Legal & Privacy

{Pic-Time} politique de confidentialité

[Last Updated: mai 2026]

This privacy policy (“Policy”) describes how Pic-Time Ltd. (“Pic-Time”, “we”, “us”, or “our”) collects, uses and discloses certain information, including Personal Data relating to you, and the choices you can make about that information.

Pic-Time develops and operates a professional online-cloud-based platform ("Platform"), hosting, storing photo galleries, and offers high-quality print fulfillment via global labs, and automated marketing tools for professional photographers (“LES PHOTOGRAPHES”) supported by AI technologies as further detailed in this Policy. The Platform enables Photographers to deliver photos, videos, and cloud-hosted galleries (“Gallery” or “Galleries”) create albums, build slideshows, blogs, and offer various services to Photographers customers (“End User”), including build-in store functionality, marketplace, CRM and use of various AI supported features. Among others, the platform enables customizable, that support Gallery delivery, inviting guests, AI gallery searches and smart storytelling grids (collectively “Services”).

This Policy which is incorporated by reference in our Conditions d'utilisation, and any other terms or documentation (together “Terms”) governs the processing and transfer of data collected in connection with individuals, including prospective customers (potential photographers engaging with Pic-Time’s marketing campaigns, assets, landing pages, ads, social media pages and website available at https://www.pic-time.com/ (“Prospects” and “website” respectively), as well as Photographer, End Users using the Services. Prospects, Photographers and End Users collectively shall be referred to as “you” unless otherwise required.

This Policy does NOT apply to:

  • Pic-Time acts as a “processor” or “service provider” (as defined under applicable data protection laws) with respect to the content uploaded to the Platform by Photographers such as Galleries, photos, etc., and processes such content solely on behalf of the Photographers. Such processing is governed by the Data Processing Addendum.
  • Job applicants, which should refer to our Job Applicants Privacy Notice, which describes our Personal Data processing practices for job applicants.
  • Employees or former employees.

The information you provide will be stored in Pic-Time’s databases and will be used solely as detailed herein. The information will not be transferred to third parties, except as detailed herein, or to the extent required to comply with legal obligations. You acknowledge that you are not under any statutory obligation to provide personal data to Pic-Time. However, if you do not provide certain personal data, we may be unable to fulfill certain purposes, such as providing specific services or responding to your inquiries. By using the Services, you agree to the collection, disclosure, storage and use of Personal Data as described in this Policy. If you do not agree with Pic-Time collecting, storing, using, or sharing Personal Data relating to you as described in this Policy, please refrain from using or otherwise engaging with our Services. You have the right to review your information and request corrections in accordance with the provisions of the Israeli Protection of Privacy Law, 5741 – 1981 (“IPPL”).  

U.S. State Privacy Specifications: see Annex A- “Additional notice for United States residents, to learn more about our privacy practices and your rights under US jurisdiction, to the extent that the California Privacy Rights Act, as amended by the California Privacy Rights Act (“CCPA”) apply to the processing of Personal Data by us please also review our Avis de confidentialité de l'ACCP which serves as a Notice at Collection and Privacy Policy as required under the CCPA.

European Regulations: To the extent that the EU and the UK General Data Protection Regulations (collectively “GDPR”)  are applicable, the lawful basis to process Personal Data Personal Data relating to you is detailed in the tables below, we provide you with information as for the lawful basis we rely on to process Personal Data Personal Data relating to you per the applicable purposes of use.

1. POLICY AMENDMENTS

We reserve the right to amend this Policy from time to time, at our sole discretion. The most recent version of the Policy will always be posted on the website. The updated date of the Policy will be reflected in the “Last Updated” heading. We will provide notice to you if these changes are material, and, where required by applicable law, we will obtain your consent. Any amendments to this Policy will become effective within 30 days upon the display of the modified Policy. We recommend you review this Policy periodically to ensure that you understand our most updated privacy practices.

