Privacy Policy (English)
Effective date: 29 апреля 2026. Version: 1.0.
This is an English summary of the Russian-language Privacy Policy. The Russian version is the legally binding text and prevails in case of any inconsistency. The Russian original is available at
weshot.io/legal/privacy.
1. General provisions
1.1. This Privacy Policy ("Policy") describes how WeShot ("Service") — available at weshot.io, in the WeShot mobile apps for iOS and Android, and in any other software products provided by the Operator — collects, uses, stores, and protects users' personal data.
1.2. The personal data Operator ("Operator") is:
Individual Entrepreneur Шашков Егор Леонидович OGRNIP: 321463200046106 INN: 461107464616 Postal address: г. Москва, Скандинавский бульвар, д. 17 Contact email for personal-data inquiries: support@weshot.io
1.3. The Operator may be registered in the Russian Federal Roskomnadzor register of personal-data operators in accordance with applicable Russian legislation.
1.4. The Policy is prepared in accordance with the Constitution of the Russian Federation, the Civil Code, Federal Law No. 152-FZ "On Personal Data", Federal Law No. 149-FZ "On Information, Information Technologies and Information Protection", Federal Law No. 38-FZ "On Advertising", Federal Law No. 242-FZ (data localization), Government Decree No. 1119, and other applicable Russian regulations.
1.5. By using the Service the user accepts this Policy. Users who do not agree must stop using the Service.
2. Definitions
- Personal data — any information relating to an identified or identifiable natural person.
- Processing — any operation performed on personal data (collection, recording, storage, modification, retrieval, use, transfer, anonymization, blocking, deletion, destruction).
- User — natural person using the Service (Registered user or Guest).
- Registered user — user who created an account by phone-number verification or via Google / Apple / VK ID OAuth.
- Guest — user invited to a specific Event Album by link, QR code, SMS or email, who provides only a display name.
- Event Album — the core object of the Service: a shared photo album of a specific event (wedding, birthday, trip, corporate event, etc.).
- Content — photos, videos, messages, reactions, comments, voice messages, polls and any other materials uploaded by users.
- Biometric personal data — data characterizing a person's biological features that allow identification; in the Service this means face-embedding vectors derived from photographs.
3. Categories of data subjects
The Operator processes personal data of: (3.1) Registered users, (3.2) Guests, (3.3) persons depicted in user-uploaded photos and videos, (3.4) minors — only with consent of a legal representative; the Service is not intended for unsupervised use by persons under 14.
4. Purposes of processing
The Operator processes personal data only for the following purposes:
4.1. User registration and authentication, including OAuth via Google, Apple and VK ID.
4.2. Providing core Service functionality: creating Event Albums, uploading and storing photos and videos, in-album chat, polls, reactions and comments.
4.3. Identifying Guests by display name when they join an Album by invitation.
4.4. Grouping photos by people using face-recognition technology for browsing and search.
4.5. The "Find me in this album" feature — matching the embedding of the user's avatar against face embeddings of photos in the album.
4.6. Automated content moderation using computer-vision models to detect inappropriate or accidentally uploaded content (screenshots, ID documents, prohibited content).
4.7. Service-related communications (push notifications, transactional emails) about events in the user's albums and about Service changes.
4.8. Marketing communications — only with separate, explicit user consent in accordance with Federal Law No. 38-FZ "On Advertising".
4.9. Service security: fraud prevention, anomaly detection, account-takeover protection.
4.10. Aggregated, de-identified analytics for improving the Service.
4.11. Compliance with the legal obligations of the Russian Federation, including responses to lawful requests from authorized state bodies.
5. Legal bases of processing
Processing is based on (5.1) the consent of the data subject, (5.2) performance of the user agreement at weshot.io/legal/terms, (5.3) legal obligations of the Operator under Russian law, and (5.4) legitimate interests of the Operator that do not override the user's rights. Biometric personal data are processed only on the basis of separate written consent as required by Article 11 of Federal Law No. 152-FZ.
