1. Introduction

Welcome to ShotScout ("we," "our," or "us"). We are committed to protecting your privacy and ensuring you have a positive experience on our website and in using our photography planning services. This Privacy Policy outlines how we collect, use, disclose, and safeguard your information when you visit our website or use our services.

By using ShotScout, you consent to the data practices described in this policy. If you do not agree with the practices described in this policy, please do not use our services.

2. Information We Collect

2.1 Personal Information

We may collect personal information that you voluntarily provide to us when you:

• Register for an account
• Use our photography planning services
• Contact us for support
• Subscribe to our newsletter
• Participate in surveys or promotions

This information may include:

• Name and email address
• Photography locations and preferences
• Account credentials
• Communication preferences
• Any other information you choose to provide

2.2 Automatically Collected Information

When you visit our website, we may automatically collect certain information about your device and usage patterns:

• IP address and location data
• Browser type and version
• Operating system
• Pages visited and time spent
• Referring website
• Device identifiers

3. How We Use Your Information

We use the information we collect for various purposes, including:

• Service Provision: To provide, maintain, and improve our photography planning services
• Account Management: To create and manage your account
• Communication: To send you updates, newsletters, and respond to inquiries
• Personalization: To customize your experience and provide relevant content
• Analytics: To understand how our services are used and improve them
• Legal Compliance: To comply with applicable laws and regulations
• Security: To protect against fraud and ensure platform security

4. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA), our legal basis for collecting and using your personal information depends on the specific context:

• Consent: When you have given clear consent for specific processing activities
• Contract Performance: When processing is necessary to provide our services
• Legitimate Interests: When we have legitimate business interests that don't override your rights
• Legal Obligation: When required by law

5. Information Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information in the following circumstances:

5.1 Service Providers

We may share information with trusted third-party service providers who assist us in operating our website and providing services:

• Supabase: Database and authentication services (EU-based with GDPR compliance)
• Vercel: Website hosting and deployment
• Email Service Providers: For sending notifications and updates

5.2 Legal Requirements

We may disclose your information if required by law or in response to valid legal requests.

6. Your Rights (GDPR)

If you are located in the EEA, you have the following rights regarding your personal data:

• Access: Request access to your personal data
• Rectification: Request correction of inaccurate data
• Erasure: Request deletion of your data ("right to be forgotten")
• Restriction: Request restriction of processing
• Portability: Request transfer of your data
• Objection: Object to processing based on legitimate interests
• Withdraw Consent: Withdraw consent at any time

To exercise these rights, visit your Privacy Dashboard or contact us using the information below.

7. Data Security

We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption of data in transit and at rest
• Regular security assessments
• Access controls and authentication
• Secure hosting infrastructure

8. Data Retention

We retain your personal information only as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. When we no longer need your information, we will securely delete or anonymize it.

9. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience on our website. You can control cookie preferences through your browser settings or our consent management system.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for such transfers, including adequacy decisions and standard contractual clauses.

11. Children's Privacy

Our services are not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If you believe we have collected information from a child under 16, please contact us immediately.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. Your continued use of our services after such changes constitutes acceptance of the updated policy.

13. Contact Information