Customer Cloud Gallery Wordpress Plugin - Rating, Reviews, Demo & Download
Plugin Description
Customer Cloud Gallery turns any Google Drive or Dropbox folder into a beautiful image gallery — no file uploads to your server, no third-party gallery hosting fees.
Your photos stay where they already are. The plugin streams thumbnails and originals directly from the cloud, so your server stays fast even for galleries with thousands of images.
Typical use cases include client photo delivery (wedding, portrait, event, family, real-estate, product photography), private family albums, team portfolios, school and sports galleries, and any scenario where you want a clean, fast image grid backed by your existing Drive or Dropbox folder structure. Galleries can optionally be placed on a WordPress page protected by the built-in page password — useful for client delivery — but the plugin works equally well on public pages.
Core Features (Free)
- Google Drive & Dropbox — connect one or both storage providers at the same time; pick the folder when creating a gallery
- Lazy-loading grid — infinite scroll or load-more button, configurable per gallery
- Lightbox — full-screen with keyboard navigation and mobile swipe gestures
- Favorites — visitors heart their favourite images; filtered view shows only favourites
- Single-file download — original resolution, streamed directly from the cloud
- Full-gallery ZIP download — RAM-friendly streaming ZIP (no temporary files)
- Custom-selection ZIP download — visitors pick specific images and favourites, download as a single ZIP
- Optional password protection — works with WordPress’s built-in page password if you want client-only access; equally fine on a public page
- GDPR-ready cookie control — master on/off switch per gallery; visitors can clear their cookie
- Design customisation — accent colour, hover colour, border colour
Pro Features
- Visitor statistics dashboard — page views, top favourites, top downloads, favourites per visitor
- CSV export of favourite selections
- E-mail print shop — integrated order flow with configurable formats, paper options, pricing, PayPal.me and SEPA payment, automated customer and admin e-mails, order management
- Priority support
Why cloud storage?
Uploading full-resolution galleries to your web server is slow, wastes disk quota, and makes migration painful. With Customer Cloud Gallery the originals stay in Drive or Dropbox — the plugin fetches thumbnails on first request, caches them locally, and streams originals on demand. Server load is minimal even for 4K RAW previews.
Security
- OAuth tokens are stored AES-256-CBC encrypted using WordPress’s AUTH_KEY
- Per-gallery nonces prevent cross-gallery file access (IDOR protection)
- All file-serving endpoints verify that the requested file actually belongs to the requested gallery
- Download nonces expire after 24 hours
- Cache directory blocks PHP execution and directory listing via
.htaccess - Visitor cookies are
httponly+SameSite=Lax
External Services
This plugin connects to third-party services to deliver its core functionality. The connections are listed here so you can include them in your site’s privacy policy.
Google Drive API
Used only when the site administrator connects a Google Drive account in the plugin settings. The plugin uses OAuth 2.0 credentials that you generate yourself in your own Google Cloud Console — your data never passes through any server operated by the plugin author.
What is sent: OAuth tokens, folder IDs and file IDs that you choose to display. No visitor data is transmitted.
When: each time an admin browses folders in the plugin, and on a scheduled cron to refresh thumbnail caches.
- Service URL: https://www.googleapis.com/drive/v3/
- Terms of Service: https://policies.google.com/terms
- Privacy Policy: https://policies.google.com/privacy
Dropbox API
Used only when the site administrator connects a Dropbox account in the plugin settings. Uses an OAuth app you register in your own Dropbox developer account.
What is sent: OAuth tokens, folder paths and file IDs that you choose to display. No visitor data is transmitted.
When: each time an admin browses folders, and on a scheduled cron to refresh thumbnail caches.
- Service URL: https://api.dropboxapi.com/
- Terms of Service: https://www.dropbox.com/terms
- Privacy Policy: https://www.dropbox.com/privacy
Freemius
The plugin uses the Freemius SDK to deliver license management for the optional Pro upgrade. Freemius is contacted only after the site administrator explicitly opts in during plugin activation. If you skip the opt-in, no data is sent to Freemius and the Free version remains fully functional.