6. Categories of personal data processed
Identification and contact data: mobile phone number (E.164), email address, name / display name, optional city, internal user ID, third-party OAuth account identifiers.
Images and media content: avatar photo, photos and videos uploaded to Albums, photo EXIF metadata (timestamps, camera parameters, GPS coordinates if present), voice messages, voice comments, text messages, comments, reactions and poll answers.
Biometric personal data (special category): face embedding (a 512-dimensional vector) derived from the user's avatar; face embeddings of faces detected in album photos; cluster identifiers grouping similar faces inside one album. Processed only with separate written consent.
Technical and session data: device IP address, User-Agent (browser / OS version), device push identifiers, cookies, authentication tokens (stored encrypted or hashed), request logs (IP, timestamp, request type).
Geolocation data: GPS coordinates from EXIF, GPS coordinates from device APIs (only with explicit permission), reverse-geocoded textual location.
Service-activity data: information about created albums, uploaded photos, chat actions, role in albums (organizer, co-author, guest).
Data received from third-party services: when the user authenticates via Google / Apple / VK ID — fields the third party returns based on the user's consent (typically name, email, avatar, third-party user ID).
The Operator does not intentionally collect data on race, ethnicity, political views, religious beliefs, health, sex life or criminal record. If such information appears in user-uploaded content the Operator does not extract or use it intentionally.
7. Processing rules and retention
7.1. Processing is performed in accordance with Articles 5, 6, 10 and 11 of Federal Law No. 152-FZ.
7.2. The Operator and personnel with access to personal data are bound by confidentiality and may not disclose personal data without the data subject's consent except as required by law.
7.3. Retention periods
| Data category | Retention |
|---|---|
| User account (profile) | Until the user requests deletion + 30-day grace period, then permanent deletion |
| Album content (photos, videos, messages) | Until deleted by the user or until the album is deleted; 30-day backup retention after album deletion |
| Biometric face embeddings | Until the corresponding content is deleted or the biometric consent is revoked |
| SMS sessions (one-time codes) | 15 minutes |
| Refresh tokens | 30 days; revocable by the user at any time |
| Request logs (IP, User-Agent, timestamp) | 90 days |
| Database backups | 30 days |
7.4. Localization
In accordance with Article 18(5) of Federal Law No. 152-FZ (introduced by Federal Law No. 242-FZ), the Operator records, systematizes, accumulates, stores, updates and retrieves personal data of citizens of the Russian Federation using databases located in the Russian Federation. All primary databases (PostgreSQL for metadata and S3-compatible object storage for media) are hosted with a Russian provider in the Russian Federation.
7.5. Biometric data
Biometric personal data are processed only with separate written consent. Face embeddings cannot be reverse-engineered into the original image; they are stored separately from photos and used solely for face matching inside the Service. The user may revoke biometric consent at any time; the Operator deletes all face embeddings of that user within 10 working days after revocation.
