Privacy Policy.

• Account data — name, email address, password (hashed), and studio / organization name when you sign up.
• Selfie images — when a guest wants to find their photos, they upload a selfie. The selfie is used to generate a face embedding (a numerical fingerprint of the face) and is processed to match against event photos.
• Face embeddings — generated from both event photos (uploaded by the photographer) and from guest selfies. Embeddings cannot be reversed into the original face image but uniquely identify the face for matching.
• Event photos — images uploaded by photographers to their events, stored in our object storage with signed URLs.
• Usage data — pages viewed, photos downloaded, face scans attempted, approximate device and browser information.

We will never process your selfie or biometric data without your explicit consent. When you sign up as a guest to find your photos, you are asked to agree to this policy on the signup screen.

Specifically, by agreeing you understand and consent to:

• Your selfie being uploaded and processed to detect a face.
• A face embedding being generated from your selfie and compared against face embeddings from the photographer's event photos.
• Matched photos being shown to you so you can view and download them.

You may withdraw consent at any time by emailing support@fotomeai.com. On withdrawal, we delete your selfie, your face embedding, and your account from our systems.

• To match you with photos of yourself within an event gallery.
• To deliver and host event galleries on behalf of photographers.
• To send transactional email (verification, password reset, "your zip is ready").
• To prevent abuse, fraud, and to keep the service secure.
• To improve match accuracy in an aggregated, non-identifying way.

We do not sell your data, your selfie, or your face embedding. We do not use your selfie or face data to train third-party models.

• Selfies are stored only as long as needed to perform matching and are removed when you delete your account.
• Face embeddings are retained while your guest account exists so you don't have to upload a new selfie for every event you attend.
• Event photos are retained per the photographer's plan's gallery-retention window.
• Generated zip downloads expire 4 days after they are created.

We share data only with infrastructure providers needed to operate the service (object storage, transactional email, hosting, payment processing). These providers are bound by their own data protection terms. We never share your selfie or face embedding with the photographer or any other guest.

You can request a copy of the data we hold about you, ask us to correct it, or ask us to delete it. Contact support@fotomeai.com and we will respond within 30 days.

Data is encrypted in transit (HTTPS) and at rest. Passwords are stored hashed. Access to the database is restricted and audited. No service is ever 100% secure, but we follow industry-standard practices to protect your data.

We may update this policy as the product evolves. Material changes will be communicated via email or an in-app notice before they take effect.

Questions about this policy? Email support@fotomeai.com.