Camarapp Privacy Policy
1. Data Controller Camarapp Ltd acts as data controller under UK GDPR. 2. Data Collected We collect name, email, delivery address, roll metadata, uploaded images, and payment confirmation data from Stripe. 3. Purpose of Processing Data is processed to fulfil orders, deliver prints, manage accounts, provide support, and comply with legal obligations. 4. Photo Storage Images are stored securely for fulfilment and automatically deleted after dispatch, typically within 30 days. 5. Third Parties We use hosting providers, payment processors such as Stripe, and postal services such as Royal Mail. 6. Data Retention Financial records are retained for 6 years for accounting compliance. Images are retained temporarily only. 7. Your Rights Users have rights under UK GDPR including access, rectification, erasure, restriction, portability and complaint to the ICO. 8. Security We implement appropriate technical and organisational measures to protect data.