2. CONTROLLER CONTACT INFORMATION
Pic-Time Ltd. is the controller that determines the means of the processing of Personal Data.
You may contact us and our privacy team as follows:

  • For privacy inquires, email to our Data Protection Officer (“DPO”): dpo@pic-time.com
  • By Mail Livne 13, Caesarea, 3099429, ISRAEL
  • For general inquiries, by email: info@pic-time.com
  • For technical support, by email: support@pic-time.com

Data Protection Representative:

We value your privacy and your rights as a data subject and have therefore appointed Prighter Group with its local partners as our privacy representative and your point of contact for the following regions:

  • United Kingdom (UK)
    Prighter Ltd
    20 Mortlake Mortlake High Street, London, SW14 8JN, United Kingdom
  • European Union (EU)
    Maetzler Rechtsanwalts GmbH & Co KG
    ��    Schellinggasse 3/10, 1010 Vienna, Austria

Prighter gives you an easy way to exercise your privacy-related rights (e.g. requests to access or erase personal data). If you want to contact us via our representative, Prighter or make use of your data subject rights, please visit the following website: https://prighter.com/q/18322104981

3. PERSONAL DATA PROCESSED, PURPOSE OF USE, LAWFULL BASIS  

For the purpose of this Policy, “Personal Data” means information that identifies an individual or that can reasonably be used to identify an individual, either directly or indirectly, as further defined under applicable data protection laws (for example, “personal information” or “personally identifiable information”). Personal Data may also include types of information that are defined under applicable data protection laws as “Sensitive Personal Data” (and may be further defined under applicable data protection laws as “highly sensitive information”, “special categories of personal data”, “sensitive personal information”, etc.)

As detailed below, we may, in our role as a processor (as defined under GDPR) collect or process Personal Data as well as Sensitive Personal Data such as data constituting children's photographs, or revealing biometric data, sexual or nude photographs, etc.

We will not sell, lease, trade or otherwise profit from Personal Data relating to you that is constituted as Sensitive Personal Data, nor will any of our vendors, service providers or partners who have access to such data be permitted to do so.

The table below details the processing of Personal Data, the purpose, lawful basis and processing operations:

PROSPECTS

We process your information for marketing and sales purposes, including identifying and engage leads and prospective customers (i.e., potential Photographers) through our digital assets, campaigns, website, analyze how our website and other digital properties are used, perform analytics and reporting, collect and evaluate feedback, identify usage trends, measure the effectiveness of our marketing campaigns, including affiliation with ambassadors, influencers, and improve our marketing and sales activities. This includes processing the following categories of data:
BASE DE DONNÉES OBJECTIF ET FONCTIONNEMENT LAWFUL BASIS
(UNDER THE GDPR)
Analytics, Marketing & Telemetry Data Related to you: When you visit our website, we automatically collect certain technical information, such as your IP address, Cookie ID, and other unique identifiers (collectively, “Online Identifiers”) as well as device related information (type pf device, OS, language, etc.) These Online Identifiers may be used to derive additional details, such as your approximate geographic location (for example, your country or ZIP code), your interests – how long you browsed or website, if you clicked on an ad leading to our website, duration and use (“Online Usage Data”). Operate the website and enable its proper functionality, audit and improve our website, products and services and debugging, enhance security, monitor, error corrections, perform activities to maintain the quality or safety of our digital marketing assets.  Understand your preferences to enhance and personalize our offering, marketing and sale offers, insights.  