Privacy Policy

Last updated: January 2025

Introduction

PixelX Inc. (ピクセルエックス株式会社) ("we," "us," or "our") operates ManyPhoto, a web-based photo sharing service for events and parties. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.

Information We Collect

Personal Information

When you register for ManyPhoto, we collect:

  • Email address
  • Display name (optional)
  • Authentication provider information (Google)
  • Language and region preferences

Photo and Media Content

When you use our service:

  • Photos and videos you upload to rooms
  • File metadata (filename, size, upload timestamp)
  • Room access history

Usage Information

We automatically collect:

  • Room creation and management activity
  • Upload and download activity
  • Access logs and timestamps
  • Device and browser information

Authentication Data

When you sign in using Google:

  • Profile information from Google
  • Authentication tokens
  • Email address associated with your account

How We Use Your Information

We use your information to:

  • Provide and maintain photo sharing services
  • Manage room creation and access
  • Process uploads and downloads
  • Enable room sharing and collaboration
  • Process payments for Plus plans
  • Communicate service updates and support
  • Improve service quality and performance
  • Detect and prevent fraud or abuse
  • Comply with legal obligations

Data Storage and Security

Storage

  • User data is stored using Supabase (PostgreSQL database)
  • Authentication is managed through Supabase Auth
  • Photos and videos are stored on Google Cloud Storage
  • All data is encrypted in transit (HTTPS/TLS) and at rest

Security Measures

We implement industry-standard security practices:

  • SSL/TLS encryption for all data transmission
  • Secure authentication with session management
  • Regular security audits and updates
  • Access controls and monitoring
  • Automatic data deletion after room expiration

Data Retention

  • Active rooms: Data retained for the plan duration (24 hours for Free, 7 days for Plus)
  • After expiration: Photos are accessible for 24 hours, then permanently deleted
  • Account data: Retained until you delete your account
  • Payment records: Retained as required by law (typically 7 years)

Data Sharing and Disclosure

We do not sell your personal information. We may share your data only in these circumstances:

Service Providers

We share data with trusted third-party providers who assist us:

  • Supabase (database and authentication)
  • Google Cloud Storage (photo and video storage)
  • Stripe (payment processing for Plus plans)
  • Resend (email delivery)

All service providers are contractually bound to protect your data and use it only for the specified purposes.

Room Participants

Photos and videos you upload to a room are accessible to anyone with the room code. We do not control who the room owner shares the code with.

Legal Requirements

We may disclose information if required by law or in response to:

  • Legal processes or government requests
  • Protection of our rights and property
  • Investigation of fraud or security issues
  • Emergency situations involving safety

Your Rights and Choices

You have the right to:

  • Access: Request a copy of your personal data
  • Correction: Update or correct your information
  • Deletion: Request deletion of your account and data
  • Export: Download your photos before room expiration
  • Opt-out: Unsubscribe from marketing emails
  • Object: Object to certain data processing activities

To exercise these rights, contact us at hello@manyphoto.com.

Account Deletion

When you delete your account:

  • All your active rooms will be deactivated
  • Associated photos will be deleted according to our retention policy
  • Personal information will be removed within 30 days
  • Payment records will be retained as required by law

Cookies and Tracking

We use cookies and similar technologies for:

  • Authentication and session management
  • Remembering your language preferences
  • Analyzing service usage
  • Improving user experience

You can control cookies through your browser settings. Note that disabling cookies may affect service functionality.

Children's Privacy

ManyPhoto is not intended for users under 16 years of age. We do not knowingly collect personal information from children. If you believe we have collected data from a child, contact us immediately at hello@manyphoto.com.

International Data Transfers

Your data may be stored and processed in:

  • Japan (primary location)
  • United States (Google Cloud Storage, Stripe)
  • Other regions where our service providers operate

We ensure appropriate safeguards are in place to protect your information in accordance with applicable data protection laws.

Automatic Data Deletion

To ensure your privacy and security:

  • Photos in Free plan rooms are automatically deleted 24 hours after expiration
  • Photos in Plus plan rooms are automatically deleted 24 hours after 7-day expiration
  • Deleted photos cannot be recovered
  • We recommend downloading important photos before expiration

Third-Party Links

Our service may contain links to third-party websites. We are not responsible for their privacy practices. We encourage you to review their privacy policies.

Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of significant changes via email or service notification. The "Last updated" date at the top of this policy indicates when it was last revised. Continued use of the service after changes constitutes acceptance.

Data Protection Officer

For privacy-related questions or concerns, you can contact our Data Protection Officer:

Email: hello@manyphoto.com Business Name: PixelX Inc. (ピクセルエックス株式会社) Representative: Xiuxi Pan (潘秀曦) Location: 1-6-4-705 Kita-Aoyama, Minato-ku, Tokyo 107-0061, Japan (〒107-0061 東京都港区北青山1-6-4-705)

Your California Privacy Rights

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to know what personal information we collect
  • Right to delete personal information
  • Right to opt-out of sale of personal information (we do not sell your data)
  • Right to non-discrimination for exercising your rights

GDPR Rights (European Users)

If you are in the European Economic Area, you have rights under the General Data Protection Regulation (GDPR):

  • Right to access your personal data
  • Right to rectification of inaccurate data
  • Right to erasure ("right to be forgotten")
  • Right to restriction of processing
  • Right to data portability
  • Right to object to processing
  • Right to withdraw consent
© 2025 PixelX Inc. All rights reserved.