Privacy & Biometric Notice

Effective May 20, 2026 · Notice version 2026-05-20

1. Who we are

Findpic exists to answer the two questions photographers get asked most after an event: “where did the photos go?” and “how do I get mine?” — by letting you find photos of yourself instead of digging through galleries or waiting on someone.

This is an early trial. Findpic is invite-only and running in a testing environment while we figure out the best way to do this. We are deliberately building it around our values: a genuinely useful service for both the people in the photos and the photographers who make them, with privacy treated as a priority — not an afterthought. Things here will change as we learn; this notice will be kept honest about what Findpic actually does at any given time. Questions: info@findpic.co.

2. Getting in & signing in

Because this is an invite-only trial, you ask for access on the request page and we add you manually. There is no per-event link or guest list today — you simply come to Findpic and find yourself (per-event flows may come later). Once you have access you sign in with a one-time code sent to your email, or with Google email authentication — there is no password.

3. Your selfie & face matching (biometric data)

To find your photos you choose to upload a selfie. We scan it to compute a numeric description of your facial geometry (a mathematical vector — not a stored picture) and compare that to faces in the photos photographers have put into Findpic, so we can show you the ones you appear in.

Your selfie is processed in memory for that single search and is not saved or stored. It is never added to any database, never used to identify you elsewhere, and never sold or shared. We ask for your explicit consent before you can request access — consenting to this scan is the condition of using Findpic.

4. The photos and the people in them

Photos are provided by photographers. To make matching work we derive face descriptors from the faces in those photos. These exist only inside that photographer's catalog within Findpic and are removed when the photographer's photos are removed. If you appear in photos and have a request, contact us or the photographer.

5. What we record — and what we deliberately don't

We do not record your name. When you consent and request access, the only personal detail we keep is your email address — it is your way in (the one-time sign-in code) and the single identifier in your consent record.

Purchases and free downloads. When you obtain a photo through Findpic — whether you pay for it or the photographer has set it as a free download — we record the order: your email, which photos you got, the amount (which may be $0), and the date and time. The photographer who took the photos can see this order record for their own albums. We share it with no one else.

Your consent record is intentionally minimal: your email, which version of this notice you agreed to, and the date and time — nothing else. No name. No selfie or face data is ever part of it. We keep it only so we can honor and account for your consent.

We also keep the photographer's photos and the face descriptors derived from them (see §4).

When you submit an access request we briefly store the request's IP address for one purpose only: stopping spam and abuse of this open form. It is automatically deleted after about 30 days, is never part of your consent record, is never used to identify, profile, track, or contact you, and is never sold or shared.

6. We do not sell your data — and how Findpic makes money

We do not sell, rent, or share your personal information with anyone, for any purpose. There is no advertising, no data brokering, no profiling. To be fully transparent about incentives: Findpic's revenue is intended to come only from photographers' and event organizers' subscriptions to the service, and from people buying their own photos — never from data about you. We rely on infrastructure providers (notably Cloudflare for invite-only access control) that process data only on our behalf, and we disclose data only where genuinely required by law.

7. Security

Data is encrypted in transit (HTTPS) and the finder is restricted to an invite-only allowlist. We take reasonable measures to protect data at rest.

8. Retention & deletion

Uploaded selfies are not retained (in-memory only). Your email stays on the invite list until you ask us to remove it or the trial ends. Face descriptors derived from photos are removed when the photographer's photos are removed. To request deletion of data associated with you, email info@findpic.co. One exception: we retain the minimal consent record itself as proof that consent was given and, if applicable, that your deletion request was honored — keeping that record is what lets us be accountable.

9. Children

Findpic is not directed to children under 13. You may only upload a selfie if you are 18 or older, or have a parent/guardian's permission.

10. Changes

Because this is an evolving trial, this notice will change. We will revise the effective date and version above, and for material changes to how we handle your selfie or face data we will ask for your consent again before the change applies to you.

11. Contact

Questions or requests: info@findpic.co.