← Back to SnapIt

Privacy Policy

Last updated: 20 March 2026

1. Introduction

SnapIt ("we," "our," or "us") is a mobile application operated by GroupIt4U, based in Cyprus. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use the SnapIt mobile application and related services (the "Service"). By using the Service, you consent to the practices described in this policy. If you do not agree, please do not use the Service.

2. Information We Collect

We collect the following categories of personal data:

2.1 Account Information

  • First name, last name, email address, phone number (with country code)
  • Password (stored in hashed form; we never store or have access to your plaintext password)
  • Account type (Client or Creator/Photographer)
  • Authentication provider (email, Apple Sign-In, or Google Sign-In)

2.2 Profile Information

  • Profile photo
  • For Creators: bio, portfolio title, portfolio media (photos and videos), skill level, spoken languages, website URL, social media links (Instagram, Facebook, TikTok, Pinterest), business address, business city, business country, and service categories (photography, video, promotional/advert, event coverage, aerial footage, pet photography, baby & newborn, wedding, fashion, food & product, real estate, sports, portrait, landscape & nature, corporate)
  • For Creators: service packages (name, description, price, duration, example photos) and add-ons

2.3 Verification Documents (Creators only)

  • Government-issued identification document (front and back)
  • Professional license or equivalent certification
  • Full legal name, postal address, and (optionally) company name

2.4 Payment and Financial Information

  • Payment card details are processed directly by Stripe; we do not store, see, or have access to your full card number, CVV, or expiry date
  • For Creators: bank account and payout details are collected and managed by Stripe Connect; we store only your Stripe account identifier
  • Transaction records: booking amounts, currency (EUR), payment status, refund records, and Stripe transaction identifiers

2.5 Booking and Schedule Data

  • Booking details: date, time, duration, selected package, add-ons, shoot address, notes, completion status
  • Schedule data: weekly working hours, slot duration settings, unavailable dates, extra time slots
  • Dispute data: dispute reason, Creator response, resolution outcome

2.6 Location Data

  • Foreground location (all users): When you grant permission, we access your device location to display nearby photographers on the map, to show your position relative to Creators, and to set a shoot address when booking. This data is used only while the app is actively in use.
  • Background location (Creators only): When a Creator sets their status to "online," the app tracks their location in the background to update their availability and position for nearby clients. Background tracking stops automatically when the Creator goes offline or exits their scheduled working hours. Creators can disable this at any time via device settings.
  • Stored location data: Creator studio/business coordinates and address; live coordinates while online; client shoot address per booking. Creator timezone is derived from their business location.

2.7 Device and Technical Data

  • Device type, operating system, and version
  • Push notification token (Expo push token) for delivering notifications
  • IP address and access logs
  • App version and crash reports (via Expo Application Services)

2.8 Communications

  • In-app chat messages between Clients and Creators
  • Support inquiries and messages from administrators
  • Notification preferences (bookings, messages, reminders)

2.9 User Reports

  • Reports submitted via the app (reason, description, associated booking)
  • Report categories: no-show, unprofessional conduct, safety concern, fraud, harassment, bug, payment issue, inappropriate user, and other

2.10 App Preferences

  • Language selection (English, Greek, German, Spanish, Italian, Portuguese, Russian, Turkish, Arabic)
  • Theme preference (light or dark mode)
  • Favorite photographers

3. How We Collect Information

Directly from you: When you create an account, complete your profile, make a booking, send a message, submit a report, or contact support.

Automatically: Device information, location data (with your permission), push notification tokens, and usage data are collected automatically when you use the app.

From third parties: When you sign in with Apple or Google, we receive your name and email from those providers. Stripe provides us with payment confirmation and transaction status (not your card details).

4. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and maintain the Service
  • Process bookings, payments, refunds, and payouts
  • Display Creator profiles (including categories, packages, portfolio, social media links, and availability) to Clients
  • Manage scheduling, time slots, and Creator online/offline status
  • Facilitate in-app communication between Clients and Creators
  • Send booking confirmations, status updates, and push notifications
  • Send email verification and password reset links
  • Process and respond to user reports and disputes
  • Verify Creator identity and credentials
  • Detect, investigate, and prevent fraud, abuse, and unauthorized access
  • Enforce our Terms of Service and protect the safety of our users
  • Improve and personalize your experience (language, theme, recommendations)
  • Comply with legal obligations and respond to lawful requests
  • Perform platform administration, including maintenance mode management

We process your data based on: your consent, performance of a contract (providing the Service), our legitimate interests (security, fraud prevention, service improvement), or legal obligations, as applicable under the GDPR.

