Your data
The short version
Daguerre is a tool for running a photography studio. Your contacts, bookings, photos and contracts are yours. We host them so the app can work, and we hand them back whenever you ask. This page is the plain-English read of what that means in practice. The Privacy Policy is the formal legal version.
Where your data lives
Photos are stored on Vercel Blob (S3-compatible object storage), encrypted at rest with AES-256. Every studio's files sit under a per-account prefix (users/your-id/) and are not browsable across accounts. Database rows live on Neon Postgres, encrypted at rest. The instance is hosted in the EU. Google Calendar OAuth tokens are encrypted with AES-256-GCM at the application layer before being written to the database, so even a database dump on its own does not give an attacker calendar access. Passwords are hashed by better-auth; we never see or store them in plain text.
What we never do
We never send your photos or your clients' photos to AI, machine-learning, image-tagging, captioning, or face-detection services. No third-party model sees what your camera saw. We never sell or share your data, your contacts, or your client list with advertisers or data brokers. There is no ad network anywhere in Daguerre. We never use your studio's data to train a model — ours or anyone else's. Our error reporter (Sentry) is configured to strip your email address, your IP, request bodies, and any media URL before an event leaves the browser or server. Session replays on errors mask all text and block all media, so a crash report never contains your clients' photos.
Your controls
Download everything. Settings → Export your data. You get a single JSON file with every row Daguerre stores about you — contacts, bookings, galleries, contracts, invoices, email history, the lot. Photos are referenced by URL; use a gallery's zip download to grab the actual bytes. Delete everything. Settings → Delete account. This permanently wipes every row, every photo under your prefix, and your login. It is irreversible — export first if you might want a copy. If you have an active paid subscription, cancel it in the billing portal first so we don't leave you paying for a deleted account. Delete just the studio data. Settings → Delete all data wipes your studio content but keeps your account and subscription, so you can start fresh.
Who else processes your data
Vercel (hosting + object storage), Neon (Postgres), Polar (billing and Merchant of Record), Resend (transactional email delivery), Google (sign-in, and Calendar sync if you connect it), Sentry (error telemetry with PII scrubbing). The full, formal list lives in the Privacy Policy.
What we log
Auth sessions record the IP address and user-agent of the browser they were issued to, so we can show you active sessions and detect abuse. Email delivery logs record the recipient, the kind of email, and whether it sent or failed — never the body. Gallery share pages count visits per recipient so the studio can see who opened what. Bandwidth events log byte counts per gallery to enforce fair-use limits.
Questions
privacy@daguerre.app — for anything privacy-related, including data subject access requests under GDPR.