Analytics, operations, targeting, and advertising, including measure effectiveness of campaigns, track conversions, build targeted audience, and market our Services. Online Identifiers collected through strictly necessary cookies that are required for the basic operation of the website are processed based on our legitimate interest. These cookies enable features such as adding a cart, checkout page, etc. Online Usage Data is processed subject to your explicit consent provided through the cookie banner placed on the website. You may withdraw at any time by using the cookie preference settings available within the footer: https://www.pic-time.com/legal/cookie-declaration
Your Contact Information and Communications: If you voluntarily contact us, by sending us an email, by submitting a review, you will be asked to share Personal Data. depending on the nature of your inquiry, this information may include your full name, email address, home or business address, phone number (“Contact Information”). Regarding email communications, either direct marketing or registering to Pic-Time’s newsletter, we may collect data such as whether an email was opened, when it was opened, whether links were clicked, and response timing. We may also collect technical information such as IP address, approximate location, device type, and email, as well as unique identifiers associated with each email (“Email Activity Data”). Contact Information and Communications Data will be used to: respond to your inquiries, comments, and questions, provide you with requested information; send related information, including updates, communicate about events or webinars and new features or discounts (“Direct Marketing”); improve our Services, sales, support, and AI operations (chat AI), offering improved Services. We use Email Activity Data and Communications Data to improve, develop, maintain, and enhance the quality of our sales activities, to provide staff and AI agent training (for example, in connection with recorded or monitored phone or Zoom calls), and to train our marketing staff. We process such Contact Information subject to our legitimate interest.  Direct Marketing processing is based on our legitimate interest. You can opt-out at any time using the “unsubscribe” option within the body of the message. Marketing activities processing is based on consent which you can withdraw at any time through the cookie settings, or “unsubscribe” option within the body of the message.
ChatAI specifications: We use AI powered chat placed on the website (“Chat AI”) which generates automated responses to Prospects’ inquiries. While using the Chat AI we will process the instructions and questions you insert and the responses generated (“Chat Communications”). Any use of AI features is subject to the Acceptable Use Policy available here: https://www.pic-time.com/legal/ai-aup Chat Communications shall not include Sensitive Data, Chat Communications, any other communication between us – whether by email, phone, Zoom, Chat, or other channels – may be processed, recorded and automatically transcribed by AI tool (“AI Transcription”). and stored (collectively “Communications Data”). For US related specifications, please see Annex A below. Pic-Time’s Chat, including any AIassisted features, is monitored and recorded, transcripts and related technical data are processed to provide support and improve service quality, and thirdparty processors act only on Pic-Time’s instructions and are contractually prohibited from any independent use of Chat Communications or Online Identifiers. The use of Chat AI is voluntary and based on your consent. Recording the call is based on your consent. By initiating a Chat conversation, you provide prior consent to the monitoring and recording of the chat and to the receipt and processing of those Chat Communications by Pic-Time’s service providers as AI agents, and LLMs. Session replay, or telemetry tied to Chat will not activate until after the you have provided consent through the Cookie Platform manager and notice. The use of Communications Data is based on our legitimate interest in developing and improving our services, marketing and sales activity. 

