Last updated: July 8, 2026
Snappy ("we", "us", "the app") rates your photos and helps you keep the ones you love. This page explains what we collect, why, and what control you have over it — in plain language, matched to what the app actually does.
| Data | When | Why |
|---|---|---|
| Photos / camera frames | Every time you rate a photo or use live scoring | Sent to our scoring backend to compute a rating. Not retained after scoring unless you save it to My Shots. |
| Saved shots (My Shots) | Only if you explicitly save a rated photo | Stored so you can revisit or download your top picks (My shots). Tied to your account identity,
never to another user's. |
| Anonymous device identifier | On first visit | A random, signed token stored in your browser. Used to count free ratings and stop abuse — no name, email, or device fingerprinting involved. |
| Email address | Only if you register, log in, or sign in with Google | Identifies your account so a subscription and saved shots carry over across devices and browsers. |
| Password | Only if you register with email/password | Stored as a salted PBKDF2-SHA256 hash (600,000 iterations) — we never store or can see your actual password. |
| IP address | Every request | Hashed with a secret key before storage; used only to cap abuse from a single network, never linked back to a real IP or shared. |
| Subscription status | If you subscribe | Your Stripe customer ID, subscription ID, and plan/status — enough to know you're entitled to unlimited ratings. Your card number never touches our servers. |
| App preferences | As you use the app | Threshold, haptics, sound, and similar settings, stored locally in your browser (localStorage)
— never sent to us. |
Snappy doesn't use tracking cookies. It uses your browser's localStorage to remember your sign-in
tokens and app preferences on your own device. Clearing your browser's site data will sign you out and reset local
preferences; if you're signed in with an account, your subscription and saved shots are unaffected since they
live on our servers, not your device.
Photos submitted for scoring are processed and discarded — we don't build a library of your images unless you choose to save one to My Shots. Saved shots, account details, and usage counters are kept for as long as your account is active. If you want your account and its data deleted, contact us (below) and we'll remove it.
Traffic to Snappy is encrypted in transit (HTTPS). Passwords are hashed with PBKDF2-SHA256; session tokens are short-lived, cryptographically signed JWTs paired with a revocable refresh token, so a stolen token stops working shortly after and can be invalidated by logging out. Your saved-photo storage identifier is derived independently from your billing identifier, so the two can't be cross-referenced from either value alone.
Snappy is not directed at children under 13, and we don't knowingly collect information from them.
You can ask us to access, correct, or delete the data tied to your account at any time. If you're in a region with additional statutory rights (such as the EEA/UK's GDPR or California's CCPA), those rights apply to you as well — reach out and we'll accommodate the request.
If we materially change how we handle your data, we'll update the "last updated" date above and, where appropriate, notify you in the app.
Questions about this policy or your data? Email [email protected].