Summary: We collect only what's necessary to provide our service. Your photos belong to you. We're hosted in Europe and fully GDPR compliant.
1. Who We Are
MomentDrop is operated by Systaro GmbH, based in Austria, European Union. We provide a photo sharing platform for events.
Contact: privacy@momentdrop.com
2. Data We Collect
Account Information
When you create an account, we collect:
- Email address
- Name (optional)
- Password (encrypted)
Event Data
When you create or participate in events:
- Event names and settings
- Photos and videos you upload
- Upload timestamps
Technical Data
We automatically collect:
- IP address (anonymized after 30 days)
- Browser type and version
- Device information
3. How We Use Your Data
We use your data to:
- Provide and improve our service
- Send important service notifications
- Process payments (via Stripe)
- Respond to support requests
We do not sell your data or use it for advertising.
4. Photo Storage & Ownership
Your photos are yours. We store them securely to provide the service, but you retain full ownership and copyright.
Photos are stored on servers located in the European Union (Germany). We use encryption in transit (TLS) and at rest.
5. Data Sharing
We share data only with:
- Event participants: Photos are visible to others in the same event
- Service providers: Hosting (Hetzner, Germany), payments (Stripe), email (Postmark)
All service providers are GDPR compliant and process data only on our instructions.
6. Your Rights (GDPR)
As an EU resident, you have the right to:
- Access your personal data
- Correct inaccurate data
- Delete your account and data
- Export your data in a portable format
- Object to certain processing
- Withdraw consent at any time
To exercise these rights, contact us at privacy@momentdrop.com
7. Data Retention
- Active accounts: Data kept while account is active
- Deleted accounts: Data removed within 30 days
- Expired subscriptions: Photos kept for 90 days, then deleted
8. Cookies
We use only essential cookies required for the service to function:
- Session cookies (authentication)
- Security cookies (CSRF protection)
We do not use tracking or advertising cookies.
9. Children's Privacy
MomentDrop is not intended for children under 16. We do not knowingly collect data from children.
10. Changes to This Policy
We may update this policy occasionally. We'll notify you of significant changes via email or in-app notification.
11. Contact Us
For privacy-related questions:
- Email: privacy@momentdrop.com
- Address: Systaro GmbH, Austria