PIC TIME EXPERT HUB
Pic Time Expert Hub - https://theexperthub.pic-time.com/
If you use Expert Hub, as a publisher or viewer we will collect Personal Data as detailed below
When you add a review you will submit contact information, name, phone number, and the review. The comment and review shall be professional only. If you request, Pic Time will connect you to the expert. For the purpose of publishing your review Publishing your review is subject to your voluntary consent. Further connecting you to an Expert is subject to your explicit opt-in consent.
Expert information made available through the hub solely includes the expert’s full name. Promoting the expert within the Hub and generating leads to such Expert. Publishing Personal Data related to the Expert is subject to Pic-Time’s contract with such Expert.

LES PHOTOGRAPHES
Pic Time Expert Hub - https://theexperthub.pic-time.com/

Pic-Time processes Personal Data such as contact information, tracking data, business purposes, including to provide and administer the Services, operate and secure the platform, validate and authenticate users, provide customer support, conduct customer surveys, perform data analytics and audits, collect and evaluate feedback, identify usage trends, measure the effectiveness of our marketing campaigns, and evaluate and improve our products, services, marketing, and customer relationships.
BASE DE DONNÉES OBJECTIF ET FONCTIONNEMENT LAWFUL BASIS
(UNDER THE GDPR)
Registration Information: In order for you to access our Services, Platform or certain features on the website (including the free trial), you will need to register and create an account (“Account”). As part of the registration as a Photographer, you will be requested to provide us with certain information such as your full name, email address, phone number, tax ID, username, and password. You are also able to log in through your email or social media accounts (i.e., Gmail, Facebook and Instagram), if you do so we will receive your publicly available information (name and email address). (collectively “Registration Information”). We use the Registration Information to manage, support, and provide the Services, such as creating your Account, verifying your identity, and enabling the Services. We will further use it to personalize the Service and send you marketing communications, service-related communications, and support services. We process Registration Information for the purpose of performing our contract with you, subject to our Terms of Service. Processing for Direct Marketing purposes is subject to our legitimate interest. You can opt-out at any time using the “unsubscribe” option within the email. Please note that if you choose to unsubscribe from our direct marketing, we will still retain your contact details and send you service-related emails, such as invoices.
Expert information made available through the hub solely includes the expert’s full name. Promoting the expert within the Hub and generating leads to such Expert. Publishing Personal Data related to the Expert is subject to Pic-Time’s contract with such Expert.
Payment Information: as part of the Services, you may need to provide us with your payment details your name, full address, phone number, and payment information (e.g., credit card or PayPal UID); however, we do not collect any credit card information, as we use third party payment processors, pursuant to their privacy policy linked (“Payment Information”). For recurring payments, we will keep the last 4-digits of the credit card. The Photographer may include built-in storefront where photographers can sell prints, albums, and frames. Payments can be processed either directly and independently by Photographer or through Pic-Time’s payment solution. We will process this information for billing purposes, for the purpose of enabling you to use the Services. We process Payment Information as part of the performance of our contract with you. Subject to legal obligation, we may record transaction information, such as your payments and purchase history.
Customer Support: When Photographers or Photographers’ clients contact us for customer support, we will collect and retain customer support communication, correspondence, Contact Information (as defined above), as well as records of our communications which may include email correspondence, chat correspondence, call recording or other means of communication (Collectively “Customer Support Data”). The support services can be provided by humans and automated troubleshooting tools (“AI support bot”). Chat AI monitors, tracks and conducts session recording. Do not upload any Personal or Sensitive Data to the Support AI, any use is subject to the AUP: https://www.pic-time.com/legal/ai-aup In certain cases, the support representative will need to identify you and might ask additional personal questions. Customer support calls and chats are recorded and kept. We use Customer Support Data to: communicate with you, provide and enhance the Services, improve and develop the Services, correct errors; internal records to evidence the support was provided or in the event we find needed subject to any potential, actual or threatened claim or dispute with us; we use Customer Support Data to train and test our help center and AI support bot, validating updates and ensuring the AI support bot performs correctly while avoiding inaccurate or inappropriate responses; information provided through the customer support is processed for authenticating you. We may use Customer Support Data to train and test our “help center” content and the AI Support bot. We process such information for performing our contract with you. The use of Customer Support Data is based on our legitimate interest in improving our Help Centre. Prior to using the Support AI bot, we will obtain your consent for monitoring and session recording. If any calls are recorded, you will provide your consent prior to such recording.
Usage Data: When you access or use our Platform or Services, information regarding such use is automatically generated and collected, which may include the click stream within the Platform, the use of the Services (i.e., accessed or used by you) session recording, and the time spent on those pages or features, crash data and analytics, crash and errors, your purchases, etc. (“Usage Data”). Such data might be considered as Personal Data, when it is linked to or combined with other types of identifying data such as online identifiers, account, email address, username, etc. Usage Data includes transactions as well, purchased subscriptions, upgrades and renewals, purchased features, etc. We use this information to help us to understand how you are using our Platform, and how to better provide and improve our Services. This helps us to better understand our business, analyze our operations, maintain, improve, innovate, plan, design, and develop the Service and our new products. In addition, we may use this data for statistical analysis to evaluate and enhance our offerings. Based on the insights gained from this processing, we make decisions to improve our Services. Additionally, we may share and publish these statistics in an aggregated format through blogs, posts, and various publications. We process such data subject to our legitimate interest.

