GDPR Policy

The GDPR protects personal data of individuals. Personal data is any information relating to an identified or identifiable individual.

The GDPR regulates two types of persons that process personal data:

1. Controllers are persons that determine the purpose and means of processing of personal data.
2. Processors are persons who process personal data on behalf of data controllers.

Controllers are primarily responsible for compliance with the GDPR, including in relation to personal data processed by their processors. Processors have some of their own obligations, including implementing appropriate technical and organisational security measures that meet the requirements of the GDPR.

For purposes of the GDPR, Clear Choice Photo Booth is a processor, and our attendants (e.g. event professionals) are the controllers in respect of personal data of event attendees collected through the Snappic app.

As a processor, we’ve taken various initiatives to ensure Snappic’s compliance with the GDPR’s requirements (to the extent applicable) with respect to the scope of services stated in our Privacy policy and EULA . These include implementing:

1. appropriate technical and organizational measures to secure personal data processed through Snappic; and
2. policies and procedures to notify Snappic users without undue delay after becoming aware of a personal data breach, so that the users can comply with their own data breach notification obligations.

We have also taken initiatives to assist Snappic users (e.g. event professionals) to comply with their own obligations as controllers under the GDPR, such as:

1. revising our EULA (see the section on “Data Processing Agreement” below) and Privacy Policy;
2. implementing policies and procedures to assist users to respond in a timely manner to data subject requests for access, rectification, erasure and retrieval of personal data which is being processed by Snappic;
3. providing tools to assist our users to:
4. obtain consent from guests to process their personal data where required by the GDPR (including for marketing purposes);
5. display information to guests about the handling of their personal data.

See the section on “Tools to assist our users” below. Note however, that adherence to the GDPR requirements in your function as a controller is your own responsibility.

Data security is a core concern in all parts of our systems, infrastructure and processes. From a technical perspective, all our servers are fire-walled and kept updated with the latest security patches.

Algoritmo is a United Kingdom incorporated company (Registration number 12686822), located in the united Kingdom. All data on our systems is processed and stored in the United States.

One of the central themes of the GDPR is openness, including around who is processing personal data and for what purposes.

We enable you to do this by creating a privacy statement. We recommend that you do this, as not doing so places you at risk of non-compliance with the GDPR.

You can use the wording below. We also recommend that you disclose who is processing the personal data

“We have procured this app from Clear Choice Photo Booth. It enables you to take photos and link them to this event. You can also choose to share your photos on social media. When you take photos with this app, Clear Choice Photo Booth and stores your personal data on behalf of the organiser of this event. If you would like to know more about how your personal data is handled, or find out more, please contact us directly at [enter your company details].”