Privacy Policy

Effective Date: March 2026

City in Frames is committed to protecting your privacy. We operate a highly secure digital infrastructure designed to process high-fidelity media, manage marketplace transactions, and facilitate global photography assignments. This policy outlines how we collect, use, and protect your personal information across our platform.

1. Information We Collect

To provide our services, we collect specific types of information from Clients, Photographers, and Platform Personnel:

Account & Identity Data: Full names, email addresses, phone numbers, and encrypted passwords. If you register using Single Sign-On (Google or Facebook), we securely receive your primary email and public profile data.
Financial & Transaction Data: For Clients, payment processing is handled exclusively via Stripe; we do not store your credit card numbers on our servers. For Photographers, we collect payout destination details (e.g., GCash, Bank Routing) and internal wallet ledger histories.
Logistical & Location Data: City preferences, requested meeting venues, and scheduled dates to facilitate our matchmaking and assignment broadcast algorithms.
Media & Digital Assets: Unedited RAW files uploaded by Photographers, and the final, color-graded assets delivered to the Client.
Communications & Telemetry: All in-platform messages transmitted via our real-time chat interface are securely logged to resolve disputes, ensure quality assurance, and protect user safety.

2. How We Use Your Data

Your information powers the core mechanics of the City in Frames marketplace:

Marketplace Matchmaking: Routing client assignment details to available local Photographers based on location, niche, and schedule availability.
Secure Escrow & Payouts: Utilizing your financial data and live market exchange rates to safely process deposits, hold funds in escrow, and execute automated professional payouts.
Production Workflow: Routing your RAW images to our internal Editing Team for post-production, followed by Command Center Quality Assurance (QA).
Asset Delivery: Generating secure, uniquely hashed URLs to safely deliver the final gallery to the Client.

Client Privacy & Secure Delivery Guarantee

We treat your memories with the highest level of confidentiality. Once the Quality Assurance phase clears, completed visual assets are stored on secure cloud infrastructure. Access to your final gallery is strictly restricted to your assigned Photographer, our internal QA personnel, and anyone you choose to share your private delivery link with.

3. Third-Party Data Sharing

City in Frames operates under a strict zero-sale data policy. We never sell your personal data. We only share information with trusted third-party sub-processors necessary to run the platform:

Payment Gateways (Stripe): Transaction data is securely routed via encrypted Webhooks to process payments and verify funds.
Cloud Infrastructure: High-resolution media assets are securely stored in cloud hosting buckets.
Platform Matchmaking: Pertinent contact and logistical data (excluding payment information) is shared solely between the matched Client and their assigned Photographer to coordinate the shoot.

4. Security Measures & Disclaimer

We rely on enterprise-grade security to protect your data. This includes Bcrypt password hashing, Cross-Site Request Forgery (CSRF) tokens on all account actions, and secure WebSockets for encrypted chat. Administrative access to platform data is strictly governed by internal Role-Based Access Controls (RBAC).

Disclaimer: While we strive to use commercially acceptable means to protect your personal information, no method of transmission over the internet or method of electronic storage is 100% secure. Therefore, we cannot guarantee its absolute security and the owners of City in Frames assume no liability for unauthorized access, data breaches, or cyber-attacks beyond our reasonable control.

5. Data Retention & Account Deletion

We retain transaction records, media assets, and chat logs for as long as necessary to fulfill our service obligations and comply with legal accounting requirements. Users may request account deletion at any time. Upon account termination, all associated personal data, unassigned portfolios, and private media assets will be systematically removed from our active servers and cloud buckets.

6. Cookies and Tracking

City in Frames uses essential cookies to maintain secure login sessions (via cryptographic session tokens) and prevent Cross-Site Request Forgery attacks. By using our platform, you consent to the use of these mandatory functional cookies. We do not currently use invasive third-party tracking cookies for targeted advertising.

7. Age Restrictions

Our platform is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal data, please contact our support team immediately so we may delete the account and associated information.