Cloudpixs Privacy Policy
Effective Date: April 19, 2026 · Last Updated: April 21, 2026
Cloudpixs is a photo organization and storage service operated by Gillette Printing and Engraving, located at 101 West Lakeway Rd, Gillette, WY 82718. Our website is cloudpixs.com, and our primary contact for privacy matters is privacy@cloudpixs.com.
This Privacy Policy describes how Cloudpixs collects, uses, stores, and shares information about you when you visit cloudpixs.com, use our photo upload or organization services, create an account, make a purchase, share albums or galleries, or contact us for support. It applies to all service tiers, including one-time Photo Dump customers, and to Free, Starter, Family, Plus, and Enterprise subscribers. It does not cover third-party websites linked from our platform, Stripe's handling of your payment data, or Blurb's handling of your shipping data for photo book orders.
By using our services, you agree to the practices described here. If you do not agree, please do not use Cloudpixs.
Information We Collect
We collect information in three ways: what you give us directly, what we gather automatically, and what we extract from the files you upload.
When you create an account, we collect your name, email address, and a hashed password. If you make a purchase, we collect billing address information for payment processing, though we never see or store your full card number — that goes directly to Stripe. When you contact us, we retain your name, email address, and the content of your messages. If you place a one-time Photo Dump order without an account, we collect only your email address for delivery of your download link and a temporary session ID.
When you use our service, we automatically collect your IP address, browser type and version, operating system, device type, pages visited, time spent, referring URLs, actions taken within the app, and error logs. Our servers record activity logs including timestamps, API endpoints accessed, and upload and download activity at the file count and size level, not the content level.
When you upload photos or videos, we extract metadata from those files. This includes the date and time a photo was taken, any GPS coordinates embedded by your camera, camera make and model, technical shooting settings, file format and resolution, and the original filename. We use GPS coordinates to derive human-readable place names using geographic lookup services, which powers location-based organization. Our AI systems also analyze the visual content of your photos to perform scene and object recognition, duplicate detection, screenshot detection, image quality scoring, and video key-frame extraction. If you enable face-based organization, our systems detect and cluster faces within your library as described below.
How We Use Your Information
We use your information to provide the service you paid for — processing your photos, organizing your files, generating your download or subscriber library, emailing you download links and receipts, maintaining your account, enabling album sharing, and fulfilling photo book orders. We use payment information to charge your payment method, issue refunds, and detect fraud. We use contact information to send transactional emails, respond to support requests, and — only with your consent — send marketing communications about new features and offers. We use aggregate usage data to improve the platform, debug errors, and develop new features. We use security-related data to detect abuse, enforce our Terms of Service, and comply with legal obligations.
We process your data to fulfill our contract with you, to serve our legitimate business interests in security and fraud prevention, with your consent where required (such as marketing emails and biometric processing), and to comply with legal obligations.
How We Share Your Information
We do not sell your personal information to advertisers or data brokers.
We share your information with trusted service providers who help us deliver the service: Stripe for payment processing, Blurb for photo book printing and shipping, Cloudflare for CDN and security, Google's Gmail SMTP for transactional email delivery, Vercel for website hosting, and Nominatim for GPS-to-location conversion. Each provider receives only the information needed to perform their specific function and is prohibited from using it for other purposes.
When you create a shared album or gallery link, the photos you select become accessible to anyone with that link. You control which photos are included, whether the link has a password or expiration date, whether recipients can download, and whether the link can be revoked.
We may disclose your information when required by law, in response to lawful government requests, to protect the rights or safety of Cloudpixs or our users, or to prevent fraud. Where permitted, we will notify you of such requests so you can seek legal remedy.
We may share anonymized, aggregated data that cannot identify individuals for business intelligence, research, or commercial purposes. See the Metadata section below for full details.
Your Photos and Files
Because we handle your memories, we want to be completely transparent about what happens to your files.
For one-time Photo Dump orders, your files are uploaded to a temporary, isolated processing environment on our servers. They are automatically and permanently deleted 14 days after your download link is generated, whether or not you downloaded them. We will attempt to send a reminder before deletion. We do not retain your original files after deletion. We do retain anonymized metadata extracted during processing.
For subscribers, your organized photos are stored on our NAS storage system while your subscription is active. On cancellation, you have a 30-day grace period to download your files before they are permanently deleted. We will send at least one email notification before deletion.
We will not use identifiable photos from your library to train AI models without your explicit consent. When we use data for AI improvement, we use only anonymized derived data — feature vectors and metadata patterns — that cannot reconstruct your original images. Your photos are never used for advertising or shared publicly without your explicit action.
Cloudpixs employees and contractors may access your files only when required to troubleshoot a problem you reported, required by law, or performing routine maintenance. We maintain access logs and limit access to the minimum personnel necessary.
