PicsFishPicsFish

Privacy Policy

This policy explains what information PicsFish collects, how we use it, and the choices you have.

Effective: 24 May 2026Last updated: 24 May 2026

Privacy at a glance

We try to keep this short and honest. You can read the full policy below, but the headline points are:

What we collect

Account details, what you do in the app, and anything you choose to share through connected services.

How we use it

To run the service, keep your account secure, support you, and make the product better.

Your control

You can see, export, correct, or delete your data at any time, and turn off marketing emails in your settings.

We do not sell your personal information. We do not use it to train third-party advertising models.

1. Introduction

This Privacy Policy describes how PicsFish ("we", "us", or "our") handles your personal information when you use our websites, mobile apps, and related services (the "Service").

It applies to everyone who uses the Service, including visitors who browse our site, users on a free trial, and users with a paid subscription.

This policy sits alongside our Terms of Service. By using PicsFish, you agree to the practices set out here. If you do not agree, please stop using the Service.

2. Information We Collect

2.1 Information you give us

  • Account details such as your name, email address, phone number, country, and password.
  • Profile information you choose to add, such as a photo, bio, or city.
  • Content you upload or create while using the Service.
  • Payment details, processed by our payment partners. We do not store full card numbers on our own servers.
  • Communications you send to our support team or in response to surveys.

2.2 Information we collect automatically

  • Device and connection data, including device type, operating system, browser, IP address, and approximate location derived from that IP.
  • Usage data such as the pages you view, the features you use, and the actions you take inside the Service.
  • Log data generated when our servers process your requests (timestamps, error codes, the URL you came from).
  • Cookies and similar technologies, as described in section 12.

2.3 Information from services you connect

PicsFish can connect to third-party services that you choose to link to your account. When you connect one of these, we receive only the information you have authorised it to share. Examples include health and fitness data from a connected health app, or photos and metadata from a connected photo service. You can disconnect these at any time from your account settings.

3. How We Use Your Information

We use your information for the following purposes:

  • Run the Service. Create and maintain your account, give you access to features, sync your content across devices, and provide customer support.
  • Communicate with you. Send account-related emails (receipts, password resets, security alerts) and, if you have not opted out, occasional product updates and offers.
  • Improve the product. Understand how the Service is used so we can fix bugs, design new features, and improve performance.
  • Personalise your experience. Tailor what you see to be more useful to you.
  • Keep things safe. Detect, prevent, and respond to fraud, abuse, security incidents, and violations of our terms.
  • Meet legal obligations. Comply with applicable laws, court orders, and lawful requests from regulators.

4. Legal Bases for Processing

If you are in the United Kingdom, the European Economic Area, or Switzerland, we rely on the following legal bases under the UK and EU GDPR:

  • Performance of a contract when we use your information to provide the Service you have signed up for.
  • Legitimate interests when we improve the Service, keep it secure, and prevent abuse. We balance these interests against your rights.
  • Consent for things like marketing emails or connecting an optional integration. You can withdraw consent at any time.
  • Legal obligation when we have to retain or disclose information to comply with the law.

5. How We Share Your Information

We share information only in the limited circumstances described below. We do not sell your personal information.

  • Service providers. Companies that help us run the Service, such as cloud hosting, payment processing, email and SMS delivery, customer support tools, and analytics. They process your information on our instructions and are bound by contractual confidentiality.
  • Connected integrations. If you authorise a third-party service to connect to your account, we share with them only what is necessary to provide the integration.
  • Legal and safety reasons. When we believe disclosure is required by law, or necessary to protect the rights, property, or safety of PicsFish, our users, or the public.
  • Business transfers. If we are involved in a merger, acquisition, or sale of assets, your information may transfer with the business. We will let you know before it is subject to a different privacy policy.
  • With your direction. We share information with other parties when you instruct us to.
  • Aggregated or anonymised data. We may share statistics or insights derived from your information once it has been combined with other data in a way that cannot identify you.

6. Third-Party Integrations

You can choose to connect PicsFish to other services. Each integration has its own privacy policy, and we encourage you to read them. When an integration is connected:

  • We receive only the information you have given that service permission to share.
  • We use that information only to provide the features tied to the integration.
  • You can disconnect the integration at any time from your account settings, and we will stop receiving new data from it.

Disconnecting an integration does not automatically delete information we already received. To delete that data, follow the instructions in section 10.

7. Data Retention

We keep your information only for as long as it is needed for the purposes set out in this policy.

