Privacy Policy

Gooya lets event hosts collect photos, videos, and voice messages from their guests. Guests never need an account and we collect nothing that identifies them beyond a first name they may choose to give. Everything guests leave belongs to the event's host and is visible only to that host until they choose to reveal it. We never sell your data, never use your memories for advertising, and never use your media to train AI models.

Gooya is a product operated by After The Message ("Gooya," "we," "us"). For privacy questions or to exercise your rights, contact info@afterthemessage.com. For media collected at an event, the event host is the controller of that content and Gooya acts as their processor; for account data, Gooya is the controller.

Guests are anonymous. When a guest captures or uploads through an event link we store: the photos, videos, or voice messages they choose to send; an optional first name; and a random identifier kept in their own device that enforces per-guest limits. No email, no phone number, no account, no advertising IDs, and no cross-app or cross-site tracking — ever.

Hosts create an account with an email address and password (passwords are stored only as a modern salted cryptographic hash, never in plain text), plus the event details they enter. If a host purchases a plan, payment is handled by our payment processor — we never see or store card numbers. We use a host's email to operate their account and send essential service notices, never for marketing without consent.

Only to provide the service: to store and display an event's memories to its host, enforce guest limits, convert media into viewable formats, send essential account and event emails, and keep the service secure and working. We do not sell or rent personal data, do not share it with data brokers, do not embed advertising or social-media trackers, and do not use your media to train machine-learning models. Where we use AI features (such as transcription or formatting), it is only to deliver the feature you asked for.

Photos and videos may contain identifiable people, which makes them personal data. Gooya does not run facial recognition, does not create faceprints, and does not extract or store any biometric identifiers from your media. We simply store the images and clips as you send them.

Media is stored in a private Google Cloud bucket that is not publicly accessible; every view happens through a short-lived signed link generated only for the verified host. Data is encrypted in transit (TLS) and at rest, and sensitive fields use AES-256-GCM encryption. Our demo event stores nothing at all — demo uploads are simulated and never leave the visitor's device.

Guests are write-only: no guest can ever view, list, or download what any other guest left. The gallery is private to the host, who controls if and when content is revealed and can hide any item. We do not access your media except where strictly required to run the service (for example, automated video conversion) or where the law requires.

Hosts are responsible for telling their guests that photos, videos, and messages are being collected, and for obtaining any consent customary or legally required for their event. By sending content through an event link, a guest grants the event host permission to keep and view that content for the host's personal, non-commercial keepsake of the event. If you appear in content and want it removed, contact the host, or email us and we will help.

We keep an event's media for as long as the host's plan provides or until the host deletes it, then remove it. On the iPhone App Clip, Apple automatically deletes the App Clip's local data after a period of non-use. Honored erasure requests are completed, including stored media, within 30 days.

Depending on where you live, you may have the right to access, correct, delete, restrict, or port your data, to object to processing, and to withdraw consent at any time. California residents may request the categories and specifics of data collected, request deletion or correction, and opt out of "sale" or "sharing" — note we do not sell or share personal data, and we will never discriminate against you for exercising a right. To make a request, email info@afterthemessage.com from your account email.

Hosts can delete any single memory immediately, and can permanently delete an entire event and all its media. Hosts can also delete their whole account and all associated data from the account settings in the dashboard, or by emailing info@afterthemessage.com from the account email. Deletion removes the account record and its personal data, including stored media, within 30 days.

We run on Google Cloud (hosting, storage, databases). Email delivery and, when offered, payment processing are handled by reputable providers bound to protect your data and use it only to provide their service to us. We do not embed advertising or social-media trackers.

We operate in the United States; if you access Gooya from elsewhere, your information may be processed in the U.S. with appropriate safeguards for international transfers.

Gooya is for adults; hosts must be at least 18. Events may include photos of minors taken by adult guests — the host is responsible for obtaining any consent customary or required. We do not knowingly collect data directly from children.

We'll update this page when our practices change and revise the date above. Significant changes will be highlighted in the app or by email where appropriate.

Questions or privacy requests: info@afterthemessage.com — Gooya, a company by After The Message.