AI Processing and Biometric Data
Cloudpixs uses artificial intelligence to organize your photos. Some features involve processing biometric data.
Biometric data includes unique physical characteristics that can identify a person, such as facial geometry derived from a photograph. Several U.S. states have specific laws governing biometric data, including Illinois, Texas, and Washington.
Face-based organization is an optional feature. When you enable it, our AI detects faces in your uploaded photos and groups faces that appear to be the same person using geometric similarity — not by name. You may optionally label each cluster with a name to create person-based folder organization. We do not build facial recognition profiles that can identify individuals in photos you did not upload, and our face clustering operates only within your own library.
By enabling face-based organization, you consent to the collection and processing of facial geometry from photos in your library. You also represent that you have the right to upload photos of the people appearing in them and to consent to their biometric processing on their behalf, as a family member or photographer. Face cluster data is retained while your account is active and is permanently deleted when you delete your account or disable the feature. We do not share biometric data with third parties except as required by law.
If you are a resident of Illinois, the Biometric Information Privacy Act applies to our processing. We obtain your written consent before collecting biometric identifiers, maintain a retention schedule with guidelines for permanent destruction, and do not sell or profit from biometric data. To exercise your BIPA rights, contact privacy@cloudpixs.com.
We do not use face cluster data or biometric information to train AI models in a way that could reconstruct or identify individuals.
Metadata Collection and Use
When your photos are processed, we extract and may retain GPS coordinates and derived place names, date and time of photos, camera make and model, scene tags, file count and size information, and the device type used to upload. We do not retain this metadata linked to your name or account after it is anonymized.
This metadata is used operationally to power your organized folder structure. In aggregate and anonymized form, it is also used to improve AI accuracy and processing performance.
As disclosed in our Terms of Service, Cloudpixs may use anonymized, aggregated metadata for commercial purposes, including selling trend reports to local businesses, providing device and behavior analytics to retail intelligence firms, and publishing regional photography trend data. This commercial use is always anonymized and cannot be linked back to you as an individual. It is aggregated across many users before any commercial use occurs. You cannot opt out of this anonymized commercial use because it does not involve personal data that identifies you. If you want all records associated with your account removed, you may request account deletion.
Anonymized metadata may be retained indefinitely. Account-linked metadata is retained for the duration of your account and for up to three years after account deletion for legal, fraud, and tax compliance.
Data Retention
One-time job files are deleted 14 days after your download link is generated. Subscriber library files are retained while your subscription is active and deleted 30 days after cancellation. Account information is deleted within 90 days of account deletion. Payment records are retained for seven years as required by law. Transaction logs are retained for three years. Email correspondence is retained for three years from your last interaction. Face cluster and biometric data is deleted when your account is deleted or when you disable the feature. Server and access logs are retained on a 90-day rolling basis. Anonymized metadata may be retained indefinitely.
When data is deleted, it is permanently removed from active systems. Backup copies may persist for up to 30 additional days before being overwritten.
Security
All data transmitted to and from Cloudpixs is encrypted using TLS 1.2 or higher. Stored files and sensitive account data are encrypted on our NAS storage systems. Files are stored in isolated, per-account directories with no cross-account access at the file system level. Our backend is protected by Cloudflare's security infrastructure, including DDoS protection and bot mitigation. Access to production systems is limited to authorized personnel, administrative access is logged and audited, and we do not store payment card data on our systems.
No system is perfectly secure. We cannot guarantee that unauthorized third parties will never be able to defeat our security measures. If you believe your account has been compromised, contact us immediately at privacy@cloudpixs.com.
In the event of a security breach that compromises your personal information, we will notify you by email within 72 hours of becoming aware of the breach and cooperate with any required regulatory notifications.
If you discover a security vulnerability in our systems, please report it to security@cloudpixs.com. We will not pursue legal action against good-faith security researchers who follow responsible disclosure practices.
Cookies and Tracking
We use essential cookies required for the service to function — keeping you logged in, remembering your preferences, and managing your upload session. You cannot opt out of essential cookies without losing access to core features. We use analytics cookies to understand how users interact with our platform in aggregate, which we use to improve the product and not for advertising. If you arrive from an advertising campaign, we may place a cookie to measure campaign effectiveness. We do not use marketing cookies to build advertising profiles or retarget you elsewhere.
You can manage or disable cookies through your browser settings. We honor browser-level Do Not Track signals by disabling non-essential analytics tracking when detected.
Third-Party Services
All payments are processed by Stripe, Inc., which is PCI-DSS Level 1 compliant. Payment information is transmitted directly to Stripe and governed by Stripe's Privacy Policy at stripe.com/privacy. Photo book orders are fulfilled by Blurb, Inc., and your name, shipping address, and book content are shared with Blurb solely for fulfillment. Blurb's Privacy Policy applies at blurb.com/about/privacy. Our website and API are protected by Cloudflare, which processes IP addresses and traffic metadata for security and performance purposes. Our website may contain links to third-party websites whose privacy practices we do not control.
