Home Privacy Policy

Privacy Policy

Last updated: February 24, 2026

Summary

DKPhotoSorter processes your photos primarily on your own computer. However, to classify photos and determine locations, limited data is sent to external services. You choose which AI provider to use (Google Gemini or OpenAI). This notice explains exactly what data leaves your machine, where it goes, and what controls you have.

What Data Leaves Your Computer

1. Photo Data → Google Gemini or OpenAI

When: During photo sorting (AI vision analysis)

What is sent: Each AI analysis request includes:

  • A resized JPEG thumbnail of the photo (not the original full-resolution file)
  • The photo’s original filename (e.g., “IMG_4521.jpg”)
  • EXIF date/time (if present in the photo’s metadata)
  • GPS coordinates (if present in the photo’s metadata)
  • The resolved GPS location name (from offline geocoding)
  • Your Home Address setting (if configured — used to distinguish home photos from travel)
  • Your Keywords setting (if configured)
  • Your Tag City setting (if configured — for photos without GPS data)

Full folder paths are never sent. Original full-resolution photos are never sent.

Where: Depends on your selected AI provider:

Google Gemini (default)

Thumbnails are sent to Google's API servers.

Free tier: Google may use your submitted content (including photo thumbnails) and generated responses to improve Google products and services. Human reviewers may read, annotate, and process your API input and output. Google disconnects this data from your API key before review.

Paid tier: Google does not use your prompts, files (including images), or responses to improve products. Data may only be reviewed if flagged by automated safety filters.

Retention: Prompts and responses are retained for up to 55 days for abuse monitoring, then deleted.

See: Gemini Usage Policies and Gemini API Terms

OpenAI (alternative)

Thumbnails are sent to OpenAI's API servers (United States).

API inputs and outputs are not used to train OpenAI's models.

Retention: Up to 30 days for abuse monitoring, then deleted.

See: OpenAI API Data Usage Policies

2. GPS Coordinates → Offline GeoNames Database

When: During photo sorting (reverse geocoding)

What is sent: Nothing. GPS reverse geocoding (converting coordinates to city/state/country names) is performed entirely offline using a bundled GeoNames database (~400,000 places). No GPS coordinates are sent to any external service for reverse geocoding.

3. Home Address / Tag City → OpenStreetMap Nominatim

When: During photo sorting (forward geocoding, 1–2 calls only)

What is sent: The text of your Home Address or Tag City setting (e.g., “Fargo, ND”). This is not GPS coordinates from photos.

Where: OpenStreetMap Foundation servers (various locations).

Why: To convert your typed address into coordinates for trip detection (Home Address) or location tagging (Tag City).

Retention: Per Nominatim's privacy policy, queries are logged for short periods for operational purposes. No personal identifiers are attached. See: OSM Foundation Privacy Policy

4. GPS Coordinates → OpenStreetMap Overpass API

When: During photo sorting (business/landmark lookup)

What is sent: Latitude and longitude coordinates from photo EXIF metadata.

Where: OpenStreetMap Overpass API servers.

Why: To identify nearby businesses and landmarks to help verify and refine photo subject identification.

Retention: Same policy as Nominatim above.

5. License Key → Gumroad

When: On first launch and periodically (every 7 days) to verify your license.

What is sent: Your Gumroad license key and the product identifier.

Where: Gumroad API servers (api.gumroad.com).

Why: To verify that your license key is valid and has not been refunded or charged back.

Retention: Per Gumroad's privacy policy. See: Gumroad Privacy Policy

What Data Stays on Your Computer

The following data never leaves your machine:

  • Original photo files (only resized thumbnails are sent to the AI provider)
  • Full folder paths (filenames are included in the AI prompt as context)
  • Your API keys (stored in your operating system's secure credential store via the keyring library, or in a local config file — each key is transmitted only to its respective AI provider for authentication)
  • Your Gumroad license key (stored locally in your operating system's secure credential store or config file — only transmitted to Gumroad for license verification)
  • The GPS coordinate cache (stored locally to reduce repeat geocoding lookups)
  • Sort manifests, logs, and undo data
  • All application settings and preferences

What We (the Developer) Collect

Nothing. The developer of DKPhotoSorter does not operate any servers, analytics, crash reporting, or data collection of any kind. Zero bytes are sent to us. The application communicates only with your selected AI provider (Google or OpenAI), OpenStreetMap, and Gumroad — never with the developer.

