or fix a critical bug. We will never read your messages for advertising or analytics.

• Contract: to provide the service you have signed up for.
• Legitimate interests: to keep the service secure, prevent fraud, and improve reliability.
• Consent: for optional features like push notifications. You can withdraw consent at any time in your device settings.
• Legal obligation: where we must retain or disclose data to comply with applicable law.

We use a small number of carefully chosen processors to run Icona:

• Supabase — backend, database, authentication and storage (EU-hosted).
• Cloudinary — image and video transcoding and delivery.
• Stripe — payment processing for print orders.
• Gelato — print fulfilment and shipping.
• Cloudflare — content delivery and DDoS protection.

Each processor is bound by a data processing agreement and may only use your data to provide their service to us.

Your data is primarily processed in the European Economic Area (EEA). Where data is transferred outside the EEA (for example to a US-based processor), we rely on the European Commission's Standard Contractual Clauses or an equivalent safeguard.

• Account, profile, posts, comments and messages: until you delete them or close your account.
• Print order records: up to 7 years (required for accounting/tax law).
• Security and abuse logs: up to 12 months.

You have the right to:

• Access the personal data we hold about you.
• Correct data that is inaccurate or incomplete.
• Delete your account and associated data ("right to be forgotten").
• Restrict or object to certain processing.
• Receive your data in a portable, machine-readable format.
• Lodge a complaint with your local data protection authority.

To exercise any of these rights, email privacy@icona.cam. We will respond within 30 days.

We use HTTPS everywhere, encrypted storage, hashed passwords, row-level security on the database, and signed URLs for private media. No system is perfectly secure, but we follow industry best practice and notify affected users without undue delay if a personal data breach is likely to result in a risk to their rights.

Icona is not intended for children under 13 (or under 16 in some jurisdictions). If you believe a child has created an account, please contact us and we will delete it.

We may update this Privacy Policy from time to time. Material changes will be announced inside the app or by email. The "last updated" date at the top of this page always reflects the current version.

Questions or requests: privacy@icona.cam.