Privacy Policy

Last updated: April 5, 2026

RePhoto ("we", "our", "us") is operated by byAlif. This Privacy Policy explains how we collect, use, and protect your information.

1. Information We Collect

Account Information: Email address for authentication (via NeuAuth).

Photos: Uploaded photos are processed by AI (OpenAI) and stored on DigitalOcean Spaces (EU). We do not share photos with third parties beyond processing.

Device Information: Anonymous device identifier for push notifications.

2. How We Use Your Information

• Photo editing service (upload, AI processing, before/after comparison)
• Account authentication and session management
• Push notifications about completed edits
• App improvement and customer support

3. Third-Party Services

• OpenAI: AI photo processing
• DigitalOcean Spaces: Cloud storage (EU)
• NeuAuth: Authentication (self-hosted by byAlif)
• Apple APNs: Push notification delivery

4. Data Storage & Security

Photos are stored encrypted in the EU (Amsterdam). Auth tokens in device Keychain. HTTPS for all data in transit. AES-256-GCM for sensitive tokens at rest.

5. Data Retention

Photos retained while account is active. Deleted within 30 days of account deletion.

6. Your Rights

Access, delete, or export your data at any time. Opt out of push notifications in device settings.

7. Contact

Email: [email protected]

Telegram: @rephoto_support