Your family's photos are yours.
Only yours.
We built Smalldays for our own families. We'd never put our kids' photos in a system we didn't trust. So we built one we do.
Local-first by design
Every photo, video, voice note, and text moment lives exclusively on your device. There is no cloud sync. We couldn't access your data even if we wanted to.
48-hour photo deletion
When you choose to print a book, your selected photos are uploaded via encrypted connection. They are permanently deleted within 48 hours of book rendering — no exceptions.
AES-256 encryption
Any data in transit uses TLS 1.3. Any data temporarily at rest during book printing is encrypted with AES-256. We meet or exceed banking-grade security standards.
No tracking, no ads, no data sales
We use privacy-respecting analytics only (no Google Analytics). We don't run ads. We never sell, share, or monetize your data. Our business model is books and subscriptions — not your information.
Explicit consent for everything
Photos only leave your device when YOU tap 'Create Book' and explicitly consent. We show you exactly what will be uploaded and remind you of our deletion promise before every upload.
Right to deletion
Request account deletion at any time. We'll remove all account data within 72 hours. Local data on your device is yours and always has been — we never had it.
Data lifecycle during book printing
| Data Type | Retention | Notes |
|---|---|---|
| Uploaded photos | 48 hours after rendering | Encrypted at rest (AES-256) |
| Rendered PDF | 30 days after delivery | User can re-download in window |
| Order metadata | Business records | No media — just order details |
| Moment text/tags | Deleted with photos (48hr) | Only stored for rendering |
| Payment data | Managed by Stripe | We never store card numbers |
Compliance & standards
Smalldays is designed to comply with COPPA, GDPR, CCPA, and Apple's Kids Category guidelines. We regularly review our practices against evolving standards.
Questions about privacy? privacy@smalldays.app