Last update: March 21, 2024
Foto Master reaffirms its commitment to data privacy, security, and the safeguarding of personal information. We uphold and support our users’ efforts to comply with the General Data Protection Regulation (GDPR), effective from May 25, 2018, which supersedes the former EU Data Protection Directive (Directive 95/46/EC).
This section aims to clarify the application of GDPR to the services provided by Foto Master. It is intended for informational purposes and should not be interpreted as legal advice. For comprehensive legal counsel, please consult with a legal professional regarding GDPR compliance as it pertains to your organization.
The GDPR extends protection to the personal data of individuals, defining such data as any information that relates to an identified or identifiable individual.
Under GDPR, there are two primary roles:
As a provider of cloud-based interactive services, Foto Master acts as a Data Processor, while our users — such as event organizers or businesses utilizing our services — function as Data Controllers.
As a Data Processor, Foto Master is dedicated to complying with the obligations set by the GDPR, including but not limited to:
Foto Master endeavors to assist our users in fulfilling their GDPR obligations by:
Foto Master advocates for transparency around data processing activities. To this end, we enable our users to craft a comprehensive privacy statement. It is strongly recommended that you clearly communicate to your users how their personal data is being processed.
As a Data Controller, it is imperative that you provide a privacy statement or similar disclosure at the point of data collection. A suggested template for such a disclosure is:
“[Your Company Name] has engaged Foto Master Ltd. for its [Describe the service – e.g., ‘photo booth experience’ or ‘interactive event platform’]. When you participate in our events and use our services, Foto Master processes and stores your personal data on our behalf. Should you have any inquiries regarding the handling of your personal data, please contact us directly at [Your Company Contact Information].”
If your use of Foto Master’s services involves advanced data analytics or recognition technologies, it is required to include a statement such as:
“We utilize [Describe the service or technology] to analyze event participation and provide [insert description of purpose]. This may include processing aggregated data from images captured during our events. Personal data will not be included in this analysis.”
In instances where consent is necessary for the processing of personal data, Foto Master provides tools within our services that enable users to capture affirmative consent from individuals. Here is a suggested format for consent collection:
Data Capture Notice:
“GDPR Consent: Do you wish to receive communications from [Your Company]? By enabling this, you consent to the use of your contact details provided here for [Your Company] to send you information about their products and services. You may withdraw this consent at any time.”
The relationship between a Data Processor like Foto Master and Data Controllers is governed by a DPA, which in our case, is integrated within our EULA. All users must accept the EULA terms to utilize Foto Master’s services. Any amendments to the EULA will be communicated through your Foto Master account portal.
Data security is deeply embedded in Foto Master’s operational framework. Our infrastructure is designed with robust security measures to protect against threats and vulnerabilities, and we maintain our servers with the latest security updates.
Foto Master is an international entity, and as such, data processed by our systems may be stored and processed in or transferred between any of the countries in which we operate. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy and no transfer of your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of your data and other personal information.
In accordance with Article 17 of the GDPR, individuals have the right to request the deletion or removal of personal data where there is no compelling reason for its continued processing. Foto Master respects this right and provides mechanisms for individuals to request the erasure of their personal data under the conditions set forth in the GDPR. Requests for data erasure can be submitted to Foto Master’s designated contact point for data protection inquiries, and Foto Master will assess and respond to such requests in compliance with GDPR requirements and within the time frame prescribed by law.
While Foto Master provides the tools and systems to facilitate GDPR compliance, the responsibility to adhere to GDPR requirements as a Data Controller rests with you, the user. We encourage you to actively implement measures and policies that ensure compliance with GDPR principles in your role as a Data Controller.
We'd love to hear from you