Skip to Content
LegalPrivacy Policy

Privacy Policy

Last updated: 13 November 2025

1. Introduction

Pichr is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our image hosting service. This policy complies with the UK GDPR and Data Protection Act 2018.

2. Information We Collect

2.1 Account Information

When you register, we collect:

  • Email address
  • Username
  • First and last name
  • Password (securely hashed)

2.2 Uploaded Content

We store images you upload along with associated metadata including file name, size, upload date, and MIME type.

2.3 Usage Data

We automatically collect:

  • IP addresses
  • Browser type and version
  • Device information
  • Access times and dates
  • Pages visited and actions taken

2.4 Payment Information

Payment processing is handled by Stripe. We store your Stripe customer ID and subscription status but do not store credit card details.

3. How We Use Your Information

We use your information to:

  • Provide and maintain the service
  • Process uploads and manage your content
  • Authenticate your account
  • Process payments and manage subscriptions
  • Detect and prevent abuse, including NSFW content classification
  • Comply with UK Online Safety Act 2023 requirements
  • Monitor service performance and usage patterns
  • Send service-related notifications
  • Respond to support requests

We process your data under the following legal bases:

  • Contractual necessity: Account creation and service provision
  • Legitimate interests: Fraud prevention, abuse detection, service improvement
  • Legal obligation: UK Online Safety Act compliance, DMCA responses
  • Consent: Marketing communications (opt-in only)

5. Data Sharing and Disclosure

5.1 Third-Party Services

We share data with:

  • Cloudflare: Infrastructure and CDN services
  • Supabase: Database and authentication services
  • Stripe: Payment processing
  • Cloudflare AI: NSFW content detection (images only, no personal data)

We may disclose your information if required by law, court order, or to comply with legal obligations including the UK Online Safety Act 2023.

5.3 Law Enforcement

We cooperate with law enforcement regarding illegal content (CSAM, terrorism). We maintain audit logs of moderation actions for regulatory compliance.

6. Data Retention

We retain your data as follows:

  • Account data: Until account deletion or 2 years of inactivity
  • Uploaded images: Until manually deleted by user
  • Audit logs: 7 years (legal requirement)
  • Payment records: 7 years (HMRC requirement)
  • Usage logs: 90 days

7. Your Rights (UK GDPR)

You have the right to:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate data
  • Erasure: Request deletion of your data (right to be forgotten)
  • Portability: Receive your data in machine-readable format
  • Restriction: Request processing limitation
  • Object: Object to processing based on legitimate interests
  • Withdraw consent: Opt out of marketing at any time

To exercise these rights, contact privacy@pichr.io

8. Cookies and Tracking

We use essential cookies for:

  • Authentication (session management)
  • Age verification status
  • User preferences

We do not use third-party advertising or analytics cookies. See our Cookie Policy for details.

9. International Data Transfers

Your data is primarily stored in the EU (Supabase EU region). We use Cloudflare’s global network for content delivery. All transfers comply with UK GDPR adequacy requirements.

10. Children’s Privacy

Users under 18 are considered children under UK law. We apply age-appropriate protections including NSFW content filtering and enhanced moderation. Users under 13 are prohibited from using the service.

11. Security Measures

We implement industry-standard security measures including:

  • Encrypted data transmission (TLS 1.3)
  • Password hashing (bcrypt)
  • Rate limiting and DDoS protection
  • Regular security audits
  • Access controls and authentication

12. Changes to This Policy

We may update this Privacy Policy periodically. Material changes will be notified via email. Your continued use after changes constitutes acceptance.

13. Contact and Complaints

For privacy inquiries: privacy@pichr.io

To lodge a complaint with the UK supervisory authority: Information Commissioner’s Office (ICO) Website: ico.org.uk

DMCA & Copyright PolicyTerms of Service