  • Account data is kept while your account is active. If you close your account, we delete or anonymise it within 30 days, except where we are required to keep specific records for longer.
  • Billing and tax records are kept for the period required by applicable law, typically up to 7 years.
  • Operational logs are retained for up to 12 months for security, debugging, and abuse prevention.
  • Backups are rotated and overwritten on a regular schedule, normally within 90 days.
  • Information subject to a legal hold may be retained for longer.

8. Data Security

We use industry-standard safeguards to protect your information. These include encryption of data in transit using TLS, encryption at rest, role-based access controls, regular security reviews, and monitoring for suspicious activity. We also restrict access to your data to employees and contractors who need it to do their jobs.

No system is perfectly secure, and we cannot guarantee that your information will never be accessed without authorisation. If we become aware of a security incident that affects you, we will notify you in line with applicable law.

9. International Data Transfers

PicsFish operates internationally, and your information may be processed in countries other than the one you live in, including the United Kingdom, the European Union, the United States, and Switzerland. The laws in those countries may not provide the same protections as those in your home country.

When we transfer personal data from the UK or the European Economic Area to a country that has not been recognised as providing an adequate level of protection, we rely on Standard Contractual Clauses or another lawful transfer mechanism to keep your data protected.

10. Your Privacy Rights

Depending on where you live, you may have some or all of the following rights:

  • Access. Get a copy of the personal information we hold about you.
  • Correct. Update information that is inaccurate or incomplete.
  • Delete. Ask us to delete your personal information. We may keep some information where the law requires us to.
  • Export. Receive your information in a structured, machine-readable format so you can take it to another service.
  • Object or restrict. Ask us to stop or limit how we use your information in certain situations.
  • Withdraw consent. Where we rely on consent, withdraw it at any time. This does not affect processing that has already happened.
  • Opt out of marketing. Turn off marketing emails from your notification settings, or click the unsubscribe link in any marketing message.

You can exercise most of these rights directly from your account settings. For anything you cannot do in-app, email privacy@www.picsfish.com and we will respond within the timeframes required by law.

11. Children's Privacy

PicsFish is not intended for children. We do not knowingly collect personal information from anyone under 16, or under 13 in the United States. If we learn that we have collected information from a child without the verifiable consent of a parent or guardian, we will delete it.

If you believe a child has provided us with personal information, please contact us at privacy@www.picsfish.com.

12. Cookies and Similar Technologies

We use cookies and similar technologies to:

  • Keep you signed in and remember your preferences (essential).
  • Understand how the Service is used so we can improve it (analytics).
  • Measure the effectiveness of our communications and campaigns (performance).

You can control non-essential cookies through your browser settings or any cookie banner we show you. Blocking essential cookies may stop parts of the Service from working.

13. California Privacy Rights (CCPA / CPRA)

If you are a California resident, the California Consumer Privacy Act, as amended by the California Privacy Rights Act, gives you specific rights about your personal information. These include:

  • The right to know what personal information we have collected about you and how we use and share it.
  • The right to delete personal information we have collected, subject to some exceptions.
  • The right to correct inaccurate personal information.
  • The right to limit the use and disclosure of sensitive personal information.
  • The right not to be discriminated against for exercising your privacy rights.

We do not sell personal information, and we do not share it with third parties for cross-context behavioural advertising. To exercise any of your California rights, contact us at privacy@www.picsfish.com.

14. European and UK Privacy Rights (GDPR)

If you are in the United Kingdom, the European Economic Area, or Switzerland, the rights listed in section 10 are guaranteed by the UK and EU General Data Protection Regulation. In addition, you have the right to lodge a complaint with your local data protection authority if you believe we have not handled your information properly. You can find your authority's contact details at:

  • UK: Information Commissioner's Office (ico.org.uk).
  • EEA: Your country's national data protection authority.
  • Switzerland: Federal Data Protection and Information Commissioner (edoeb.admin.ch).

You can also contact our privacy team directly at privacy@www.picsfish.com before raising a complaint, and we will do our best to resolve your concern.

15. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will change the "Last updated" date at the top of this page.

If we make changes that are material, we will give you a clearer heads-up. For example, we may email you, show a notice in the app, or both. Continued use of the Service after the changes take effect means you accept the updated policy.

16. How to Contact Us

For privacy-related questions or to exercise any of the rights described in this policy, email privacy@www.picsfish.com.

For anything else, our general support team is at support@picsfish.com.