Back to Home
Momento Logo

Privacy Policy

Last updated: November 11, 2024

Introduction

Welcome to Momento ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service. We comply with applicable data protection regulations, including GDPR, CCPA, and other PII (Personally Identifiable Information) protection requirements. You may request deletion of your data at any time.

Information We Collect

1. Information You Provide

  • Google Account Information: Email address when you sign in with Google
  • Baby Information: Your baby's name and birthdate (optional, for personalization)

2. Photo Data

  • Thumbnails: We store reduced-size copies of photos you import from Google Photos
  • Metadata: Photo creation dates, file information, and Google Photos URLs
  • AI-Generated Data: Text descriptions and searchable embeddings generated by AI to enable search functionality
  • Original Photos: We do NOT store your original full-resolution photos. They remain in your Google Photos account

3. Usage Information

  • Search queries you perform
  • Features you use and how often
  • Session information and analytics (via PostHog)

How We Use Your Information

  • Provide the Service: Process and analyze your photos to enable AI-powered search
  • Legal Compliance: Comply with applicable laws and regulations

Third-Party Services

We use the following third-party services:

Google

Authentication and Google Photos API access. Google Privacy Policy

OpenAI

AI vision analysis and text embedding generation for photo search. OpenAI Privacy Policy

PostHog

Analytics and session recording to improve user experience. PostHog Privacy Policy

Fly.io

Hosting infrastructure. Fly.io Privacy Policy

Sharing of Google User Data

We share, transfer, or disclose Google user data with the following parties:

  • Google: We share your email address and OAuth tokens with Google to authenticate your account and access the Google Photos API. This is necessary for the service to function. Google Privacy Policy
  • PostHog: We share a hashed version of your email address with PostHog for analytics and user identification purposes. Your raw email address is not shared. PostHog Privacy Policy
  • Fly.io: Your Google account information (email, OAuth tokens) is stored on Fly.io's hosting infrastructure as part of our database. Fly.io Privacy Policy
  • AWS S3: We store photo thumbnails (reduced-size copies) from your Google Photos on AWS S3, organized by your Google account email address. Your original photos remain in Google Photos. AWS Privacy Policy
  • OpenAI: When you import photos from Google Photos, we share photo thumbnails and metadata (but not your email or OAuth tokens) with OpenAI for AI-powered analysis and search functionality. OpenAI Privacy Policy

Data Security

We implement industry-standard security measures:

  • Encrypted connections (HTTPS/TLS)
  • Secure database storage with access controls
  • Read-only access to your Google Photos (we cannot modify or delete your original photos)
  • Regular security updates and monitoring

Note: While we strive to protect your information, no method of transmission over the internet is 100% secure.

PII Compliance & Data Protection

We are committed to protecting Personally Identifiable Information (PII) and comply with applicable data protection regulations including GDPR, CCPA, and other privacy laws. We implement privacy-by-design principles, hash user identifiers before sharing with analytics services, and provide you with full control over your data. You can request data deletion at any time by contacting us at [email protected].

Your Rights

You have the following rights regarding your data:

  • Access: Request a copy of your data
  • Delete: Request deletion of your account and all associated data at any time. We will process your deletion request promptly and remove all PII from our systems.
  • Revoke Access: Disconnect Google Photos access at any time through your Google account settings
  • Export: Download your data (contact us)
  • Opt-Out: Opt out of analytics tracking

To exercise these rights, contact us at: [email protected]

Data Retention

We retain your data for as long as your account is active. When you delete an image from our gallery, we permanently delete all your data, including thumbnails, metadata, and AI-generated embeddings.

International Users

Your information may be transferred to and processed in countries other than your own. By using Momento, you consent to such transfers. We ensure appropriate safeguards are in place.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by email or through the service. Continued use after changes constitutes acceptance.

Contact Us

If you have questions about this Privacy Policy or our data practices:

Email: [email protected]

© 2024 Momento. All rights reserved.