Privacy policy

PhotoMagic is a tool that helps you triage photos that already live in your Google Drive or Google Photos. We don’t copy your photo files onto our servers. We only store the small bits of metadata we need to remember your selections and let collaborators see them.

When you sign in with Google, we request the following OAuth scopes:

• openid email profile — to identify your account and show your name and avatar.
• drive — to list image files in the folders you point us at, to read thumbnails for triage, and (only when you click those buttons) to create a destination folder and copy/shortcut the selected files, or apply lossless EXIF rotation to a photo you rotated in the UI.
• photoslibrary.appendonly — only used if you click Send to Photos. Lets us add your picks to a new Google Photos album we create. We cannot read your existing Photos library.

The following lives in our Supabase database:

• Your Google user id, email, name, and avatar URL.
• A row per Drive folder you’ve opened, with the folder’s id and name.
• Per-photo selection state (pick / maybe / reject) referenced by Drive file id — never the file contents.
• An append-only event log of selection changes so you can scrub through your history.
• Optional small per-file metadata for AI features: perceptual hash, image dimensions, capture time, face count. We never store the photo itself or recognizable face data.
• If you publish a lookbook, we store the layout spec and the thumbnail URLs (already-public Google-hosted thumbnails) so anyone with the link can view the page.

• Your raw image files. Ever.
• Your Google access or refresh tokens beyond the encrypted Supabase auth session.
• Faces, biometrics, embeddings tied to your identity.
• Analytics, third-party trackers, or advertising pixels.

Only you and any collaborators you explicitly invite to a session (by sharing the session URL). We enforce this with Supabase row-level security — collaborators can only read sessions they’re a member of.

Public lookbooks are the one exception: when you click Share as web page, anyone who has the unguessable slug URL can view the assembled book (and grab the PDF). They cannot see your other sessions or pick state.

We set a single first-party cookie to keep you signed in (the Supabase auth session). No third-party cookies, no marketing cookies.

You can revoke PhotoMagic’s access at any time:

• Go to myaccount.google.com/permissions → find PhotoMagic → Remove access.
• To also delete your data on our side, email hello@photomagic.live from the account address. We delete your row(s), session memberships, and event history within 7 days.

Database: Supabase (Postgres) in the Northeast Asia (Tokyo) region. Hosting: Vercel. Photos themselves never leave Google’s infrastructure on the way to your browser.

If we change anything substantive we’ll update the date at the top and, for existing users, surface the change on next sign-in.

Questions? Reach out at hello@photomagic.live.