This Privacy Policy explains how SIA "Rompolo" ('Rompolo', 'we', 'us') collects, uses, stores, and shares personal data when you use Rompolo's digital album and QR photo-sharing services.
For customer album content uploaded, submitted, stored, displayed, shared, downloaded, exported, or otherwise processed through the service, a business customer is usually the controller and Rompolo is usually the processor. Rompolo may act as an independent controller for its own business operations, including account management, billing, security, analytics, fraud prevention, support, service improvement, and legal compliance.
Account data may include email address, full name, password-related data, verification and reset token fields, Google sign-in identifier where Google sign-in is used, account preferences, role, verification status, two-factor authentication fields, account status, and IP address where stored.
Album data may include album name, description, type, event dates or year ranges, color and display settings, access and privacy settings, optional password-related settings, plan, storage quota, expiration and cleanup dates, short share id, profile image, logo, and other album configuration fields.
Customer album content and media data may include uploaded photos, videos, GIF posts, text posts, captions/descriptions, contributor names where provided, hashtags, original file names, object-storage keys, media URLs or thumbnail URLs, declared and detected MIME/extension data, media dimensions, duration, codec/container metadata, EXIF creation date where extracted, upload or processing timestamps, processing status and error fields, malware scan timestamps, media size, album export records, guest user identifiers, and IP address where stored for media.
Payment data may include payment-provider-related payment, checkout session, customer, subscription/payment status, product id, amount, currency, discount, refunded amount, shipping address where present, album linkage, and processing timestamps.
We use personal data to create and manage accounts and albums, authenticate users, provide guest upload links and QR flows, upload, process, optimize, display, store, download, export, and delete album media, enforce album settings and storage limits, send service emails, process payments, prevent abuse, maintain security, monitor reliability, troubleshoot errors, and improve the service.
Uploaded media may be processed to generate thumbnails, optimized display versions, metadata, downloadable exports, and malware scans.
Rompolo uses cookies and browser storage for core service functionality, authentication/session behavior, album access, consent preferences, analytics attribution, and service improvement.
The product app uses consent-management tooling to control optional analytics and marketing scripts where consent is required. Consent categories and retention for optional scripts are controlled by the production consent configuration.
Rompolo uses product analytics to understand site and app usage, measure marketing attribution, diagnose product flows, and improve the service. Analytics events may include page views, button clicks, referral and campaign fields, app handoff events, account and authentication milestones, album actions, upload and processing status, sharing actions, onboarding events, checkout/payment events, and service reliability signals.
Rompolo's analytics event contract is designed not to intentionally send verification tokens, passwords, album names, captions, contributor names, hashtags, filenames, signed URLs, exact upload URLs, exact MIME types, or backend exception messages.
Analytics settings for optional capture, replay, profiles, and masking are treated as part of production privacy configuration, especially on private album, upload, account, and checkout pages.
Rompolo may use consent-managed analytics and marketing scripts to measure page interactions, campaign performance, and service engagement.
Where session analytics tools are enabled, they should be disabled or masked on private album pages, guest upload pages, checkout/payment pages, and account pages where album names, captions, contributor names, form inputs, media URLs, or other customer content may appear.
Rompolo uses error monitoring and reliability tooling to detect crashes, troubleshoot defects, measure performance, and protect service stability.
Error and diagnostic data may include technical context such as browser or device information, page or request context, timing information, error messages, and related operational metadata.
Sensitive values such as cookies, authorization headers, request bodies, signed URLs, media URLs, album content, file names, email addresses, tokens, and other personal content should be redacted or avoided before events or error replays leave Rompolo systems.
Rompolo uses third-party providers where needed for hosting, content delivery, object storage, database and application infrastructure, payments, analytics, error monitoring, consent management, marketing tags/widgets, and transactional email.
Current providers include Cloudflare, Microsoft Azure, Stripe, PostHog, Sentry, Google and Meta marketing tools where enabled, CookieScript, Trustpilot, and Brevo for transactional email. Rompolo may update providers where needed to operate, secure, support, and improve the service.
Some subprocessors may process personal data in countries outside the European Economic Area. Where such transfers occur, Rompolo relies on appropriate safeguards under GDPR, including adequacy decisions or Standard Contractual Clauses.
Rompolo stores account, album, media, payment, analytics, log, and operational data for as long as needed to provide the service, maintain security and reliability, comply with legal obligations, resolve disputes, and enforce the Terms.
Album availability and media retention follow account, album, plan, and service settings. Expired or deleted albums, temporary upload links, exports, processing records, logs, analytics records, backups, payment records, and support records may each follow different operational retention periods.
Account, payment, log, analytics, backup, and support records may be kept as needed for service operation, security, accounting, dispute resolution, and legal compliance.
Depending on your location and role, you may have rights to access, correct, delete, restrict, object to, or export personal data. Some requests may need to be handled by the business customer where that customer is the controller for album/event content.
Business customers are responsible for having a lawful basis for collecting and using personal data in Rompolo albums, informing event participants and guests where required, obtaining consents or providing notices where required by law, configuring album access settings appropriately, and responding to data subject requests where the customer is controller.
For privacy or data protection questions, contact SIA "Rompolo" at support@rompolo.com.