END USERS AND GUESTS
Pic Time Expert Hub - https://theexperthub.pic-time.com/

A Photographer may send his/her client with links to their albums, these End Users are the owners of the specific images and videos, albums or Galleries that he/she was invited to. As owners, they can invite additional guests to view the album (“Guests”), by sending them an invitation through the Platform (using the CRM). A Photographer may also send professional collaborators, venues, florists, magazine editors, and similar third parties who collaborated on the event links or invitations to the specific Gallery ("Affiliate Vendors"). Further, End Users, Guests and Affiliate Vendors can purchase merchandise, use AI features, etc. in which Pic-Time as Photographer’s service provider/processor, will process End User Personal Data, as well as Guests’ Personal Data as stated in this section below.
BASE DE DONNÉES OBJECTIF ET FONCTIONNEMENT LAWFUL BASIS
(UNDER THE GDPR)
Registration Information: To access a Gallery, End User or Guests, as applicable, will receive an invite through email with a link, leading to registration page and access of the Gallery. Registration Information includes name, email, passwords, and access logs. In certain cases, with End Users and Affiliated Vendor the Photographer adds contact information to the Platform and sends the invitation to view the photos or the Gallery directly from the Pic Time CRM. Registration information is processed to enable secure access and authenticate access, secure the Platform. We will use such information to operate, provide, maintain, protect, and manage our Services, send you the merchandise ordered, etc. We will use and process payment information to enable the transaction. Pic-Time uses third party payment processors pursuant to their privacy policies linked (“Purchase Information”). We may further process Usage Data for statistical analysis, service improvement, and performance testing. We further may use the Commercial Information and the Usage Data to create segments on End Users (using aggregated insights) and may use those segments and insights to optimize Photographers up sales (i.e., by using “look alike” insights and providing recommendations to Photographers with similar users and albums. Pic Time AI models may train using a small fraction of images from Photographers who have opted in to the AI Search Features. The email is provided by the Photographer which sends End User or Affiliated Vendor with the registration link and marketing materials by using Pic-Time CRM. Pic-Time is solely the processor and will not use the Personal Data. We may share and publish anonymized, aggregated statistics through various publications like blogs and posts. Where the data is aggregated and anonymized, it shall be considered as non-Personal Data. Commercial Information and Fulfilment operations are processed of behalf of Photographer, in Pic-Time role as a processor (or equivalent term) and is subject to the Data Processing Agreement. Purchas Information is recorded and stored subject to legal obligation, to keep record of transactions and purchases. Authenticating, securing access, improving or developing the Services, is processed based on legitimate interest. Otherwise, any End User information is processed for performing our contract with the Photographer as applicable, Pic-Time as the Processor/Service Provider will base processing on the Photographers’ lawful bases. This Information will be processed for performing our contract with the Photographer. As a processor acting on behalf of the Photographers, we process this data only on the Photographers documented instructions and in accordance with a data processing agreement, such as Pic-Time’s. Where your consent is required, Pic Time will provide applicable consents and notices on behalf of Photographer. We will not train on End User or Guest Face Data without obtaining consents.
Commercial Information: Photographers may offer storefront where they sell certain merchandise, prints, albums, and frames. Pic Time provides fulfillment services that include placing the order and delivering to End User and process the payment on behalf of Photographer to the extent requested. When payment and fulfillment is provided by Pic-Time is processed through the Platform, Pic-Time will process full name, address, email address, phone number and payment details.
Usage Data: When End Users, Affiliated Vendor or Guests accesses the Gallery, we will process the Online Identifiers and Usage Data, logs, as defined above.

Please note that the actual processing operation for each purpose of use and lawful basis detailed in the table above, may differ. Such processing operation usually includes a set of operations, made by automated means, such as collection, storage, use, disclosure by transmission, erasure or destruction. Transfer of Personal Data to third party countries as further detailed in the International Transfer of Data section is based on the same lawful basis as stipulated in the table above.

In addition, we may use certain Personal Data to prevent potentially prohibited or illegal activities, fraud, misappropriation, infringements, identity thefts and any other misuse of the Services and to enforce the Terms, as well as to protect the security or integrity of our databases and the Services, and to take precautions against legal liability. Such processing is based on our legitimate interests.

4. FACE GROUPING, AI SEARCH FEATURE, BIOMETRIC DATA

Pic-Time’s AI Photo Search feature enables End Users’ and Guests, clients, or Vendors to easily view and organize their most relevant images directly from the Gallery, such as finding photos of their grandparents, group photos, or themselves on the dance floor (“AI Photo Search”). This feature is intended to help the Gallery owner (i.e., End User) and permits viewers to quickly find photos, organize albums, and deliver images more efficiently. It is never used, or will be used, to verify a person’s identity or to enable face recognition outside the context of the relevant Gallery, a name is never associated with a face, and the feature is by default disabled, if enabled it is at Photographers explicit opt-in consent. The AI Photo Search feature is not designed or intended for identity verification, fraud detection, or other security-related uses and Pic-Time does not guarantee that the feature will produce accurate, complete or error-free results.

The AI Photo Search includes the following: (i) Guests can take a selfie and search for their pictures (“Selfie Search”); (ii) AI Photo filter helps make selections of photos from End Users’ Galleries, it will identify the photos associated with the key word, for example: “flowers”, filename, keywords, vendors, favorites, flagged and starred images, among other filters, see here for more details (“AI Image Filter”); and (iii) images are indexed as they are uploaded (“Face Grouping”).  Face Grouping is probabilistic and may not always be accurate. Groupings are suggestions and may require review or correction by the photographer or end user. If you believe you were grouped in error, you can request correction or deletion at any time.

