Privacy policy
Last updated: May 22, 2026
1. Data controller
Bitforge (hereinafter, «Carrete» or «we») is the data controller for the personal information we collect through the Carrete mobile application, the carrete.app website and the related services.
Registered address: Cerro el Plomo 5931, Office 1213, Las Condes, Chile.. Tax ID (RUT): 78.148.908-5.
For privacy inquiries: privacy@carrete.app. For general support: support@carrete.app.
2. What Carrete is
Carrete is a digital service that lets you create "carretes": shared photo albums for events, with analog film aesthetics, link or QR-code invitations, limited shots and configurable reveal.
Users can register their own account, join other people's carretes as guests and, depending on the host's configuration, join anonymously without an email address.
3. Data we collect
Depending on how you use the service, we may process the following categories of data:
Account and profile: email address, password (stored encrypted by our authentication provider), display name and, if you choose, an avatar image.
Event participation: user identifier, role (host or guest), join date on the carrete, photos you capture or upload, technical image metadata (e.g. EXIF orientation; we do not collect GPS coordinates from your photos) and the configuration of the event you belong to.
User-generated content: JPEG photos, carrete covers, text comments you post on carrete photos, "like" records on photos (user and photo identifiers, no associated message) and data tied to image processing (e.g. film-filter processing status).
In-app purchases: transaction identifiers, product purchased, price in USD and the guest capacity tied to the carrete. We do not receive or store credit or debit card data; payments are processed by Apple App Store or Google Play.
Push notifications: device token and platform (iOS, Android or web), only if you enable notifications in the Account screen.
Technical and local data: session identifiers, light/dark theme preference, onboarding state, local photo upload queue and camera preferences stored on your device.
Usage metrics (first-party): anonymous session identifier on the device, screens visited, in-app actions (e.g. create carrete, join, shoot or buy), app version and platform (iOS, Android or web). We do not include photos, emails, names or free-text content in these events. You can disable sending them in Account → Privacy.
Anonymous session: if the host allows joining without an account, we may create an anonymous session and store the display name you provide (between 2 and 40 characters).
4. Data we do not collect
We do not request or use your geographic location (GPS) in the application.
We do not use third-party marketing analytics platforms (e.g. Firebase Analytics, Amplitude or Meta Pixel). Usage metrics are stored on our own servers (Supabase) with aggregated data and without the content of your photos.
We do not record audio or use the device microphone for service features.
We do not access location metadata from your phone's gallery when picking images.
5. Purposes of processing
Provide the service: create and manage carretes, allow shots with filters, show galleries according to the host's rules and share invitations.
Authentication and security: manage your account, sessions and access to events.
Image processing: apply film presets and store the photos on our servers.
Purchases: validate guest-capacity acquisitions and record the purchase history on your account.
Communications: send you push notifications related to the service, only if you enable them.
Product improvement: analyze in aggregate how the app is used (screens, funnels and technical errors) to fix issues and prioritize improvements, based on legitimate interest. You can opt out by disabling metrics in the app.
Support: respond to inquiries, resolve incidents and keep the service stable.
Legal compliance: meet applicable data protection and consumer obligations.
6. Legal basis and consent
The processing needed to provide you the service (account, participation in carretes, photo storage) is grounded on the performance of the contract you accept when using Carrete.
Sending push notifications and using your avatar require your consent, which you can withdraw by disabling notifications or removing your avatar.
In some cases we may process data based on legitimate interest (e.g. service security), always respecting your rights.
7. Processors and third parties
We share data with providers that help us run the service, under contracts that require adequate protection:
Supabase: authentication, database, file storage and cloud functions. Your data may be hosted in the region configured for our project (see Supabase documentation on data location).
RevenueCat: management of in-app purchases on iOS and Android.
Apple and Google: payment processing when you acquire guest capacity; their own privacy policies apply.
Expo: delivery of push notifications to your device.
We do not sell your personal data to third parties.
8. Photos and shared content
The photos you upload or capture on a carrete may be visible to other participants depending on the host's configuration (for example, if the option to let everyone see all photos is enabled and depending on the reveal strategy: live, at close, on a scheduled date or manual).
The carrete host can delete photos from the album (soft deletion in our systems).
You are responsible for the content you publish and for having the necessary rights over the images and the people appearing in them.
9. Anonymous sessions
If the host disables the requirement to sign in with email, you can participate with an anonymous session by providing only a display name.
In those cases we do not collect your email, but we do collect the content you generate (photos, participation) tied to a technical session identifier.
The host is responsible for inviting only authorized people and for complying with applicable regulations when allowing participation without an account, especially if minors are involved.
10. Data retention
We retain your data for as long as you keep an active account or participate in carretes, plus the time necessary to comply with legal obligations, resolve disputes or enforce our agreements.
Photos deleted by the host or by you may remain in backups for a limited period before being permanently erased.
Push notification tokens are deleted when you disable notifications or sign out of the device, as applicable.
11. Your rights
In accordance with Chilean Law N° 19.628 on the Protection of Private Life and applicable regulations, you may request access, rectification, cancellation or opposition to the processing of your personal data, when appropriate.
To exercise these rights, write to privacy@carrete.app stating your request and a way to verify your identity. We will respond within the timeframes established by law.
12. Account deletion
You can sign out at any time from the Account screen of the application.
To permanently delete your account and associated data, open the app → Account tab → "Account and data" section → Delete account, and confirm in the dialogs. Your profile and the carretes you organize will be erased.
If you cannot use the app, write to privacy@carrete.app or support@carrete.app. We will process the request unless we must retain certain information due to a legal obligation or for the defense of claims.
13. Security
We apply reasonable technical and organizational measures to protect your data, including encryption in transit (HTTPS), database access control and row-level security (RLS) policies on our backend.
Carrete photos are served via signed URLs of limited duration (about one hour) to reduce unauthorized access.
No system is completely infallible; we recommend using strong passwords and not sharing your credentials.
14. Minors
The service is not intended for minors under 13 years of age. We do not knowingly collect data from minors under that age.
If you are a parent, mother or guardian and believe a minor has provided us with data, contact us to request its deletion.
Hosts who invite minors to a carrete are responsible for obtaining the necessary authorizations and for configuring the event appropriately (for example, requiring sign-in with email).
16. Changes to this policy
We may update this policy to reflect changes in the service or in the regulations. We will publish the current version on this page with the last updated date.
If the changes are substantial, we will notify you through reasonable means (for example, in the app or by email). Continued use of the service after the changes take effect implies your acknowledgement of the updated policy, unless the law requires additional consent.