Privacy Policy

Momenta is an event photo-sharing platform that lets event owners create and manage events, invites their guests to upload and view photos through private event links and QR codes, and gives administrators tools to manage events, packages, payments, uploads, accounts, coupons, settings, integrations, and security.

This Privacy Policy explains what we collect when you use Momenta, how we use it, and the choices you have. By using Momenta you agree to this policy.

We collect only what we need to run the product and keep your events safe.

• Account information. Name, email address, phone number (optional), avatar image, and the password hash you create — or, if you sign in with Google, the email and basic profile fields Google shares (see below).
• Event information. Event title, date, location, cover image, package selection, guest-experience configuration, and any notes you record on the event.
• Uploaded photos & videos. Media uploaded by event owners, co-owners, or guests through an event's QR code. Each upload is associated with the event it belongs to.
• Guest details. When a guest uploads to a public event link, we may record the name they typed and the device that made the upload. We do not require guests to create an account.
• Payment & package status. Which package an event is on, whether a payment has been recorded, and basic billing metadata. We do not store full card numbers; card data is handled by our payment provider when applicable.
• Usage & device data. IP address, browser and OS, language, referring page, timestamps, and the pages or features you interact with. Used for security, debugging, and product improvement.
• Authentication data. Sign-in events, active session metadata (browser, IP, last-seen), and two-factor configuration if you've enabled it.

We use the information above to:

• Provide the core product — sign-in, event management, photo upload, album sharing, QR generation, song requests, and download.
• Authenticate you and protect your account, including session management and two-factor verification.
• Send transactional emails — sign-in codes, password resets, event notifications, payment confirmations, and account-deletion confirmations.
• Keep the service running — debugging, error monitoring, rate-limiting abusive traffic, and basic capacity planning.
• Comply with legal obligations and respond to lawful requests.

We do not sell your information. We do not use your content or account data to train advertising models.

Momenta offers “Continue with Google” as a sign-in option. When you choose it, Google asks for your permission to share a minimal set of profile fields with us — your Google account email, name, and profile picture URL.

We use those fields only to:

• Identify your Momenta account at sign-in.
• Create your account if it’s your first time signing in.
• Display your name and profile photo inside the product.

We do not access your Gmail, Calendar, Drive, Contacts, or any other Google service. We do not sell or share your Google account data with anyone for advertising. You can revoke Momenta’s access at any time from your Google account permissions page.

Photos and videos uploaded to an event are stored in our secure cloud storage and are accessible to:

• The event owner and co-owners they invite.
• Guests who hold the event’s QR / share link, when the owner enables public viewing.
• Our administrators, only for moderation, support, and abuse-prevention purposes.

Event owners control whether guest viewing is on or off, whether an album is public or private, and whether the event accepts new uploads. Owners can delete individual uploads, entire albums, or cancel and delete an event from their dashboard.

We share information only with:

• Service providers that help us run Momenta — cloud hosting, object storage, email delivery, and error monitoring. These providers process data on our behalf under confidentiality obligations.
• Payment processors, when an event is paid. Card data is handled by the processor and not stored on Momenta servers.
• Authorities if we are legally required to disclose information (court order, lawful request) or if disclosure is necessary to investigate fraud or protect safety.

We do not share your data with advertisers and do not sell it.

We keep account and event data for as long as your account is active or your event is live. After an event ends, its data remains available to the owner unless they delete it.

If you delete your account, we mark it for deletion and permanently remove your account and the events you exclusively owned after a short grace period (currently 30 days). During the grace period you can contact support to reverse the deletion. After that, the data is irreversibly removed.

Cancelled events are hard-deleted from our systems shortly after their grace window expires (currently 7 days). Backups may retain residual copies for a limited period before being overwritten.

We take reasonable, industry-standard measures to protect your data — encrypted connections (HTTPS), encrypted-at-rest storage with our cloud providers, hashed passwords, scoped access tokens, rate limiting, session revocation, and optional two-factor authentication for administrators.

No system is perfectly secure. If we discover a breach that materially affects your data, we will notify you in line with applicable law.

You can, at any time:

• Update your profile, name, phone, and avatar from Settings.
• Change your password and enable two-factor authentication.
• Revoke active sessions on other devices.
• Delete uploads, albums, or events from your dashboard.
• Request account deletion from Settings → Danger zone.

Depending on where you live, you may have additional rights under local law — for example, the right to access, correct, export, or restrict the processing of your data. To exercise any of these rights, contact us at support@momentaapp.com.

Momenta is intended for users 16 years of age and older. We do not knowingly collect information from children under 16. If you believe a child has provided us with personal information, please contact us and we will delete it.

We may update this Privacy Policy from time to time. When we do, we’ll change the “Last updated” date at the top of this page. For material changes we’ll also notify active users by email or in-app banner before the changes take effect.

If you have questions about this policy, your data, or want to exercise any of your privacy rights, email us at support@momentaapp.com. We aim to respond within 5 business days.