This section explains how face grouping technology, image recognition and classification, selfie searches, and AI Photo Search features works and how we handle biometric information. AI Photo Search feature uses AI models to identify faces through bounding boxes and employ five-point alignment, mapping the eyes and mouth, to level images for consistent processing. Once aligned, the system generates a 512-dimensional numerical feature vector, an abstract mathematical embedding used solely for clustering and search within the specific Gallery (“Face Data”).

If the feature is enabled, the Platform, through internally developed AI models, processes pixels in photos to detect facial regions and generate mathematical representations of facial features (often called embeddings, templates, or vectors), along with technical metadata such as detection confidence, bounding boxes, and timestamps. We may also store user selections that confirm or correct groupings. For Selfie Search, Face Data is not stored and is used for that specific session. Once the Guest leaves the Gallery the Face Data is deleted, it the Guest accesses and uses this feature again, it will need to take another Selfie.

We use Face Data and related technical data solely to provide, operate, improve, and support the AI Photo Search feature within the Gallery where it is enabled. Pic-Time has developed an exclusive AI model that stays within End Users/Guests/Photographers’ Account, ensuring that all your data will continue to be secure and not shared by third parties. We do not sell or share Face Data and we do not permit our service providers (and AI system providers, to the extent applicable) to use Face Data or related information for their own purposes. We do not use Face Data to identify a person across different Photographers’ Accounts, across unrelated Galleries, or to build profiles. We do not use Face Data to make legal or similarly significant decisions about individuals.

The Photographer who owns the Gallery is the controller of Personal Data processed in that Gallery, and Pic-Time acts as the processor or service provider (as applicable and defined under applicable privacy regulations) on the Photographer’s instructions. Therefore, we process Face Data and potential biometric information only to provide the Face Grouping feature to the Photographer and its End Users, we rely on the Photographer to provide any required notices and obtain any required consents from End Users (or “Non-Users” as defined above). Requirements for biometric data vary by jurisdiction. Where consent is required, the feature will be offered only after the End User (or, where applicable, the Photographer on the End User’s behalf) provides a clear, informed optin. Where consent is withdrawn or declined, Face Grouping will be disabled and associated biometric data will be deleted.

We or the Photographer will provide clear, written notice describing the purpose and duration of collection, and we will obtain a written or electronic release, where required, before collecting or creating Face Data.

Depending on the applicable laws, some of the information collected by the facial recognition feature may be considered "biometric data". You will be able to opt-out of such data collection by opting out of the facial recognition feature altogether. Face recognition-related data, including biometric data that we process solely on behalf of the Photographer in our capacity as a processor, will only be used to provide the Services.

We do not link Face Data to an identified person or other personal information, and Photographers or Photographers’ End User or Guests cannot name a face. We process such information to provide the face grouping feature, to comply with our contractual obligations towards the Photographers and as part of delivering our Services to them.

In jurisdictions with specific biometric privacy requirements, the following applies:

  • Notice and consent. We or the Photographer will provide clear, written notice describing the purpose and duration of collection, and we will obtain a written or electronic release, where required, before collecting or creating face embeddings.
  • We or the Photographer do not sell, lease, trade, or otherwise profit from biometric identifiers or biometric information.
  • We or the Photographer do not disclose biometric identifiers, the AI models are developed internally by Pic Time and are not hosted by third party providers.
  • We or the Photographer maintain a publicly available retention schedule and guidelines for permanently destroying biometric identifiers and information when the initial purpose for collection has been satisfied or within the period required by applicable law, whichever occurs first.
  • We store, transmit, and protect biometric identifiers and information using a reasonable standard of care within our industry and in a manner that is the same as or more protective than the way we store, transmit, and protect other confidential and sensitive information of a similar kind.

To exercise your rights or make a request related to Face Grouping or biometric information, please use the methods described in the “Your Privacy Rights” section of this policy. We act as a processor for your Photographer, we may route or refer your request to the photographer, and we will assist them in responding as required by law.

