← Pixavo

Privacy notice

Last updated: [datum]

Draft. Fill in the [company details] and have the final text reviewed by a lawyer before you go live.

Pixavo is a service that lets a couple create a shared photo and video album for their wedding. Guests scan a code and upload their images. Below you can read which data we process and why. We store as little as possible and use no hidden tracking.

Who is responsible

The data controller for this service is [bedrijfsnaam], [adres], Chamber of Commerce [KvK-nummer], reachable at [contact-e-mailadres]. For the content that guests place in an album, the couple who creates the album is the controller; we process that content on their behalf.

Which data we process

  • Organiser's account: your email address, to sign in via a login link and to keep you informed about your album.
  • Payment: your payment is handled via Stripe. We do not receive full payment details; Stripe processes these as an independent party.
  • Album content: the photos, videos and any audio messages that guests upload, plus an optional display name that a guest enters themselves. Images may show people and are therefore personal data.
  • Technical: an anonymous count of how often an album has been opened (per day, without IP address or profile) and the usual server logs for security and troubleshooting.

For what purpose and on what legal basis

We process this data to provide the service (performance of the contract), to keep the service secure and working (legitimate interest), and on the basis of consent when a guest chooses to upload images. A guest decides for themselves what they share.

How long we keep it

The album can be viewed online for up to 12 months after the wedding date. The couple can download the images in full quality to keep themselves. A guest can delete their own upload at any time; the couple can delete items or the entire album. After deletion we remove the relevant files from our storage.

Where your data is held and who helps us

Your photos, videos and album data are held within the European Union. We work with a fixed number of processors (sub-processors), each for one component:

  • Supabase — database and storage of photos and album data, in the EU region (Frankfurt).
  • Cloudflare — processing and delivery of video. [Confirm the EU region setting before going live.]
  • Stripe — the payment. Stripe processes payment details as an independent party.

Data processing agreements are in place with these parties. [Sign and archive the data processing agreements with the above parties before going live.]

Security and separation between albums

Each album is only reachable via its own, unguessable link and is technically fully separated from other albums: data from one album cannot end up in another album. Photos and videos are stored privately and are only shown via secure, temporary links, so they are not publicly discoverable. We do not use facial recognition or any other biometric data.

Your rights

You have the right to access, correct and delete your data, and you can object to processing. A guest deletes their own upload via the button next to the upload; for other requests, contact us at [contact-e-mailadres]. You can also lodge a complaint with the Dutch Data Protection Authority.

Cookies

We use only functional cookies that are needed to keep you signed in. We set no advertising or tracking cookies.

Contact

Questions about your data? Email [contact-e-mailadres].

Privacy · Pixavo