5. Data Sharing and Disclosure

We may share your information with the following parties:

  • Other users: When you book a Creator, we share necessary contact and location details with them. Creator profiles (name, photo, bio, categories, packages, portfolio, social links, availability, reviews) are visible to Clients.
  • Stripe: Our payment processor. Stripe collects and processes card details (for Clients) and bank account details (for Creators) under Stripe's Privacy Policy. We share booking amounts and user identifiers with Stripe to process payments, payouts, and refunds.
  • Supabase: Our backend infrastructure provider. Your data is stored on Supabase servers with row-level security policies. Supabase processes data under their privacy policy and applicable data processing agreements.
  • Expo (Expo Application Services): We use Expo for push notifications and app builds. Your push notification token is shared with Expo to deliver notifications.
  • Google Maps: We use Google Maps to display maps within the app. Your approximate location may be shared with Google when viewing maps, subject to Google's Privacy Policy.
  • Apple and Google (authentication): If you sign in with Apple or Google, those providers process your authentication data under their respective privacy policies.
  • Platform administrators: Our administrators may access user data, bookings, reports, and profiles for support, dispute resolution, user management, and platform operations.
  • Law enforcement and legal: We may disclose your information if required by law, court order, or governmental regulation, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

We do not sell, rent, or trade your personal data to third parties for marketing purposes.

6. Verification Documents

Creators submit identification and license documents for verification. These documents are:

  • Stored securely in our storage system with access restricted to the document owner and platform administrators
  • Reviewed manually for identity and credential verification
  • Retained as required by law and our verification records
  • Never shared with other users, third parties, or external services (except as required by law or to prevent fraud)

You may request deletion of your verification documents, subject to legal retention requirements, by contacting us.

7. Data Storage, Security, and Retention

Storage: Your data is stored on secure servers provided by Supabase (EU region). We implement row-level security policies to ensure users can only access their own data. File uploads are restricted so that each user can only upload, modify, or delete files in their own storage folder.

Security measures: We use industry-standard security measures including encrypted connections (HTTPS/TLS), hashed passwords, JWT-based authentication with session expiry, rate limiting on authentication endpoints, webhook signature verification for payment processing, and server-side permission checks on all API endpoints.

Retention: We retain your personal data only for as long as necessary to fulfill the purposes described in this policy, including legal, accounting, and reporting requirements. Booking records, dispute records, and payment records may be retained after account deletion as required by law. When data is no longer needed, we securely delete or anonymize it.

Account deletion: You can delete your account from the app Settings. Upon deletion, your profile, personal data, and associated records are removed. Certain records (completed bookings, payment transactions) may be retained in anonymized form for legal and financial compliance.

8. Your Rights Under GDPR (EEA/UK Users)

If you are located in the European Economic Area or the United Kingdom, you have the following rights:

  • Right of access: Request a copy of the personal data we hold about you
  • Right to rectification: Request correction of inaccurate or incomplete data
  • Right to erasure: Request deletion of your personal data (subject to legal retention requirements)
  • Right to restriction: Request that we limit the processing of your data
  • Right to data portability: Request your data in a structured, machine-readable format
  • Right to object: Object to processing based on legitimate interests
  • Right to withdraw consent: Withdraw consent at any time where processing is based on consent

To exercise any of these rights, contact us at groupit4usupport@gmail.com. We will respond within 30 days. You also have the right to lodge a complaint with your local data protection supervisory authority.

9. Your Rights Under CCPA (California Users)

If you are a California resident, you have the right to:

  • Know what personal information we collect, use, and disclose
  • Request deletion of your personal information
  • Opt out of the sale of personal information (we do not sell your data)
  • Non-discrimination for exercising your privacy rights

To exercise these rights, contact us at groupit4usupport@gmail.com.

10. International Data Transfers

Our primary data storage is in the European Union (Supabase EU region). Some third-party services (Stripe, Expo, Google) may process data in other jurisdictions. Where personal data is transferred outside the EEA, we ensure appropriate safeguards are in place, including Standard Contractual Clauses or adequacy decisions, as required by applicable law.

11. Cookies and Local Storage

As a mobile application, SnapIt does not use browser cookies. We use device local storage (AsyncStorage) to store your authentication session, app preferences (language, theme), and notification settings. This data remains on your device and is not shared with third parties. You can clear this data by logging out or uninstalling the app.

12. Children's Privacy

The Service is not intended for individuals under the age of 16. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe your child has provided us with personal data, please contact us at groupit4usupport@gmail.com and we will promptly delete such information.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by posting the updated policy in the app and on our website, and updating the "Last updated" date. Your continued use of the Service after changes are posted constitutes your acceptance of the updated policy.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

Email: groupit4usupport@gmail.com

SnapIt is operated by GroupIt4U, based in Cyprus.