Privacy Policy

C A M T O M — Privacy Policy

Last Updated: 2 Dec 2025

Camtom (“we”, “our”, or “Service”) provides AI-assisted photo delivery and business workflow management tools built for professional photographers. Camtom includes Google Drive–based photo delivery, face recognition, booking and CRM tools, payments, team collaboration, and business automation.

By using Camtom, you agree to this Privacy Policy.

---

1. Information We Collect

We collect only the information necessary to provide and improve our services.

1.1 Account Information

We may collect the following account details:

• Name
• Email address
• Authentication tokens (Google Login using OAuth 2.0)
• Business/studio information (optional)

1.2 CRM & Business Data

When you use Camtom’s CRM features, we store information such as:

• Customer contact details
• Event and project details
• Bookings, tasks, reminders
• Invoices, quotations and transaction records
• Staff/team access roles

All CRM data is securely stored on Google Cloud Firebase.

1.3 Photo Access (Google Drive)

Camtom connects to your Google Drive only after you grant explicit permission. We do not scan, read, or access your entire Google Drive.

We only access:

• The folders created by Camtom
• The files uploaded into those folders
• Sharing settings related to those specific folders

Your remaining Google Drive content stays private, untouched, and inaccessible to Camtom.

1.4 Face Recognition & Photo Processing

Camtom offers optional Face Recognition AI to help:

• Identify faces in photos
• Group images by person
• Create personalised album access

If enabled:

• Photos are temporarily processed on Google Cloud Compute Engine for AI analysis.
• Only the processing output (face map/metadata) is stored in Firebase.
• The images used for processing are never permanently stored on Camtom servers.

Temporary Selfie Processing

For certain features (like matching a guest to their photos), users may upload a selfie.

• The selfie is processed only to detect and match the face.
• It is never saved permanently on Camtom storage.
• Once processing is complete, the selfie is automatically and permanently deleted.

No biometric information, templates, embeddings, or identifiable visual data is stored beyond what is required for requested feature functionality.

1.5 Payment Information

If you subscribe to a paid plan or make a purchase within Camtom, payment processing is handled securely through trusted third-party payment providers such as:

• Razorpay
• Paytm

These providers may collect billing information such as cardholder name, payment method, and transaction details to complete the payment.

Camtom does not store, process, or have access to full credit/debit card numbers or sensitive payment information. All transactions are encrypted and handled directly by the payment gateway under their respective privacy and compliance policies.

1.6 Technical & Usage Data

We may collect anonymous analytics such as:

• Device type
• Feature usage patterns
• Crash logs

This helps improve performance and reliability.

1.7 Guest Data (Clients, Friends & Event Participants)

When photographers use Camtom to share albums, they may collect certain guest details such as:

• Name
• Mobile number
• Email address

This information is controlled and managed exclusively by the photographer who created the event. Camtom does not use this data for marketing, advertising, or selling to third parties.

Guests may request deletion of their personal data at any time. If you are a guest and wish to have your information removed, you may:

• Contact the photographer directly using their phone number or email address (typically included in the album invitation), or
• Request deletion through Camtom support by emailing support@camtom.in

If contacting Camtom directly, please include:

• The photographer’s name
• Photographer’s phone number or email
• Event name or event ID
• Approximate event date
• Your registered mobile/email used in the album

Upon receiving a valid request, Camtom will verify ownership with the responsible photographer and coordinate data deletion.

Guest data is automatically and permanently erased when:

• The associated event is deleted by the photographer, or
• The photographer removes guest information manually

Once deleted, the data is permanently removed and cannot be recovered.

---

2. How We Use Your Information

We use collected information for:

• Operating and improving the platform
• Delivering AI and automation features
• Secure photo sharing and access management
• CRM workflow (booking, invoicing, reminders)
• Customer support and communication
• Legal compliance and billing

We never use your photos or CRM data for advertising or commercial profiling.

---

3. Data Ownership

You own your photos and business data.

