01
Who we are
Mozaify is a photo mosaic service available at mozaify.com, operated by Arul Kandhan. We are the data controller for all personal information processed through this website.
If you have any questions about this policy or your data, you can reach us at [email protected].
02
What we collect and why
We collect only what is strictly necessary to provide the service:
- Your photos — the main image and tile images you upload. These are used solely to generate your mosaic. They are not viewed by any person, not analysed for any purpose other than mosaic generation, and not used to train any AI or machine learning system.
- Your email address — collected when you place an order. Used only to send you your download link. We do not send marketing emails.
- Payment information — handled entirely by Razorpay, our payment processor. We never see or store your card number, UPI ID, or any payment credentials.
- Order reference — a randomly generated ID used to link your payment to your mosaic job. Contains no personal information.
03
How long we keep your data
🔒 All uploaded photos, generated mosaics, and session data are automatically and permanently deleted within 72 hours of your order being placed. No manual action is required from you.
Your email address is retained only in our order records for accounting and dispute resolution purposes. It is not used for any other communication.
Backups: Linode automatic backups are not enabled for this server. No snapshots of your data are taken by the hosting provider at any time. The only copy of your photos that exists is the live session folder on the server. When the automated cleanup routine deletes it, it is permanently gone — there is no secondary copy, no archive, and no recovery path.
03a
How we protect your data
Encryption in transit: All connections to mozaify.com are protected by HTTPS/TLS, enforced through Cloudflare. Data moving between your device and our server is fully encrypted in transit at all times.
Encryption at rest: The server disk is encrypted using AES-256, applied at the infrastructure level by Linode/Akamai, our hosting provider. AES-256 is the encryption standard used by financial institutions, defence organisations, and major cloud providers globally. This encryption is confirmed and visible in our server configuration dashboard.
Data breach notification: In the event of a data breach that affects your personal data, we will notify all affected users within 72 hours of becoming aware of the breach, in accordance with GDPR requirements. Notification will be sent to the email address associated with your order.
04
Third parties
Your photos never leave our server and are never shared with any third party. The only external services we use are:
- Razorpay — payment processing. Razorpay processes your payment and never receives your photos. Razorpay's privacy policy is available at razorpay.com.
- Resend — email delivery. Used only to send your download link email. Resend receives your email address for the purpose of delivering that email.
- Linode (Akamai) — our server hosting provider. Your data is stored on servers located in Mumbai, India. Linode's privacy policy is available at linode.com.
We do not use advertising networks, analytics trackers, or social media pixels of any kind on this website.
05
Your rights
Depending on where you are located, you may have the following rights regarding your personal data:
- Right to access — you can request a copy of the data we hold about you.
- Right to erasure — you can request that we delete your data. Note that all photos are already deleted automatically within 72 hours. For email address deletion from order records, contact us.
- Right to object — you can object to how we process your data.
- Right to complain — if you are in the EU or UK, you have the right to lodge a complaint with your local data protection authority.
To exercise any of these rights, email us at [email protected]. We will respond within 30 days.
06
Cookies
Mozaify does not use cookies for tracking or advertising. We use only a session token stored in your browser's local memory to maintain your upload session during your visit. This token is not used to identify you across sessions or websites.
07
Children
Mozaify is not directed at children under the age of 13. We do not knowingly collect personal information from children. If you believe a child has submitted personal information through our service, please contact us and we will delete it promptly.
08
Changes to this policy
If we make material changes to this policy, we will update the date at the top of this page. We encourage you to review this page periodically. Continued use of the service after changes are posted constitutes acceptance of the updated policy.
09
Contact us
If you have any questions, concerns, or requests regarding your privacy or this policy:
Mozaify, operated by Arul Kandhan
Email: [email protected]
We aim to respond to all privacy-related enquiries within 30 days.