Product addendum

MigraDrive Service Addendum

Product-specific terms and privacy disclosures for file storage, photo backup, sharing, and subscription billing in the MigraDrive consumer and team apps.

Last updated April 12, 2026v1.0Entity: MigraTeck

Overview

Addendum covering object storage, encryption, media library access, share links, and the data MigraDrive collects or processes beyond the shared MigraTeck privacy policy.

1. What MigraDrive stores

  • Files, photos, and videos you choose to upload, organized under a per-account bucket prefix on MigraTeck-operated object storage.
  • Object metadata such as filename, size, MIME type, creation and modification timestamps, and the bucket prefix it resides under.
  • Per-account IAM credentials (access key and encrypted secret) scoped to that prefix only — accounts are not commingled at the storage layer.
  • Account-level state: email, name, scrypt-hashed password, plan tier, subscription status, soft-quota usage, and last-seen timestamp.

2. How MigraDrive uses your data

  • Deliver the storage service: list, upload, download, share, restore, and permanently delete the objects you control.
  • Enforce per-plan soft quotas, transfer caps, and abuse-prevention limits.
  • Generate and validate share links, including password-protected and expiring variants you create.
  • Operate Trash (30-day recoverable deletion) and file versioning windows that vary by plan tier.
  • Process subscription upgrades, renewals, cancellations, and reactivations.

3. What MigraDrive does not do

  • We do not scan, profile, index for advertising, or train machine-learning models on the contents of files you upload.
  • We do not sell or share file contents, file metadata, or account identifiers with advertisers or data brokers.
  • We do not access your photo library, camera, or microphone unless you grant the corresponding OS permission and initiate the action.
  • We do not show ads in any MigraDrive surface.

4. Mobile permissions

  • Camera — used only when you explicitly tap the Camera quick action or enable Camera Upload to capture or back up photos.
  • Photo library (READ_MEDIA_IMAGES / READ_MEDIA_VIDEO on Android, NSPhotoLibraryUsageDescription on iOS) — used only when you initiate an upload from the picker.
  • Microphone — used only if you choose to record video directly inside the app.
  • Notifications — used to surface upload completions and quota or share-link events.
  • Network access — required to sign object-storage requests and reach the authentication service.

5. Sharing and disclosure

Share links you create are public to anyone who holds the link until you revoke or expire them. Password-protected links additionally require the password you set.

Subscription transactions are processed by Stripe under its own privacy policy; MigraTeck receives transaction status and subscription metadata, but does not receive or store full payment card numbers.

6. Retention and deletion

  • Files in Trash are retained for 30 days from the time of deletion, then permanently removed.
  • Files outside Trash are retained until you delete them or close the account.
  • Account closure removes the account record, IAM identity, and all bucket-prefix contents within 30 days. Stripe billing records may be retained as required by US tax and accounting rules.
  • Server logs (request IP, User-Agent, session timestamps) are retained 90 days for abuse defense and forensic review.

7. Customer responsibility

You are responsible for the lawfulness of content you upload, for the recipients of any share links you generate, and for any password you set on a protected share. MigraTeck does not pre-screen file content and cannot recover share-link passwords on your behalf.