Privacy Policy

1. Data controller

The data controller is D. Colomer Matachana, based in Spain. For any privacy-related question or request, contact dcolomer10@gmail.com.

2. What we collect

We process the minimum data needed to run the service:

• Account data — email address, hashed password, optional display name, account creation timestamp, email-verification status.
• Uploaded images — the camera-trap photographs you upload, plus derived artefacts (cropped images, background-removed images, edge masks) and the numerical embeddings produced by our model.
• Session metadata — session names, image counts, status, match decisions you make, and timestamps.
• Operational logs — IP addresses and request metadata used for rate limiting, debugging, and abuse prevention. Retained for 90 days.

We do not use cookies for tracking or advertising. We set one strictly-necessary authentication cookie when you log in. We do not currently run third-party analytics.

3. About leopard images

Leopards are not natural persons, so the leopard photographs you upload are not, by themselves, personal data under GDPR. However:

• the link between an image and your account (who uploaded what, when) is personal data and is treated as such;
• image metadata is your responsibility. Camera-trap photos can carry EXIF metadata such as GPS coordinates, camera serial numbers, and timestamps. We store images as-is and do not strip this metadata. If your photos contain metadata that could reveal sensitive information (for instance, the location of an active camera trap), you must remove it before uploading. Uploading photos with embedded metadata is at your own risk.

4. Why we process it (legal bases)

• Performance of a contract (Art. 6(1)(b) GDPR) — to create your account, run the identification pipeline you requested, and return results to you.
• Legitimate interests (Art. 6(1)(f) GDPR) — to keep the service secure (rate limits, abuse logs), to fix bugs, and to improve the model. You can object to legitimate-interest processing at any time.
• Legal obligation (Art. 6(1)(c) GDPR) — where we have to retain something to comply with applicable law.

5. Where data is stored

Account data, session metadata, and uploaded images are stored in Google Cloud (Firestore and Cloud Storage) in the europe-west1 region (Belgium). Compute (Cloud Run) runs in the same region.

6. Sub-processors and international transfers

We rely on the following sub-processors:

• Google Cloud Platform (Ireland / EU) — hosting, database, storage, compute. Data resides in the EU.
• Resend (United States) — transactional email delivery (verification, password reset). Receives your email address and your name only.
• Cloudflare (global CDN, DNS) — serves the frontend and protects the API. May process IP addresses and request metadata.

Where data leaves the EU (Resend, Cloudflare edge), transfers are covered by the European Commission's Standard Contractual Clauses included in those providers' data-processing agreements.

7. Retention

• Account data — kept while your account is active, deleted within 30 days of account deletion.
• Session metadata and the link from images to your account — same as account data.
• Image content and embeddings — retained while your account is active. On account deletion, we may keep image content and embeddings in anonymised form (without any link to your account) as research data, unless you explicitly request full erasure under Article 17 (see Your rights below).
• Operational logs — 90 days.

8. Your rights

Under GDPR you have the right to:

• access the personal data we hold about you (Art. 15);
• request correction of inaccurate data (Art. 16);
• request erasure of your data (Art. 17);
• request restriction of processing (Art. 18);
• receive your data in a portable format (Art. 20);
• object to processing based on legitimate interests (Art. 21);
• lodge a complaint with a supervisory authority. In Spain this is the Agencia Española de Protección de Datos (AEPD, aepd.es). EU residents may also complain to their national authority.

To exercise any of these, email dcolomer10@gmail.com. We respond within one month, as required by Art. 12(3).

9. Security

Passwords are hashed with bcrypt. Sessions use signed JWTs over HTTPS-only, HttpOnly cookies. Storage and database access are scoped to a service account with least-privilege IAM. We do not guarantee absolute security — no service can — but we apply standard industry safeguards.

10. Children

The service is intended for adults working in research or conservation. We do not knowingly collect data from children under 16. If you believe a child has registered, contact us and we will delete the account.

11. Changes to this policy

We may update this policy. Material changes will be announced by email or in-app notice at least 14 days before they take effect.

12. Contact

Privacy questions and data-subject requests: dcolomer10@gmail.com.