Photoroom

86/100

Strong disclosure · High confidence

Grade scaleA · 85–100B · 70–84C · 55–69D · 40–54F · 0–39

A named training opt-out, an explicit no-sell commitment, full rights and detailed retention periods; light on named security controls.

What the policy says

Training

Trains on user images by default, with a clear opt-out in account settings and an API exemption.

Sharing

Explicit no-sell policy, with named sub-processors (Apple, RevenueCat, Dub) for defined purposes.

Deletion

Full rights including access, deletion, correction, portability and objection, with a 30-day deletion timeline.

Security

Named DPO and CNIL contact, but no specific encryption standards or breach-notification procedure.

Details

Category: Image & video
Modalities: image
Processes biometrics: No
Policy last updated: 2026-03-01
Region scored: Global / US-default
Assessed: 2026-06-20

Read Photoroom's privacy policy

Every grade scores what an app discloses about its data governance in its public privacy policy and terms, not its verified behaviour. A strong policy can hide weak practice, and a thin policy can hide good practice.