What is sent (only after opt-in): site URL, WordPress version, PHP version, plugin version, an anonymized site identifier and — if a Pro license is activated — the license key for validation.
- Service URL: https://api.freemius.com/
- Terms of Service: https://freemius.com/terms/
- Privacy Policy: https://freemius.com/privacy/
Privacy Policy
Customer Cloud Gallery stores the following data in your WordPress database:
Visitor cookie (all visitors)
A random visitor ID is generated server-side on the first gallery visit and stored in a browser cookie. The cookie name is wpg_visitor (the legacy name is kept since 1.12.1 so existing visitor favourites remain attached to the correct cookie after the prefix-rename migration; everything else uses the new ccgal_ prefix). The cookie is valid for 365 days. Its value is a random hexadecimal identifier with no relationship to any real-world identity, and is stored as-is in the database — there is no name, e-mail address, or plain-text IP address recorded against it.
Favourites
When a visitor hearts an image, the random visitor ID, the gallery ID, and the cloud file ID are stored in the wp_ccgal_favorites table. No personal data is included.
Download tracking (Pro, if the statistics module is enabled per gallery)
When the Pro statistics module is loaded and enabled per gallery, downloads are recorded in wp_ccgal_downloads: random visitor ID, gallery ID, file ID, download type, and a salted SHA-256 hash of the visitor’s IP address. The original IP address is never persisted — only the one-way hash, salted with the site’s AUTH_SALT. The Free plugin never writes to this table.
Page-view tracking (Pro, if the statistics module is enabled per gallery)
When the Pro statistics module is loaded and the per-gallery statistics sub-switch is on, page and image views are recorded in wp_ccgal_views: random visitor ID, gallery ID, file ID, salted IP-hash and timestamp. The Free plugin never writes to this table.
Print orders (Pro, if the print shop is enabled)
Stores the customer’s name, shipping address, e-mail address, optional phone number, optional message and the ordered items in wp_ccgal_orders and wp_ccgal_order_items. This data is necessary to fulfil the order and is retained until the site administrator deletes the order.
Personal data export & erasure (WP Privacy Tool)
The plugin integrates with the standard Tools Export Personal Data and Tools Erase Personal Data workflows. Print orders (Pro) are returned/erased by customer e-mail. Anonymous gallery favorites are, by design, not linkable to an e-mail address; the response message will note this explicitly so the requester knows their cookie-based records cannot be associated with their identity.
Data deletion
In addition to the WP Privacy Tool above, site administrators with the Pro statistics module can delete all tracking data for a specific visitor from the Statistics dashboard. Removing the plugin via Plugins Delete erases all options, custom tables, gallery posts, and the thumbnail cache.
Suggested privacy policy text
The plugin contributes a ready-made privacy policy paragraph to Tools Privacy Privacy Policy editor that you can copy into your public privacy page.
No third-party transmission
No visitor data is sent to external servers by this plugin. Thumbnails are fetched from Google or Dropbox APIs using the site administrator’s OAuth credentials — visitor sessions are never used for cloud API calls.
Photographer’s responsibility
If you use this plugin on your site you are the data controller for your visitors’ data. You should inform your visitors about the visitor cookie in your site’s privacy policy and, where required, obtain consent before enabling statistics tracking (Pro module only).
Screenshots
Frontend gallery grid — clients browse their photos with hover controls for favorites and download
Lightbox view — full-screen photo with keyboard navigation, mobile swipe and one-click favoriting
Print-order shop — clients pick formats and paper, place orders directly from the gallery (Pro)
Gallery editor — pick a Google Drive or Dropbox folder, set password, get the shortcode
Visitor statistics dashboard — page views, top favorites, top downloads per gallery (Pro)
Print settings — configure formats, paper types, prices, shipping and payment options (Pro)
