← Back to home

Privacy Policy

Effective: May 4, 2026 · Last updated: May 4, 2026

This Privacy Policy describes how Diego Eduardo ("we", "us", "our") collects, uses, and shares information when you use the Diego Eduardo Studio iOS app and the related website at diegoheduardo.com (together, the "Services").

1. Information We Collect

We only collect information that is necessary to operate the Services.

Information you provide directly

• Account details: your name, email address, and (optionally) phone number, used to create and access your account.
• Project information: any answers you submit through questionnaires, notes you add, or messages you send to us through the app.
• Reviews and tips: if you choose to leave a review or tip, your rating, review text, and tip amount.
• Files (admin only): photos, videos, audio, and other deliverables that we upload to your account on your behalf.

Information collected automatically

• Usage information: when you use the app we may log requests for diagnostics (e.g. error rates, request paths). We do not collect IP addresses for tracking purposes.
• Device token: if you enable push notifications, we store a token issued by Apple so we can send you notifications about your projects. The token is meaningless outside Apple's push service.

Information from third parties

• Stripe: when you pay an invoice, accept a quote, or leave a tip, Stripe processes your payment. We receive a record of the transaction (amount, status, invoice number) but never your card number.
• Backblaze B2: large file deliveries are stored on Backblaze. Backblaze does not access your files except to deliver them to you when you click a download link.

We do not sell your data, share it with advertisers, or use it for cross-app tracking.

2. How We Use Information

• To create and maintain your account.
• To deliver the services you've requested (project management, file delivery, billing).
• To send you transactional notifications: invoices, project updates, delivery readiness, questionnaire reminders.
• To respond to your support requests.
• To comply with legal obligations (e.g. tax records).

We do not use your information for advertising or for training machine learning models.

3. How We Share Information

We share information only as needed to operate the Services:

• Stripe — payment processing. See Stripe's Privacy Policy.
• Backblaze B2 — encrypted file storage. See Backblaze's Privacy Notice.
• Cloudflare — content delivery and key-value storage for delivery links. See Cloudflare's Privacy Policy.
• Apple Push Notification service — only the opaque device token, used to deliver push notifications you've opted into.
• Hostinger — our application hosting provider.

We may also disclose information if required by law, or to protect our rights, property, or safety, or the rights, property, or safety of others.

4. Data Retention

We retain account data, project records, invoices, and questionnaires for as long as you have an active account, and afterwards as required for accounting and legal purposes (typically 7 years for invoice records).

You may request deletion of your account at any time by emailing us. Records required for legal compliance (e.g. issued invoices) will be retained as required by applicable tax law; everything else will be deleted.

5. Your Rights

Depending on your location, you may have rights to:

• Access the personal information we hold about you.
• Correct inaccurate information.
• Delete your data (subject to legal retention).
• Object to certain processing.
• Receive a copy of your data in a portable format.

To exercise any of these rights, email diego@diegoheduardo.com. We'll respond within 30 days.

6. Children

The Services are not intended for users under 13. We do not knowingly collect data from children under 13. If we learn we have, we'll delete it promptly.

7. Security

We use HTTPS for all network traffic, store passwords using bcrypt, and store authentication tokens hashed at rest. Payment processing is handled by Stripe under PCI-DSS Level 1. Despite reasonable safeguards, no method of online storage is 100% secure.

8. International Users

We're based in the United States. If you use the Services from outside the U.S., your data is processed in the U.S. By using the Services you consent to that transfer.

9. Changes to This Policy

We may update this policy as the Services evolve. Material changes will be announced via email or in-app notice at least 14 days before they take effect.

10. Contact

Diego Eduardo
diego@diegoheduardo.com