Privacy Policy

Last updated: February 2026

This Privacy Policy explains how Remarso ("we", "us", "our"), operating VirtualTourEasy ("VTE", "the Service"), collects, uses, stores, and protects your personal information when you use our platform at virtualtoureasy.com.

1. Information We Collect

Account Information

When you create an account, we collect:

• Name and email address
• Password (hashed — we never store plaintext passwords)
• Profile information provided via Google or Facebook OAuth if you choose social login

Tour Content

Content you upload or create on the platform, including:

• 360° images and regular photos
• Audio files
• Tour configurations, hotspots, and metadata
• AI-generated images (photo enhancements, 360° generations, outpainting results)

Lead Capture Data

If you use our lead capture forms within tours, we collect information submitted by your tour viewers, such as name, email, phone number, and messages. You are the data controller for leads collected through your tours.

Analytics Data

We automatically collect analytics on tour views, including:

• Page views and view counts
• Device type and browser information
• Referrer URLs
• General geographic location (country/region level)

Payment Information

Payment processing is handled entirely by Stripe. We do not store your full credit card number, CVV, or other sensitive payment details on our servers. We receive and store only a reference to your Stripe customer ID and subscription status.

Usage Data

We collect general usage information such as feature usage patterns and error logs to improve the Service.

2. How We Use Your Information

• To provide, operate, and maintain the Service
• To process your transactions and manage your subscription
• To send transactional emails (account verification, password resets, billing notifications)
• To provide tour analytics and lead capture functionality
• To process images through our AI features (photo enhancement, 360° generation, outpainting, text-to-360°)
• To improve and develop new features
• To respond to support requests
• To detect and prevent fraud or abuse

3. Third-Party Services

We share data with the following third-party providers as necessary to operate the Service:

Stripe

Processes payments and manages subscriptions. Stripe receives your payment details directly. See Stripe's Privacy Policy.

Cloudflare

Our platform runs on Cloudflare Workers with data stored in Cloudflare R2 (object storage) and D1 (database). Cloudflare provides CDN, security, and hosting infrastructure. See Cloudflare's Privacy Policy.

Replicate

Powers our AI image processing features. When you use AI tools (photo enhancement, 360° generation, outpainting, text-to-360°), your images are sent to Replicate's API for processing. See Replicate's Privacy Policy.

Resend

Handles transactional email delivery (account verification, password resets, notifications). Your email address is shared with Resend for this purpose. See Resend's Privacy Policy.

Google & Facebook (OAuth)

If you sign in with Google or Facebook, we receive basic profile information (name, email, profile picture) as authorized by you during the OAuth flow. We do not access any other data from your Google or Facebook accounts.

4. Cookies and Local Storage

We use the following:

• JWT Authentication Tokens: Stored as cookies to keep you signed in. These are essential for the Service to function and cannot be disabled.
• Local Storage: Used to store your UI preferences (theme, editor settings). This data stays on your device.

We do not use third-party tracking cookies or advertising cookies.

5. Data Storage and Security

Your data is stored on Cloudflare's global infrastructure (R2 for files, D1 for structured data). We implement industry-standard security measures including:

• Encryption in transit (HTTPS/TLS)
• Hashed passwords (never stored in plaintext)
• Secure API authentication
• Regular security reviews

While we take reasonable precautions, no method of electronic storage is 100% secure. We cannot guarantee absolute security.

6. Data Retention

• Active accounts: We retain your data for as long as your account is active.
• Deleted accounts: When you delete your account, we remove your personal data and tour content within 30 days. Some anonymized usage data may be retained for analytics.
• Lead data: Lead capture data is retained until you delete it or delete your account.
• AI-processed images: Images sent to Replicate for processing are transient and not stored long-term by Replicate after processing completes.

7. Your Rights (GDPR & Global Privacy)

Regardless of where you are located, you have the following rights:

• Access: Request a copy of the personal data we hold about you.
• Rectification: Request correction of inaccurate personal data.
• Erasure: Request deletion of your personal data ("right to be forgotten").
• Data Portability: Request your data in a structured, machine-readable format.
• Restriction: Request that we limit processing of your personal data.
• Objection: Object to processing of your personal data.
• Withdraw Consent: Where processing is based on consent, you may withdraw it at any time.

To exercise any of these rights, contact us at support@virtualtoureasy.com. We will respond within 30 days.

8. Children's Privacy

VirtualTourEasy is not intended for children under the age of 16. We do not knowingly collect personal information from children under 16. If we learn that we have collected data from a child under 16, we will delete it promptly. If you believe a child has provided us with personal data, please contact us.

9. International Data Transfers

Your data may be processed and stored in various locations globally through Cloudflare's infrastructure. By using the Service, you consent to the transfer of your data to countries outside your country of residence, which may have different data protection laws.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by email or through a notice on the Service. Your continued use of the Service after changes take effect constitutes acceptance of the updated policy.

11. Contact Us

If you have questions about this Privacy Policy or how we handle your data:

• Email: support@virtualtoureasy.com
• Company: Remarso, operating VirtualTourEasy
• Website: virtualtoureasy.com