8. Sharing personal data with third parties
The Operator transfers personal data only to the following processors and third parties, only to the extent necessary:
8.1. Processors acting on the Operator's instructions
| Third party | Data shared | Purpose | Server location |
|---|---|---|---|
| AIFactory | Photos (including avatars) | Image analysis: extracting CLIP embeddings and biometric face vectors. AIFactory does not retain source images after analysis. | Russian Federation |
| FirstVDS (S3 object storage) | Photos, videos, avatars | Media storage | Russian Federation |
| FirstVDS (PostgreSQL) | Metadata, profiles, biometric vectors | Structured-data storage | Russian Federation |
| Telegram Gateway / SMSAero | Phone number + one-time code | SMS delivery for phone verification | Russian Federation / international SMS routes |
8.2. Third-party authentication services
| Third party | Data shared | Purpose | Server location |
|---|---|---|---|
| Google LLC (Google Sign-In) | OAuth ID token | User identity verification | USA (cross-border transfer) |
| Apple Inc. (Sign in with Apple) | OAuth ID token | User identity verification | USA (cross-border transfer) |
| VK (VK ID) | Authorization code | User identity verification | Russian Federation |
8.3. External APIs
| Third party | Data shared | Purpose | Server location |
|---|---|---|---|
| Yandex (Yandex Maps geocoding API) | GPS coordinates and place-search queries | Geocoding and reverse geocoding | Russian Federation |
8.4. Push notifications
| Third party | Data shared | Purpose | Server location |
|---|---|---|---|
| Google LLC (Firebase Cloud Messaging) | Device push tokens, notification payloads | Delivery of push notifications | USA (cross-border transfer) |
| Apple Inc. (APNs) | Device push tokens, notification payloads | Delivery of push notifications on iOS | USA (cross-border transfer) |
8.5. Crash and diagnostics
| Third party | Data shared | Purpose | Server location |
|---|---|---|---|
| Google LLC (Firebase Crashlytics) | App crash stack traces, device model, OS version, app version, anonymous installation ID | Diagnostics for app stability | USA (cross-border transfer) |
8.6. General
The Operator enters into confidentiality and data-protection agreements with all processors. The Operator does not sell personal data and does not share it for third-party advertising or third-party market research.
Personal data is disclosed to government authorities only in cases and under the procedure established by Russian law.
8.7. Cross-border transfers
Cross-border transfers occur for: Google Sign-In (USA, Google LLC), Sign in with Apple (USA, Apple Inc.), Firebase Cloud Messaging (USA, Google LLC), APNs (USA, Apple Inc.), Firebase Crashlytics (USA, Google LLC). The user expresses consent to these transfers when authenticating through the corresponding service or installing the mobile app. Where required by Roskomnadzor Order No. 178 of 12 December 2022 the Operator has notified the authorized body of the intent to perform cross-border transfers.
9. Security
The Operator applies legal, organizational and technical measures to protect personal data, including: appointed personal-data officer; internal data-protection policies; role-based access control; TLS / HTTPS in transit and encryption at rest for sensitive categories (biometric vectors, authentication tokens); firewalls and intrusion-detection systems; backups with integrity checks; incident-response procedures; internal audits. The protection level is set in accordance with Government Decree No. 1119.
10. Rights of the data subject
The user has the right to:
- obtain information about how the Operator processes their personal data (Article 14 of Federal Law No. 152-FZ);
- request correction, blocking or deletion of personal data that is incomplete, outdated, inaccurate, unlawfully obtained or no longer necessary;
- withdraw consent to processing at any time by sending notice to support@weshot.io;
- file a complaint with Roskomnadzor (
https://rkn.gov.ru) or with a competent court; - request copies of documents confirming processing;
- request termination of processing.
The Operator answers a verified request within 30 calendar days.
The user can delete their account from within the Service. After a deletion request the account is blocked and physically deleted within 30 calendar days; during this grace period the user may restore the account.
11. Cookies and similar technologies
The Service uses cookies and equivalent technologies (localStorage, sessionStorage, device identifiers) for Service operation, authentication, persistence of preferences and analytics. Detailed information is at weshot.io/legal/cookies. Cookies can be controlled in the browser; disabling them may disable some Service features (notably authentication).
12. Children
The Service is not intended for unsupervised use by persons under 14. Albums of type "Newborn" (family albums featuring children) may only be created by a legal representative who has signed the parental consent at weshot.io/legal/parental-consent.
13. Changes to this Policy
The Operator may update this Policy. The current version is published at weshot.io/legal/privacy.en (English summary) and weshot.io/legal/privacy (binding Russian original). For material changes the Operator notifies users by email, push notification, or other available means at least 10 calendar days before the change takes effect.
14. Contact
All personal-data inquiries: support@weshot.io.
Effective date: 29 апреля 2026. Operator: Individual Entrepreneur Шашков Егор Леонидович.