Privacy Policy

Effective date

December 3, 2025

Company

Autelika (Sweden) ("Autelika", "we", "us")

Product

Revel.cam (the "App"/"Service")

Website

https://revel.cam

Contact

support@revel.cam

This Privacy Policy explains how Autelika collects, uses, shares, and protects personal information when you use Revel.cam.

1. What Revel.cam does

Revel.cam is a social photo sharing app. A host creates an event (a "Moment") with settings like a name, maximum participants, per-guest photo limit, and an end date. Guests can join by scanning an invite (for example, via QR code or NFC) and may use an App Clip (iOS) or Instant App (Android) to take and upload photos to the Moment. When a Moment ends, a gallery is shared with participants, and hosts may be able to review photos before they go live.

2. Personal information we collect

We collect only the types of information needed to provide and improve the Service.

A) Information you provide

• Account information (hosts and registered users): email address.
• Content you upload: photos you upload to a Moment.

B) Guest use (no account required)

Guests may upload photos to a Moment without creating an account. In that case, we collect:

• the photos they upload, and
• limited usage and security data (described below) to operate and protect the Service.

C) Information collected automatically

• Usage events: basic information about how you interact with the Service (for example, feature usage, app events, and timestamps).
• Security-related data: information used to protect the Service from abuse and to maintain reliability (for example, logs needed to investigate errors or suspicious activity).

D) Purchases and payments

Revel.cam may offer paid features via Apple App Store and Google Play (in-app purchases). We do not store full payment card details. We may receive and store:

• transaction identifiers and related purchase information provided by Apple/Google.

E) What we do not collect (based on current product design)

• No precise location data
• No advertising/retargeting data for behavioral ads
• No sensitive categories of personal data (as defined by GDPR), and we do not aim the Service at children

3. How we use personal information

We use personal information to:

• Provide the Service & manage accounts (e.g., create/log in to accounts, run Moments, upload and display photos).
• Customer support (e.g., respond to questions and troubleshoot issues).
• Analytics & product improvement (e.g., understand usage patterns and improve features).
• Security & fraud prevention (e.g., detect abuse, protect users, and maintain service integrity).
• Transactional communications (e.g., password reset emails, purchase/receipt-related notifications).
• Personalization (e.g., tailor parts of the experience, such as how Moments and galleries are presented).

4. Legal bases for processing (GDPR)

If GDPR applies, we process personal data under these legal bases:

• Contract: to provide the Service you request (including enabling Moments and photo uploads).
• Legitimate interests: to improve the Service, keep it secure, prevent abuse, and maintain reliability (balanced against your rights).
• Legal obligation: to comply with applicable laws (for example, bookkeeping/tax rules connected to billing records).
• Consent: where required by law for specific processing (for example, if we introduce optional features that require consent).

5. How Moments and photos work (sharing/visibility)

• Photos uploaded to a Moment are intended to be shared within the Moment experience.
• When a Moment ends, a gallery is shared with participants of that Moment.
• Hosts may have the ability to review photos before they are visible in the gallery (depending on Moment settings/features).

You should only upload content you have the right to share.

6. How we share personal information

We do not sell your personal information, and we do not share it for cross-context behavioral advertising.

We may share personal information only in these situations:

A) Service providers (processors)

We use vendors to operate the Service, such as:

• Hosting & infrastructure: Google Cloud Platform (GCP), Hetzner
• Email: Resend, Fastmail
• Error monitoring: Sentry
• Payments: Apple in-app purchases, Google Play in-app purchases

These providers process personal information on our behalf under contractual obligations consistent with this policy.

B) Legal and safety

We may disclose information if we believe it is reasonably necessary to:

• comply with law or valid legal process,
• protect the rights, safety, and security of Autelika, our users, or the public,
• prevent fraud, abuse, or security incidents.

C) Business transfers

If we are involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, personal information may be transferred as part of that transaction, subject to appropriate safeguards.

7. International data transfers

Your information may be processed in the EU and the United States, depending on where our vendors operate.

If GDPR applies and your data is transferred outside the EEA/UK, we use appropriate safeguards where required (for example, contractual protections designed for international transfers).

8. Data retention

We keep personal information only as long as needed for the purposes described above, unless a longer period is required by law.

Based on current practices:

• Backups: retained up to 1 month.
• Account data after deletion request: removed from active systems; may remain in backups for up to 1 month.
• Usage/security logs: retained up to 10 years (for long-term security, reliability, and record-keeping needs).
• Billing records: retained indefinitely where required for bookkeeping/legal compliance.

9. Your rights and choices

A) Account controls

• Delete your account: available in-product.
• Export your data: available by request via email to support@revel.cam.

B) GDPR rights (EU/EEA/UK)

Depending on your location and circumstances, you may have the right to:

• access your personal data,
• correct inaccurate data,
• delete your data,
• restrict or object to certain processing,
• data portability,
• withdraw consent (where processing is based on consent).

You can exercise these rights by contacting support@revel.cam. We may need to verify your identity before fulfilling a request.

You also have the right to lodge a complaint with your local data protection authority.

C) CCPA/CPRA rights (California)

If you are a California resident, you may have the right to:

• Know what personal information we collect, use, disclose, and share;
• Delete personal information (subject to legal exceptions);
• Correct inaccurate personal information;
• Access/portability of certain information;
• Non-discrimination for exercising your privacy rights.

Do Not Sell or Share: We do not sell personal information or share it for cross-context behavioral advertising.

To exercise these rights, contact support@revel.cam. We will verify your request (for example, by confirming account access or relevant details).

10. Security

We use reasonable administrative, technical, and organizational measures designed to protect personal information. However, no method of transmission or storage is 100% secure.

11. Children's privacy

Revel.cam is not intended for children, and we do not knowingly collect personal information from children. If you believe a child has provided personal information, contact us at support@revel.cam.

12. Changes to this policy

We may update this Privacy Policy from time to time. We will update the Effective date at the top and publish the new version on https://revel.cam. Your continued use of the Service after changes means you accept the updated policy.

13. Contact us

For privacy questions or requests, contact: support@revel.cam