Privacy Policy

This policy explains what data Gumnut collects, why we collect it, who we share it with, and what you can do to control it. If anything here is unclear, email us at hello@gumnut.ai and we'll answer.

Last updated: April 20, 2026

Who we are

Gumnut is operated by Gumnut Labs LLC ("Gumnut", "we", "us"). This policy covers:

  • Our marketing site at www.gumnut.ai
  • The Photos web app at app.gumnut.ai
  • The Photos API at api.gumnut.ai, including the MCP server used by AI assistants
  • The Immich-compatible service at photos.gumnut.ai

What we collect

Account information

When you sign up, our authentication partner Clerk collects your name, email address, and (if you sign in with Google, Apple, or another identity provider) the OAuth profile information those providers share with us. Clerk also manages your password if you set one.

Photos and videos you upload

When you upload a photo or video, we store:

  • The original file
  • Metadata embedded in the file (EXIF, including the time the photo was taken, camera model, and — if your device wrote it — the GPS location)
  • Any metadata you add yourself, such as album names, captions, face labels, or album descriptions

Data we derive from your photos

To make your library searchable and organized, our servers generate additional data from the files you upload:

  • Thumbnails and resized variants for faster display
  • Text descriptions of each image or video, written by a vision-language model
  • Search embeddings (numeric vectors that let us match your text queries to images)
  • Face detections, face embeddings, and face clusters so we can group photos of the same person
  • Quality scores used to pick cover images and filter duplicates
  • Reverse-geocoded place names (neighborhood, city, country) derived from GPS coordinates in your photos

Activity and technical data

  • API and app usage logs. Standard request logs including IP address, User-Agent, timestamps, and which endpoints you called. These are used for debugging, abuse prevention, and capacity planning.
  • Error and performance telemetry. When the app encounters an error or a slow request, we record a diagnostic event. These may include your user ID, the URL being accessed, and a stack trace. We do not intentionally include photo contents in these events.
  • OAuth clients you authorize. When you connect an AI assistant (e.g., ChatGPT, Claude) to your Gumnut library, we record which client you authorized and what permissions it has.
  • API keys you create. We store a one-way hash so we can verify the key on future requests. We do not store the key itself in a recoverable form.

Marketing-site information

If you join the waitlist, we collect the name and email you provide. If you send a message via the contact form, we receive whatever you write plus your email.

How we use your data

  • To operate the service. Storing and serving your photos, generating thumbnails and search results, clustering faces, running AI-assistant integrations.
  • To keep the service reliable and secure. Detecting errors, investigating abuse, rate-limiting, and maintaining backups.
  • To communicate with you. Responding to support requests, confirming account actions, and occasional product updates. We don't send marketing emails to our users today.
  • To improve the service. Aggregate usage information helps us understand what's working and what isn't. We don't train our own models on your photos, and we configure the AI model providers we use to operate under zero-data-retention (ZDR) terms — meaning they don't retain your photos, videos, or prompts after fulfilling the request, and don't use them to train or improve their own models.

We do not sell your personal data, and we do not share it with advertisers.

Who we share your data with

We share your data only with service providers we need to operate Gumnut. Each of these is bound by their own terms and privacy practices.

Clerk

Authentication

Name, email, OAuth identities, session data — used for sign-in and account management.

Render

Hosting and database

Everything that lives in our servers and database — runs the API, background workers, and Postgres.

Cloudflare

Object storage and CDN

Your photo and video files; signed URLs for delivery — stores and serves your files via R2 and Workers.

Sentry

Error and performance monitoring

User IDs, request metadata, and diagnostic data from errors — debugging and reliability.

Google (Gemini) / OpenRouter

Vision-language model for ASSEt descriptions

Image or video content plus a text prompt — generating image and video descriptions. Not retained by the provider and not used to train their models. Gemini runs on the paid-tier API; OpenRouter requests route to open-weight models with zero-data-retention enforced per request.

Geoapify

Reverse geocoding

Latitude/longitude coordinates only (no user or asset identifier) — converting GPS coordinates to place names.

Framer / Google Workspace

Marketing-site forms

Waitlist signups (name, email) and contact-form messages, delivered via Google Sheets and Gmail — hosting the site, collecting signups and messages.

Framer

Marketing-site analytics

Aggregate page-view data — understanding which pages get traffic.

We may add or change service providers as the product evolves. We'll update the list above when that happens.

When you connect AI assistants

Gumnut supports connecting AI assistants (like ChatGPT and Claude) to your library through an MCP integration. When you connect one and ask it something about your photos — for example, "show me my dog photos last summer" — the assistant's host receives:

  • The specific photos, thumbnails, and metadata returned by the tool calls the assistant makes on your behalf
  • The prompts and context you send to the assistant

Once that data reaches the assistant's host (OpenAI for ChatGPT, Anthropic for Claude, etc.), that host's privacy policy applies to how they handle it, not ours. You can disconnect an AI assistant at any time from its own integrations settings, which revokes its access to your library.

Your controls

You can:

  • Delete individual photos or videos through the Gumnut web app, an Immich client, or the API. Deleted items go to a 90-day trash from which they can be restored, and are then purged from our servers and our object storage.
  • Delete an entire library (including all photos, derived data, albums, and metadata) by calling DELETE /api/libraries/{id} via the API or SDK. This is a hard delete on the server side.
  • Export your data. The Gumnut API and the TypeScript and Python SDKs let you list and download all your assets, metadata, and derived data. If you'd prefer a one-time archive compiled by us, email hello@gumnut.ai.
  • Delete your account through your Clerk profile. Deleting your Clerk identity does not automatically remove photos or library data from our servers — if you delete your Clerk account without first deleting your libraries, that data stays on our servers until we remove it on request. To delete everything: delete your libraries first (see above), or email hello@gumnut.ai and we'll remove it for you.
  • Revoke AI-assistant access. If you've connected ChatGPT, Claude, or another AI assistant to Gumnut, you can disconnect it at any time from the assistant's integrations settings.

How long we keep your data

  • Active data stays on our servers for as long as your account and library exist.
  • Deleted photos and videos spend up to 90 days in the trash, after which they're permanently removed from our database and object storage.
  • Database and storage backups are kept for up to 30 days. Data you've deleted may persist in backups until those backups cycle out, but is not restored into the active system.
  • Logs and telemetry are retained for up to 90 days for operational purposes.
  • Error events in Sentry are retained per Sentry's default retention (typically 90 days).

Cookies

We use a small number of cookies:

  • Essential cookies set by Clerk to keep you signed in.
  • Basic site analytics cookies set by Framer on the marketing site to count page views.

We don't use advertising or cross-site tracking cookies.

Children

Gumnut is not directed to children under 13. We don't knowingly collect information from children under 13. If you believe a child has created an account, email hello@gumnut.ai and we'll remove it.

Where your data is stored

Gumnut's servers and database are hosted in the United States. Our object storage (Cloudflare R2) and CDN are US-primary but may replicate data to other regions for performance and reliability. By using Gumnut, you understand that your data will be processed in the United States and other countries where our service providers operate.

Changes to this policy

We may update this policy from time to time. The "Last updated" date at the top reflects the most recent change. For material changes, we'll make reasonable efforts to let you know, but we encourage you to review this page periodically.

Contact us

Questions, requests, or concerns? Email us at hello@gumnut.ai.