← Back to GeoStamp

Privacy Policy

Effective Date: May 23, 2025

GeoStamp ("we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use our image geotagging service (the "Service").

1. Information We Collect

Account Information: When you create an account, we collect your email address for authentication purposes. We use a verification code sent to your email to confirm your identity. No passwords are stored.

Image Processing: All image uploads and EXIF/GPS data extraction are processed locally in your browser. Your images and their metadata are never uploaded to or stored on our servers.

Geocoding Data: When you enable location lookup, GPS coordinates (lat/lng) are sent to third-party geocoding providers (BigDataCloud, OpenStreetMap Nominatim) to resolve place names. This data is transmitted via HTTPS and is subject to each provider's privacy policy.

Payment Information: Subscription payments are processed by Creem.io. We do not collect or store your credit card details. Creem may collect billing information as described in their Privacy Policy.

2. How We Use Your Information

- Email: Used solely for account authentication, subscription management, and service-related communications.

- Subscription Data: Stored to manage your plan tier (Free/Pro), usage limits, and billing status.

- Geocoding: Coordinates are transmitted only to resolve location names and are not stored by us.

3. Data Storage

Account and subscription data (email, plan status) is stored securely on Cloudflare KV, a globally distributed key-value store with encryption at rest. Access tokens are stored in your browser's localStorage and transmitted via HTTPS.

Processed images are generated locally in your browser and saved directly to your device. We do not retain copies of your images.

4. Third-Party Services

We rely on the following third-party providers:

- Creem.io — Payment processing: Privacy Policy

- Resend — Email delivery (verification codes): Privacy Policy

- Cloudflare — Backend hosting & data storage: Privacy Policy

- BigDataCloud — Reverse geocoding: Privacy Policy

- OpenStreetMap Nominatim — Reverse geocoding: Privacy Policy

5. Data Security

All communication between your browser and our servers uses HTTPS/TLS encryption. We implement reasonable security measures to protect your account data. However, no method of electronic storage is 100% secure.

6. Data Retention

Your account data (email, plan status) is retained as long as your account remains active. You may request deletion of your account and associated data by contacting us. Access tokens expire after 2 hours (with optional "Remember Me" extending via refresh tokens).

7. Your Rights (GDPR / CCPA)

If you are located in the European Economic Area (EEA) or California, you have the right to access, rectify, or delete your personal data, and to object to or restrict processing. To exercise these rights, contact us at the email below.

8. Children's Privacy

Our Service is not intended for children under 13. We do not knowingly collect personal information from children under 13.

9. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated effective date. Continued use of the Service after changes constitutes acceptance.

10. Contact Us

Data Controller: GeoStamp

Email: contact@geostamp.top