• Photos remain in Google Drive under your account.
• CRM and metadata remain associated with your account in Firebase.

You may export or request deletion of your data at any time, subject to authentication.

Photo Storage & Google Drive Dependency

Camtom does not provide any photo storage or backup infrastructure. All photos, albums, and media files used with Camtom are stored exclusively in the photographer’s own Google Drive account, using the official Google Drive API.

By using Camtom, you understand and agree that:

• Camtom is a software layer on top of Google Drive and is not a cloud storage provider.
• All storage limits, availability, and performance for your photos are controlled by Google Drive and your Google account plan.
• You are fully responsible for purchasing, managing, and maintaining sufficient Google Drive storage for your photos and albums.
• We do not guarantee or promise the availability, durability, or long-term storage of any photos or files.

Camtom only helps you modernize your traditional Google Drive photo sharing by providing a better user interface, access management, and face recognition AI. If Google changes its policies, pricing, limits, or technical access to Google Drive or its APIs, Camtom will not be responsible for providing replacement storage.

In such a case, any active Camtom subscription will be considered as a subscription to our CRM and workflow services only, and not as a payment for storage. We do not sell or include storage capacity as part of any plan.

---

4. Storage Breakdown

Type of Data	Where It’s Stored	Retention Duration
Photos & Albums	Your (Photographer’s) Google Drive	Stored until the photographer deletes them or revokes Camtom access
CRM Data & Metadata	Google Firebase Cloud Storage	Stored until the photographer deletes the record or permanently deletes their account
Temporary Photo Processing (Face Recognition / Sorting)	Google Cloud Compute Engine (processing memory only)	Automatically deleted immediately after processing is completed
Temporary Selfies (Used for Matching Requests)	Google Cloud Compute Engine (processing only — not stored)	Permanently deleted immediately after matching and never stored in the system

---

5. Sharing Controls

Camtom does not publicly share or publish any photos or data. Only the photographer controls who can access any content stored or managed through Camtom.

Access may be shared only when the photographer chooses to do so. Depending on the features used, sharing may include:

• Full galleries or albums with clients
• Limited face-matched photos with guests or event attendees
• CRM or booking information with team members assigned by the photographer
• Event-related communication with authorized recipients (optional)

Sharing occurs through secure methods such as:

• A private access link generated by the photographer
• A QR code provided at the event or shared privately
• Personalised invitations based on guest identity

No content is made public by default. Camtom will never make your photos, CRM data, or event-related content publicly searchable, indexable, or accessible without the photographer’s explicit action.

---

6. Security Measures

We implement:

• OAuth 2.0 secure authentication
• TLS/HTTPS encrypted data transfer
• Encrypted token storage
• Controlled permission access
• Google Cloud security infrastructure

We actively monitor and update systems to protect user data.

---

7. Legal Rights (GDPR, CCPA, DPDP India)

Depending on your region, you may request:

• Data access
• Data correction
• Account deletion
• Consent withdrawal
• Data export
• Restriction of processing

For any such request, contact: support@camtom.in

---

8. Children’s Privacy

Uploaded photographs shared through Camtom may include images of minors, especially in events such as weddings, birthdays, family sessions, and school photography. The responsibility for obtaining proper consent from parents or legal guardians lies solely with the photographer or event organizer, not Camtom.

Camtom does not knowingly allow minors to create accounts or independently use the platform without verified guardian approval.

Camtom does not review, monitor, or analyze the actual photo content unless explicitly permitted by the photographer for AI-based features such as face recognition. Camtom has no role in selecting, evaluating, or distributing any photographs beyond performing requested processing functions.

All access, sharing, or distribution of photos is entirely controlled by the photographer, and Camtom does not share photos in any way unless instructed through the platform settings by the photographer.

---

9. Policy Updates

We may update this Policy as the platform evolves. Continued use of Camtom after any changes means you accept the updated Privacy Policy.

---

10. Contact

For privacy or legal concerns, you can contact us at:

• 📧 Email: support@camtom.in
• 🌍 Website: www.camtom.in