Privacy Policy

What We Collect

Easy Photo Player collects the minimum data necessary to provide the service:

• Google account email — used to identify your account
• Google Photos access — we access only the photos and videos you explicitly select through the Google Photos Picker. We do not access your entire photo library.
• Device information — your TV's webOS version and an app-generated device ID (not a hardware serial number)
• Usage data — daily view counts for quota management

What We Do NOT Collect

• Your name or profile picture
• Your full Google Photos library
• TV hardware identifiers (serial number, MAC address, IP address)
• Location data

How We Use Your Data

Your data is used solely to:

• Display your selected photos on your linked TV
• Manage your subscription and billing
• Refresh photo URLs automatically (Google Photos URLs expire every 60 minutes)

Photo Storage

We do not permanently store your photos. We store only temporary URLs provided by Google Photos, which expire and are refreshed automatically. Your original photos remain in your Google Photos account.

Third-Party Services

• Google — authentication and photo access (Google Photos Picker API)
• Stripe — payment processing (we do not store your payment details)
• Google Cloud Platform — hosting

Data Storage Location

All user data we store is kept on Google Cloud Platform servers located in Europe (Finland, europe-north1). Third-party services (Google, Stripe) may process data in other regions according to their own privacy policies.

Data Security

We take reasonable and appropriate steps to protect your data against unauthorized access, alteration, disclosure, or destruction:

• Encryption in transit — all data transmitted between your browser, your TV, and our servers is encrypted using HTTPS/TLS
• Encryption at rest — all data stored in our database is encrypted at rest using Google Cloud Platform's default encryption (AES-256)
• Token security — Google OAuth tokens are stored encrypted in our database and are never exposed to client applications or third parties
• Access control — access to production systems and user data is restricted to authorized personnel only
• Infrastructure security — our servers run on Google Cloud Platform, which maintains SOC 2, ISO 27001, and ISO 27017 certifications
• Minimal data retention — we do not store your photos or videos; only temporary, auto-expiring URLs are kept and refreshed as needed

Google API Services User Data Policy

Easy Photo Player's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:

• We only use Google user data to provide and improve the Easy Photo Player service
• We do not transfer Google user data to third parties except as necessary to provide the service
• We do not use Google user data for advertising purposes
• We do not allow humans to read Google user data unless required for security purposes, to comply with applicable law, or with the user's explicit consent

Data Retention

We retain your account data for as long as your account is active. Photo metadata (URLs, dimensions) is stored temporarily and refreshed automatically. We do not store copies of your actual photos or videos. When you delete your account or remove photos, the associated data is deleted immediately from our servers.

Data Deletion

You can delete your account and all associated data at any time by unlinking your TV and removing your photos from the web app. To request complete data deletion, contact us at the email below.

Contact

For privacy-related questions, contact: myynti@hdsoft.fi