1. Data We Collect
1.1 Automatically Collected Information
- Upload Metadata: File name, size, type, and upload timestamp
- Access Logs: IP address, browser type, device information, and access timestamps
- Security Hashes: Cryptographic hashes of images for content moderation
1.2 What We Never Collect
- Your personal identity documents
- Payment information (we're a free service)
- Precise geolocation data
2. How We Use Your Data
| Purpose | Legal Basis |
|---|---|
| Content delivery and optimization | Service operation necessity |
| Abuse prevention and security | Legitimate interest |
| Legal compliance (e.g., CSAM scanning) | Legal obligation |
We never sell your data or use it for third-party advertising.
3. International Data Transfers
Our servers are located in [Country/Region]. By using Hot Photo, you acknowledge that:
- Data may transit through multiple countries
- We use EU Standard Contractual Clauses for GDPR compliance
- US-based users: We comply with CCPA "Do Not Sell" requirements
4. Your Rights
Deletion
Request removal of your images via the delete link included in every image URL.
Data Export
Email privacy@hot.cm to request an archive of your upload records.
Opt-Out
Disable tracking cookies via our Cookie Policy page.
Complaints
EU users may lodge complaints with their national Data Protection Authority.
5. Data Retention
- Images: Deleted after 6 months of inactivity
- Access Logs: Retained for 30 days
- Security Hashes: Stored indefinitely in hashed form for abuse prevention
Deleted content may persist in backup systems for up to 14 days.
6. Security Measures
Encryption
- TLS 1.2+ for all transfers
- At-rest encryption for sensitive data
Anonymization
- IP addresses truncated after 7 days
- No direct association between uploads