Privacy Policy - Photo2Form

Summary: Photo2Form is designed with privacy first. Your uploaded photos and generated files are automatically deleted 1 hour after upload. Deletion verification tokens are retained to provide proof of deletion. User accounts store only minimal data needed for access control.

What Data We Collect

Photos you upload — Temporarily stored to generate your output files (auto-deleted after 1 hour)
Generated files — CNC relief models (STL), laser engraving files (G-code, LightBurn, LaserGRBL), setup guides (PDF), and ZIP archives (auto-deleted after 1 hour)
Deletion verification tokens — A short, anonymous token (12-character hash) is generated for each upload session. This token is retained along with the timestamp of when the associated files were deleted, to provide verifiable proof of deletion. Tokens contain no personal information or file content.
User accounts (optional) — If you create an account: email address and securely hashed password
Server logs — Standard web server logs may temporarily contain request information for debugging purposes

We minimize data collection: We do not track browsing behavior, sell data, or share your information with third parties unless required by law. Your uploaded files are never voluntarily shared with, sold to, or accessed by any third party.

Why We Collect It

We collect uploaded photos only to provide the service you requested: converting your photo into CNC carving files (STL) or laser engraving files (G-code, LightBurn, LaserGRBL formats).

Legal Basis (GDPR Article 6(1)(f)): Legitimate interest — processing your photo is necessary to provide the service you explicitly requested.

How Long We Keep It

Automatic deletion after 1 hour: Your uploaded photos and generated files are automatically deleted 1 hour after upload. This happens automatically — you don't need to do anything.

Deletion verification tokens: The anonymous deletion token and deletion timestamp are retained indefinitely to provide verifiable proof that your files were deleted and when. These tokens contain no personal information, file names, or file content.

Files are identified by randomly generated IDs (like output_abc123.zip), not by any personal information.

What We Don't Do

No tracking cookies — We only use session cookies for login, not for tracking
No analytics — We don't track how you use the site
No sharing — We do not voluntarily share your photos or generated files with any third party. We will only disclose data if required by valid legal process (e.g., court order or lawful subpoena). Files are auto-deleted after 1 hour regardless.
No external API calls — All processing happens on this server
No secondary use — We don't use your photos to train AI models or for any other purpose
No password storage — We store only securely hashed passwords, never plaintext

CNC Prompt Generator

The CNC Prompt Generator creates optimized prompts for generating CNC-ready images. This tool:

Runs entirely on our server — no external API calls
Does not send any data to third parties
Generates prompts that you can use in external AI services (like ChatGPT) at your discretion
If you choose to use these prompts with external services, their privacy policies apply

Note: STL generation from photos uses local AI processing (Depth-Anything-V3) and does NOT send your photos to external services. Laser engraving image processing also runs entirely on this server.

Deletion Verification

Each upload session generates an anonymous deletion verification token. You can use this token to confirm that your files have been deleted:

While files exist: The verification endpoint confirms files are active and shows when they will be deleted
After deletion: The verification endpoint confirms files were deleted and shows the deletion timestamp

Tokens are anonymous — they cannot be used to recover any file content, determine what was uploaded, or identify who uploaded it.

Your Rights (GDPR Compliance)

Under GDPR and similar privacy laws, you have the right to:

Access: See what data we have (your uploaded files while they exist)
Deletion: Request immediate deletion (files are also auto-deleted after 1 hour)
Rectification: Correct any data (not applicable — we only store files you upload)
Data Portability: Download your data (you can download the files we generate)

Note: Files are automatically deleted after 1 hour. User accounts store minimal data (email and hashed password).

User Accounts

If you have a user account:

What we store: Email address, securely hashed password, account role, creation date
How long: Account data is stored until you request deletion or the account is removed by an administrator
Deletion: Contact the administrator to request account deletion

Data Security

Files are stored temporarily in a secure directory with randomized filenames
Passwords are hashed using SHA-256 with unique salts — we cannot read your password
All processing happens on this server — no cloud services or external APIs involved
Automatic cleanup prevents indefinite storage of uploaded files
HTTPS encryption protects data in transit

Payment Data

If you subscribe to a paid plan:

We do not store payment card details. All payment processing is handled by our third-party payment processor.
We store only: subscription status, plan type, and billing period dates
Our payment processor's privacy policy governs the handling of your payment information

International Users

This service is available to users worldwide, except in jurisdictions subject to comprehensive sanctions (see our Terms and Conditions for details). We aim to comply with:

GDPR (European Union)
CCPA/CPRA (California, USA)
General privacy best practices worldwide

Our minimal data collection and auto-deletion practices are designed to exceed privacy requirements across jurisdictions.

Changes to This Policy

We may update this privacy policy occasionally. For material changes, we will provide at least 30 days notice via email to registered users. Any changes will be posted on this page with an updated revision date. Continued use of the service after changes constitutes acceptance.

Contact

If you have questions about this privacy policy or want to exercise your data rights, please contact the server administrator.

Open Source

Photo2Form's privacy practices are verifiable through the application's source code. If you would like to review the code, please contact us for access.