Privacy Policy

This Privacy Policy explains how PhotoResto collects, uses, stores, and protects personal data.

1. Data We Collect

We may collect contact details, order identifiers, uploaded images, result files, thumbnail references, technical logs, payment status metadata, anti-abuse signals, and records of the options and instructions selected for an order.

2. Why We Process Data

Data is processed to fulfill orders, provide support, deliver files, apply corrections, prevent abuse, maintain security, meet legal obligations, handle accounting and tax requirements, and establish, exercise, or defend legal claims including payment disputes and chargebacks.

3. Legal Basis

Processing is based on contract performance, legitimate interests such as fraud prevention, service security, dispute defense, and business operations, consent where required, and compliance with legal duties.

4. Data Retention for Image Files

Uploaded source files and full processed image files are generally retained for no longer than 31 days after order creation or delivery, unless continued retention is necessary for an active support request, dispute, legal claim, abuse investigation, or legal obligation.

5. Data Retention for Transaction Records

Transaction and order records such as email address, order ID, selected service parameters, timestamps, payment and invoicing records, communications, and delivery evidence may be retained for a longer period where necessary for accounting, tax compliance, fraud prevention, audit requirements, or the establishment, exercise, or defense of legal claims.

6. Data Sharing

We share limited data with infrastructure, storage, email, analytics, security, and payment providers only as necessary to operate the service, process payments, prevent abuse, and comply with legal or contractual obligations.

7. International Transfers

Where data is transferred internationally, we use appropriate contractual, organizational, and technical safeguards required by applicable law.

8. Your Rights

Subject to applicable law, you may request access, correction, deletion, restriction, objection, or portability. Some requests may be limited where data must be retained for legal claims, accounting obligations, security, fraud prevention, or dispute handling.

9. Security

We apply reasonable technical and organizational safeguards appropriate to the nature of the service, including access controls, logging, and provider-level protections where appropriate.

10. Contact

Privacy-related requests can be sent via the contact email listed in the website footer.