Children's Privacy
Cloudpixs is not directed to children under 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, contact privacy@cloudpixs.com and we will delete it promptly. Users between 13 and 18 should use the service with parental supervision, particularly when uploading photos of minors or using face-based organization features.
Your Rights and Choices
You may access your account information, job history, and stored files by logging in at any time. To request a copy of all personal data we hold about you, email privacy@cloudpixs.com and we will respond within 30 days. You may update your name, email address, and account preferences in your account settings at any time.
You may delete your account at any time from your account settings. Upon deletion, your library files are queued for removal within 30 days, your account information is removed within 90 days, and payment records are retained for seven years as required by law. For one-time job customers without accounts, email privacy@cloudpixs.com with the email address used for your order to request deletion of your job records.
You may disable face-based organization at any time in your account settings. Doing so will delete your face cluster data and remove people-based organization from your library. Every marketing email we send includes an unsubscribe link, and you may also update your email preferences in your account settings. Transactional emails are not affected by marketing opt-outs. You may revoke any shared album link at any time from your account dashboard.
To exercise any of these rights or ask questions about your data, contact us at privacy@cloudpixs.com or by mail at Cloudpixs c/o Gillette Printing and Engraving, 101 West Lakeway Rd, Gillette, WY 82718. We will respond within 30 days. In some cases, we may need to verify your identity before processing your request.
California Residents
If you are a California resident, the CCPA and CPRA provide you with specific rights. In the preceding 12 months, we have collected identifiers such as name, email, IP address, and account ID; personal records including billing address and payment information; internet activity including pages visited and upload activity; geolocation from GPS embedded in your photos; biometric data in the form of facial geometry when you enable face-based organization; inferences drawn from account use; and commercial information including transaction history and subscription records. We collect this information directly from you, automatically through your use of the service, and from EXIF metadata in your uploaded files.
We disclose personal information only to service providers as listed in this policy. We do not sell or share personal information with third parties for cross-context behavioral advertising.
Under CCPA and CPRA, you have the right to know what personal information we have collected, the right to delete it, the right to correct inaccurate information, the right to opt out of sale or sharing for advertising purposes (we do not engage in these activities), the right to limit use of sensitive information to what is necessary to provide the service, and the right not to be discriminated against for exercising any of these rights. To submit a CCPA request, email privacy@cloudpixs.com with "CCPA Request" in the subject line. We respond within 45 days, extendable to 90 days with notice. You may designate an authorized agent to submit requests on your behalf.
Residents of Other States
If you are a resident of Colorado, Connecticut, Virginia, Texas, Utah, Montana, Iowa, Indiana, Tennessee, Oregon, Delaware, New Hampshire, New Jersey, Nebraska, or Minnesota, you may have rights to access, correct, delete, or obtain a portable copy of your personal data, and to opt out of targeted advertising, sale, or profiling. We do not engage in those activities. To submit a request, contact privacy@cloudpixs.com. Illinois residents should refer to the biometric data section above for BIPA-specific rights.
Data Transfers
Cloudpixs is based in the United States. Our primary server infrastructure is in Gillette, Wyoming. Cloudflare and Vercel may process traffic data at various global locations. If you access Cloudpixs from outside the United States, your information will be transferred to, stored, and processed here, where data protection laws may differ from your home country. We do not currently have users in the European Union or EEA and do not engage in GDPR-governed transfers. If that changes, we will update this policy accordingly.
Business Transfers
If Cloudpixs or Gillette Printing and Engraving is involved in a merger, acquisition, reorganization, bankruptcy, or sale of assets, your information may be transferred as part of that transaction. We will notify you by email and post a prominent notice on our website before your information becomes subject to a different privacy policy. You will have the opportunity to request deletion of your information before the transfer takes effect if the new owner's practices differ materially from ours.
Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will update the effective date at the top and post the revised policy at cloudpixs.com/privacy. For material changes that meaningfully expand how we use your data or reduce your rights, we will notify you by email at least 30 days before the change takes effect. Your continued use of Cloudpixs after a change takes effect constitutes acceptance of the updated policy.
Contact Us
For questions, concerns, or requests related to this Privacy Policy or your personal data, contact us at privacy@cloudpixs.com or by mail at Cloudpixs Privacy, c/o Gillette Printing and Engraving, 101 West Lakeway Rd, Gillette, WY 82718. We aim to respond to all inquiries within five business days and to fulfill all formal privacy requests within 30 days.
cloudpixs.com · privacy@cloudpixs.com · Gillette, Wyoming