Every event gallery sits somewhere on a spectrum between "anyone with the link can see everything" and "only invited people can get in." Choosing the right point on that spectrum is part convenience, part responsibility — especially once face matching is involved, because a gallery that finds people by face deserves more thought than a static folder. Here is how to decide.
What "public" actually means
A public gallery is open to anyone who has the link. There is no code, no gate — open it and you are in. This is the right call when the photos are low-sensitivity and easy distribution is the whole point: a community fun run, a public festival, a conference where attendees expect coverage. The benefit is zero friction; the trade-off is that the link can be forwarded freely and you lose control of who sees the set.
What "private" adds
A private gallery puts a gate in front of the photos — typically a PIN that guests must enter before they can view or search. Only people you share the code with get in. This is the right default for anything personal or sensitive: weddings, private parties, kids' events, corporate functions where the photos should stay inside the company. You can regenerate the PIN if it leaks, and revoke access by closing the gallery.
A simple decision rule
- —Would you mind if this link were posted publicly? If yes, make it private.
- —Are children in the photos? Default to private.
- —Is this a closed group (a company, a wedding party, a school)? Private, gated to that group.
- —Is this a large public event where coverage is expected and easy access is the goal? Public is reasonable.
Consent is separate from access
Access control decides who can open the gallery. Consent is about whether the people in the photos are comfortable being there and being findable by face. They are related but not the same — a private gallery shared with the right group still benefits from people knowing how it works. A few good practices:
- —Tell guests how delivery works — a line at the event or in the share message ("photos will be in a gallery you can find yourself in by selfie") sets expectations.
- —Offer an opt-out path — if a guest would rather not be searchable, a private gallery and the ability to remove specific photos respects that.
- —Be especially careful with minors — gate those galleries and limit them to the relevant families.
Retention: privacy is also about time
A gallery that stays open forever is a standing pool of photos and face data. Good practice is to set a retention window so the gallery closes and its photos and face data are purged after a defined period. This is not just hygiene — it limits how long the data exists to be misused, and it is the kind of policy guests appreciate when they hear it. Galleries can be set to expire on a date or after a window, and renewed if the client needs more time.
The takeaway for photographers and organisers
Public for genuinely public events; private for everything personal — that covers most decisions. Layer on a short explanation of how delivery works, an opt-out for anyone who wants it, extra care around minors, and a sensible retention window, and you have a delivery setup that is both convenient and responsible. Face matching makes finding photos effortless; handling access and consent well is what makes that effortlessness something people trust.