We do not have access to your photos, API key, location data, usage patterns, or any other information.

Your API Keys

Your API keys (Gemini and/or OpenAI) are stored locally on your computer using your operating system's secure credential store (Windows Credential Manager) via the “keyring” library. If keyring is unavailable, keys are stored in a local JSON configuration file in the application directory.

Each API key is transmitted only to its respective provider's API endpoints for authentication. Your Gemini key is sent only to Google; your OpenAI key is sent only to OpenAI. Keys are never sent anywhere else.

Google Gemini: Free Tier vs. Paid Tier

If you use Google Gemini as your AI provider, the data handling depends on whether your API key is on the free tier or a paid (billing-enabled) tier:

Free Tier

  • Google may use your submitted photos and AI responses to improve Google products, services, and machine-learning technologies.
  • Human reviewers at Google may read, annotate, and process your API inputs and outputs. Google states that it disconnects this data from your API key before review.
  • Data is retained for at least 55 days for abuse monitoring.
  • Google's terms warn: “Do not submit sensitive, confidential, or personal information to the Unpaid Services.”
  • The free tier is not available for users located in the EU/EEA, United Kingdom, or Switzerland.

Paid Tier (billing enabled at aistudio.google.com)

  • Google does not use your prompts, files (including photos), or responses to improve products.
  • Data is retained for up to 55 days solely for abuse monitoring and policy enforcement.
  • Human review occurs only if content is flagged by automated safety filters.
  • Available in all regions including EU/EEA/UK/Switzerland.

Quota note: The free tier has strict daily limits (~25 API calls/day for gemini-2.5-flash, approximately 17 photos). These limits are set by Google and may change. Enabling billing increases daily limits significantly (e.g. 10,000/day for flash, 1,000/day for pro) and costs pennies per hundred photos depending on model. Quota resets at midnight Pacific time. Check the “Billing Enabled” box in the GUI to indicate you have a paid account.

To check or upgrade your tier: aistudio.google.com

For full terms: ai.google.dev/gemini-api/terms

Data Processing Under GDPR (EU/EEA Users)

If you are located in the European Union or European Economic Area:

  • You are the data controller for any personal data contained in your photos (e.g., images of people, location metadata).
  • Google Gemini: The Gemini API free tier is not available for users in the EU/EEA, United Kingdom, or Switzerland. You must use a paid (billing-enabled) API key. On the paid tier, Google does not use your data to improve its models and provides a Data Processing Addendum (DPA). See: Gemini API Terms
  • OpenAI: When the Software sends photo thumbnails to OpenAI, OpenAI acts as a data processor. OpenAI offers a Data Processing Addendum (DPA) for API customers. See: OpenAI Data Processing Addendum
  • Sending data to Google (US-based) or OpenAI (US-based) constitutes an international data transfer. Both providers' DPAs address transfer mechanisms under GDPR.
  • GPS reverse geocoding is performed offline using the bundled GeoNames database — no photo coordinates leave your computer. Only your typed Home Address/Tag City text is sent to Nominatim for forward geocoding.
  • You should ensure you have a lawful basis for processing any personal data contained in your photos before using the Software.

Photos of Other People

If your photos contain images of other people, be aware that sending those thumbnails to Google or OpenAI may constitute processing of their personal data (particularly biometric data in some jurisdictions). If using the Gemini free tier, be aware that human reviewers at Google may view these images. You are responsible for ensuring you have the appropriate rights or consent to process photos containing images of others.

Changes to This Notice

If we update this privacy notice, the updated version will be included with future releases of the Software. We encourage you to review this notice when updating the Software.

Contact

For privacy-related questions, contact: dkphotosorter@gmail.com

Data Flow Diagram

Original photo files STAYS LOCAL
Folder paths STAYS LOCAL
API keys (each sent only to its own provider) STORED LOCALLY
Sort logs, cache & undo data STAYS LOCAL
Thumbnails + filename + GPS + date → AI provider SENT (HTTPS)
GPS coordinates → Overpass API SENT (HTTPS)
Home address → Nominatim SENT (HTTPS)
License key → Gumroad (every 7 days) SENT (HTTPS)

Developer collects: NOTHING