English translation provided for international (EU) customers. In case of any discrepancy, the French version prevails (the editor is a French micro-entrepreneur and the services are governed by French law).
This policy explains what personal data is processed when you use the Twenty application ("the App") and the twenty-app.com website ("the Site"), for what purposes, on what legal bases, with whom it is shared, how long it is kept, and what your rights are.
Our guiding principle: Twenty is a digital disposable camera. Your photos are never shown in the app — there is no gallery, no preview, no thumbnail. We do no advertising profiling, use no tracking or behavioural-analytics tools, and never sell your data.
Fabien Astruc — micro-entrepreneur (a French sole trader under the micro-enterprise regime)
3 rue Anatole France, 34000 Montpellier, France
SIREN: 103 372 678
Contact: [email protected]
Given the scale of the activity, appointing a Data Protection Officer (DPO) is not required; your requests are handled at the address above.
We limit collection to what is necessary to run the service.
Email address (from Apple or Google sign-in); optional name/display name (used for shared rolls and delivery); Apple/Google sign-in identifier, friend code (regenerable UUID), preferred language.
Photos taken with the App are stored locally on your device and, unless you delete them, backed up to our cloud storage (Cloudflare R2) so you can order/re-order them and recover them on a new device. The App never shows you your photos (no gallery). Photo bytes only leave your device (i) to the print lab when you order, and (ii) to our cloud storage for backup/ordering.
Date/time, front/back camera, flash, and an approximate location rounded to about 1 km used only to show a city name on the roll's "identity card". No precise GPS location is kept. Location is optional; the App works without it and only accesses it at the moment a photo is taken.
Shipping address, order contents, amount paid, status, tracking number when provided by the lab.
Payments are processed by Stripe. We never receive or store your full card number. We keep technical Stripe identifiers (customer, subscription, payment IDs) to track orders and subscriptions.
If you allow them, a device push token to inform you of order status.
Limited technical logs (rate limiting, webhook signature failures) for security and fraud prevention; for invite links opened before installing the App, a pseudonymised fingerprint (a SHA-256 hash of a salt + your IP address — the raw IP is never stored), deleted within ~2 hours. Crash reports are written only on your device and are sent to us only if you choose to share them.
We do not collect advertising identifiers, contacts, microphone (outside unused video features), biometric data, or any data for tracking purposes.
| Purpose | Legal basis |
|---|---|
| Create/manage your account; provide the camera, rolls, orders and printing | Performance of contract (Art. 6(1)(b)) |
| Cloud backup of your photos for ordering and recovery | Performance of contract / legitimate interest |
| Show an approximate city on the roll | Your consent (location permission) — optional |
| Process payments, prevent fraud, ensure security | Contract; legal obligation; legitimate interest |
| Send transactional emails (confirmation, status) | Performance of contract |
| Send order-status notifications | Your consent (system permission) |
| Fix bugs from a crash report you send us | Legitimate interest |
We share data only with the providers needed to run the service. None use it for their own commercial purposes.
| Provider | Role | Data | Location |
|---|---|---|---|
| Supabase | Database, authentication | Account, orders, metadata | European Union (Ireland) |
| Cloudflare | Photo storage (R2) + website hosting (Pages) | Photos, roll metadata | International (Standard Contractual Clauses) |
| Stripe | Payments & subscriptions | Payment data, email, amount | EU / USA (DPA + SCCs) |
| Familink | Printing & shipping of prints | First name, last name, postal address, photos (temporary links) | France (Rouen) |
| Resend | Transactional emails | Email, order contents | USA (SCCs) |
| Expo | Push notifications | Push token | USA (SCCs) |
| Apple / Google | Sign-in (identity providers) | Email, sign-in identifier | International |
What is sent to the print lab (Familink): only the recipient's first name, last name, street, postal code, city and country, plus your photos via temporary download links valid for 7 days. Not sent: your email, phone, payment identifiers, or account ID.
We do not sell or rent your data. We may disclose it where required by law or to protect our rights.
Some providers (Stripe, Resend, Expo, Apple, Google, Cloudflare) may process data outside the EU, notably in the United States. Such transfers are governed by appropriate safeguards (the European Commission's Standard Contractual Clauses and/or applicable certifications).
Data is transmitted over encrypted connections (HTTPS/TLS) and stored on infrastructure that encrypts data at rest. Access is segregated by database-level security rules (RLS): each user can access only their own data.
You have the rights of access, rectification, erasure, restriction, objection and portability, and the right to withdraw consent at any time.
You may lodge a complaint with the French data protection authority, the CNIL (www.cnil.fr), or with your local supervisory authority.
The App is not intended for children. You must be at least 15 to use it; under 18, use requires the consent of a parent/guardian.
We may update this policy. The "last updated" date appears at the top; we will notify you of significant changes by an appropriate means.