Privacy Policy

Effective Date: April 30, 2026

Looking for support topics instead of policy language? Start at the ICON Help Center.

ICON ("we," "us," or "our") operates the ICON customer app, ICON Dispatch photographer app, and website (iconapp.co). This Privacy Policy describes how we collect, use, disclose, and protect your personal information when you use our services.

1. Information We Collect

Account Information

When you create an account, we collect:

• Name (first and last)
• Email address
• Password (stored in encrypted/hashed form)
• Phone number (optional)
• Date of birth (optional)
• Profile photo

Photographer Profile Information

If you register as a photographer, we additionally collect:

• Professional bio and specialties
• Equipment details
• Experience level and portfolio images
• Pricing information (hourly rates, travel fees, packages)
• Coverage areas and availability
• Stripe Connect account information for payouts

Location Data

With your permission, we collect precise location data (GPS coordinates) and coarse location data such as city, state, region, or service market to:

• Show you nearby photographers
• Match photographers to booking requests by proximity
• Display photographer locations on maps
• Facilitate on-location photo sessions
• Confirm whether a requested shoot location is inside an active ICON service market

You can disable location services at any time through your device settings, though this may limit app functionality.

Booking and Contact Details

When you request, accept, or complete a shoot, we may collect and use details needed to coordinate the booking, including:

• Shoot location address, physical address details, or meeting point
• Session date, time, duration, category, notes, and customer brief details
• Limited customer and photographer contact details needed for session coordination and support
• Messages, notes, support requests, and emails or text messages you send to ICON or to other users through ICON-supported workflows

Payment Information

We use Stripe as our payment processor. When you add a payment method or subscribe to a plan:

• Card details are collected and stored directly by Stripe — we never see or store your full card number
• We store a Stripe customer ID to associate your account with your payment methods
• Transaction history (amounts, dates, booking references) is stored for record-keeping

Photos and Content

• Profile photos and cover images you upload
• Session photos uploaded by photographers and delivered to customers
• Portfolio images (photographers)
• Review comments and ratings
• Saved, liked, or briefed images used to personalize your ICON experience
• Customer support messages, issue reports, and related attachments you choose to provide

Usage and Device Data

• User account identifiers, such as your internal user ID and Stripe-related account identifiers
• Device identifiers, device type, operating system, and app version
• Product interaction data, such as screens viewed, buttons tapped, booking-flow progress, search/filter behavior, notification interactions, and feature usage
• Push notification device tokens
• Crash reports and performance data (via Sentry)
• Booking history and interaction patterns

2. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve our services
• Process bookings and facilitate connections between customers and photographers
• Process payments, subscriptions, and photographer payouts
• Send push notifications about bookings, messages, and session updates
• Verify your identity and prevent fraud
• Provide customer support, investigate support requests, and respond to emails, text messages, or in-app messages you send us
• Monitor app health and fix crashes (via error monitoring)
• Analyze app usage and product performance so we can improve reliability, pricing, content, and booking flows
• Personalize your experience, including recommended images, featured ICONs, saved-photo collections, and relevant in-app content
• Send service announcements, promotional messages, or marketing communications where permitted by law and your notification or communication choices
• Enforce our Terms of Service
• Comply with legal obligations

3. Tracking and Advertising

ICON does not sell your personal information and does not use your personal information to track you across third-party apps or websites for advertising purposes. We do not currently use Apple's Identifier for Advertisers (IDFA), do not require App Tracking Transparency permission, and do not share data with third parties for cross-app or cross-site tracking.

4. How We Share Your Information

We do not sell your personal information. We share information only in these circumstances:

With Other Users

When you book a photographer or accept a shoot in ICON Dispatch, limited information is shared between the customer and photographer to facilitate the session. This may include name, profile photo, session location or physical address, session details, relevant contact details, in-app messages, booking status, ratings, and delivered gallery content.

With Service Providers

We use the following third-party services that may process your data:

• Stripe — Payment processing and payouts. Subject to Stripe's Privacy Policy.
• Amazon Web Services (AWS) — Server hosting and photo storage (S3). Photos are stored in private, access-controlled buckets.
• Firebase (Google) — Push notification delivery. We send device tokens and notification content.
• Sentry — Error and crash monitoring. Captures technical error data to help us fix bugs. No personal content is intentionally collected.
• Google Maps / Apple Maps — Map display and location services. Subject to Google's and Apple's respective privacy policies.

For Legal Reasons

We may disclose information if required by law, legal process, or to protect the rights, property, or safety of ICON, our users, or the public.

5. Data Storage and Security

Your data is stored on secure servers hosted on Amazon Web Services (AWS) in the United States (Ohio region). We implement the following security measures:

• Passwords are cryptographically hashed (bcrypt) — we cannot read your password
• All data transmitted over HTTPS/TLS encryption
• Server hardened with firewall rules, brute-force protection, and automatic security updates
• Photos stored in private S3 buckets with no public access — served only through authenticated API endpoints
• Rate limiting on authentication endpoints to prevent brute-force attacks
• Payment card data handled entirely by Stripe (PCI DSS compliant) — never touches our servers

6. Your Rights and Choices

You have the right to:

• Access your data — View your profile, booking history, and payment history within the app
• Update your data — Edit your profile information, email, and password at any time
• Delete your account — Permanently delete your account through the app's Account Settings. Some data may be retained for legal and financial record-keeping obligations.
• Control notifications — Manage your notification preferences within the app or disable push notifications through your device settings
• Control location — Enable or disable location services through your device settings
• Manage payment methods — Add or remove payment methods through the Wallet section of the app
• Opt out of marketing communications — Use unsubscribe links where available or contact us to stop non-essential promotional messages
• Request content review or removal — Contact support about photos, reviews, or other user content associated with your account

7. Data Retention

We retain your information for as long as your account is active. If you delete your account:

• Personal profile data is removed
• Transaction records may be retained for tax and legal compliance purposes
• Anonymized booking data may be retained for analytics

8. Children's Privacy

ICON is not directed at children under the age of 18. We do not knowingly collect personal information from children. If we learn that we have collected information from a child under 18, we will take steps to delete that information.

9. Third-Party Links

Our app may contain links to third-party websites or services. We are not responsible for the privacy practices of those third parties. We encourage you to review their privacy policies.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy in the app or sending a notification. Your continued use of ICON after changes are posted constitutes acceptance of the revised policy.

11. Contact Us

If you have questions about this Privacy Policy or your personal data, contact us at:

Email: support@iconapp.co

Website: iconapp.co/support