Carousel is a photo slideshow and screen saver app for Android and Android TV. It can display bundled sample images, photos available through Android media access, photos uploaded directly to the TV over your local network, and photos from remote SMB or Immich sources that you configure.
Summary
Carousel does not require you to create an account.
Carousel does not include advertising SDKs, analytics SDKs, or crash reporting SDKs.
We do not sell your personal information.
We do not operate a backend service that collects your photos or app data.
Information the App Accesses and Stores
Depending on how you use the app, Carousel may access and store the following information on your device.
1. Photos and photo metadata
If you grant photo access, the app can read images that you allow it to access from device or removable storage.
To build and display slideshows, the app may read and locally cache photo-related metadata such as:
- file name
- image dimensions
- date taken or modified
- Android media Uri values or source paths
- EXIF metadata, including GPS coordinates when available
2. Optional location information from photos
If a photo contains embedded GPS metadata and you grant media location access, Carousel may read that metadata to show location details for a photo.
The app may also use Android geocoding services to convert photo coordinates into a more readable location label such as a city, region, or country. Depending on the Android device and system services available on that device, this lookup may rely on platform or device-provider geocoding services.
Carousel does not request your device's live GPS location.
3. Remote source information you provide
If you configure a remote source such as SMB or Immich, the app stores the settings needed to connect to that source locally on your device.
This may include connection names, server addresses, usernames, remote paths, album selections, and similar source configuration details.
Secrets such as remote passwords or Immich authentication credentials are stored locally using Android encrypted shared preferences.
If you use optional browsing, discovery, or pairing features, the app may also temporarily process local-network results such as available hosts, shares, folders, or Immich servers so you can choose a source. Those results are not sent to a developer-operated backend.
4. Local upload source information
If you use the Upload source, Carousel can start a temporary upload page on the TV. Devices on the same local network can open that page with the session link or QR code shown on the TV.
Photos you upload through that page are stored locally by Carousel on the TV for slideshow playback and management. Carousel may also store related local information such as the photo name, upload time, image dimensions, album assignment, and optional date or location metadata provided by the browser.
If date or GPS metadata is available to the browser, that metadata may be sent to Carousel and used for slideshow dates and optional location labels. If metadata extraction fails, Carousel may use the upload time and omit location information.
Uploaded photos are stored on the TV device. The original full-size files are not stored by Carousel.
5. Google Play billing information
If you buy or restore a subscription or lifetime unlock through Google Play, the app may process purchase status, product identifiers, renewal timing, and related billing state needed to unlock premium features and open Google Play subscription management.
Carousel does not receive your full payment card details. Billing transactions are processed by Google Play.
6. App settings and local state
The app stores local settings and state needed to run, such as:
- selected source type
- selected USB volume name
- slideshow customization settings
- source indexing state and summary information
- cached photo metadata
- geocode cache entries
- a limited ready-cache of locally cached remote image files for performance
- local upload album names, album selections, uploaded photo index records, and uploaded display/thumbnail files
How Information Is Used
Carousel uses the information above only to provide app functionality, including:
- scanning photo sources you choose to use
- displaying photos in the slideshow
- storing and managing photos you upload directly to the TV
- reading dates and optional embedded photo location metadata
- generating human-readable location labels for display
- remembering your selected source and visual preferences
- connecting to local or remote photo sources you configure, including SMB and Immich
- hosting a temporary local-network management page for uploads and deletes when you start that feature
- helping you browse, discover, pair, or select optional remote sources and content
- caching metadata and some files locally to improve startup time and playback performance
- unlocking premium features based on Google Play purchase status
Network Use
Carousel uses network access only for features you choose to use or that your Android system may provide:
- to connect to local or remote photo sources you configure, including SMB and Immich
- to host the temporary Upload management page on your local network when you start it
- to receive resized upload files and metadata from devices that open the Upload management page
- to browse or discover compatible sources on your local network when you explicitly start those features
- to retrieve remote media, metadata, albums, and related source information needed for playback
- to support optional local-network pairing flows for features such as Immich sign-in
- to perform geocoding through Android or device-provider geocoding services, if those services are available on your device and photo coordinates are used
- to communicate with Google Play for purchase, restore, and subscription-management flows that you explicitly use
We do not transmit your data to our own servers because Carousel does not use a developer-operated backend.
Sharing
We do not sell, rent, or share your personal information with third parties for advertising or marketing.
Information may be processed by:
- the remote or local photo services you choose to connect to, such as SMB or Immich
- devices or services on your local network when you explicitly use browsing, discovery, pairing, or Upload management features
- Android OS or device-provider geocoding services, if geocoding is available and used on your device
- Google Play, when you choose to buy, restore, or manage a subscription or lifetime unlock
- Android backup or device transfer services, as described below
Backup and Device Transfer
Carousel allows certain non-sensitive app preferences to be included in Android cloud backup and device-to-device transfer, if those Android features are enabled on your device.
Those backed-up preferences may include source selection and non-secret configuration data, such as server addresses, usernames, remote paths, and album selections. Passwords and authentication credentials are stored in a separate encrypted preferences file and are not included in the app's declared backup rules. Uploaded photo files stored by the Upload source are excluded from Carousel's declared Android backup rules.
Data Retention and Deletion
Most app data is stored locally on your device and remains there until it is replaced, cleared, or removed.
You can reduce or remove stored data by:
- deleting uploaded photos or albums from the Upload management page
- deleting remote-source profiles or changing sources inside the app
- clearing the app's storage in Android system settings
- uninstalling the app
If you use Android backup features, backed-up preference data may remain in your Google or device backup environment according to that platform's retention policies.
Security
We use reasonable device-level protections available in Android, including encrypted shared preferences for stored remote-source passwords and authentication credentials.
Remote source connections use the relevant network protocols and security features provided by those integrations. For example, SMB and Immich connections rely on the relevant platform and protocol protections available to those integrations. If you use optional local-network pairing for Immich or similar features, those pairing sessions are temporary and intended for use only on your local network.
The Upload management page is only reachable by devices that can reach your TV on the same local network while the temporary session is active. Anyone on that local network who has the session link or QR code may be able to upload, view, or delete uploaded photos through that page, so only share it with people you trust and use it on networks you trust.
No method of electronic storage or transmission is completely secure, and we cannot guarantee absolute security.
Children's Privacy
Carousel is not directed to children under 13.
Changes to This Policy
We may update this Privacy Policy from time to time. If we make material changes, we will update the effective date above and publish the revised policy with the app or its distribution listing.
Contact
If you have questions about this Privacy Policy, contact Carousel Support at carousel.screensaver@gmail.com.