5. HOW WE COLLECT YOUR INFORMATION

Depending on the nature of your interaction with us, we may collect the above detailed information from you, as follows:

  • Automatically, when you visit our website or interact with the Platform, including through the use of Cookies (as detailed below) and similar tracking technologies.
  • Provided by you voluntarily – we will collect information if and when you choose to provide us with the information, as through the Services, contact us communications, registration, etc. If you choose to provide information to Pic-Time, you represent and confirm that the information provided by you is true, accurate, and up to date. In addition, as a Photographer, if you provide us with Personal Data relating to another individual, including Photographers’ clients, you represent that you have obtained all necessary and valid consents and permissions required to disclose such Personal Data to us including Sensitive Personal Data.
  • Provided by Third Parties – as detailed above, our Photographers may provide us with your photographs or email address.

6. COOKIES AND SIMILAR TECHNOLOGIES

We use “cookies” or similar tracking technologies when you access the website or interact with the Services we offer. The use of cookies is standard industry-wide practice. A “cookie” is a small piece of information that a website assigns and stores on your computer while you are viewing a website. You can find more information about cookies at http://www.allaboutcookies.org/.

Cookies can be used for various purposes, including allowing you to navigate between pages efficiently, for statistical purposes, as well as for advertising purposes. You can find more information about our use of cookies, as well as change your settings and preferences, as detailed in our Cookie Policy: https://www.pic-time.com/legal/cookie-declaration.  

7. DATA SHARING– CATEGORIES OF RECIPIENTS WE SHARE PERSONAL DATA WITH

We share Personal Data relating to you with third parties, including our partners or service providers that help us provide our Services. When we share data with service providers and partners, we ensure they only have access to such information that is strictly necessary for us to provide the Services. These parties are required to secure the data they receive and to use the data for pre-agreed purposes only while ensuring compliance with all applicable data protection.

You can find here information about the categories of such third-party recipients:

(a) Service Providers: service providers process Personal Data on Pic-Time’s behalf and are limited to using such Personal Data solely for the purpose of providing the services, specifically-  

  • General Service Providers: Process various Personal Data such as Online Identifiers, Usage Data, Registration Information, photos, images, videos, for the purpose of hosting, storing, analytics, and marketing the Services. These entities are prohibited from using Personal Data relating to you for any purpose other than providing us with requested services and include cloud hosting providers, CRM, internet service providers, operating systems, data and cyber security services, fraud detection services, billing and payment processing services, Apple Store, etc.
  • Third party AI System Providers and Models. Process photos, images, videos, and Galleries in general.
  • Trackers and Analytic Providers, Marketing Providers: We share with our marketing and sales service providers (i) Contact Information; (ii) Online Identifiers; (iii) Chat Communications; (iv) Email Activity Data; and (v) Communications Data.
  • Billing and payment processing services: process Personal Data you provide them in order to purchase the subscription, as further detailed in the Subscription Terms.
  • Photo labs, merchandises providers and related service providers: we may disclose Registration Information, Payment Information, Customer Support Data, Usage Data, and Photographs such Personal Data to our service providers (including, but not limited) payment processors, printing partners, deliveries and marketing providers, photo labs,

(b) Subsidiaries and Affiliated Companies: We may share Personal Data, internally within our group or in the event of a corporate transaction (e.g., sale of a substantial part of our business, merger, consolidation or asset sale). In the event of the above, our affiliated companies or acquiring company will assume the rights and obligations as described in this Policy. Such recipients process all Personal Data except for data which is stored locally on your device.

(c) Authorities, Security Providers, Governmental Agencies: For protecting rights and safety of our Services and Apps, we may share Personal Data with others if we believe in good faith that this will help protect the rights, property or personal safety of users or individuals, or any members of the public. This will include legal and law enforcement purposes, meaning, in response to a verified request relating to terror acts, criminal investigations or alleged illegal activity or any other activity that may expose us, you, or any other user to legal liability, and solely to the extent necessary to comply with such purpose. Such disclosure or access may occur if we believe in good faith that: (a) we are legally compelled to do so; (b) disclosure is appropriate in connection with efforts to investigate, prevent, or take action regarding actual or suspected illegal activity, fraud, or other wrongdoing; or (c) such disclosure is required to protect our legitimate business interests, including the security or integrity of our services. The Personal Data could include any Personal Data except for data which is stored locally on your device, depending on the purpose and needs.

8. YOUR RIGHTS

We understand that privacy preferences vary among individuals, and we are committed to transparency regarding the Personal Data we collect and how it is used. Depending on your relationship with us, your location, and applicable data protection laws, you may have certain rights and choices with respect to your Personal Data. We usually provide individuals with the rights to exercise the rights under the GDPR as a benchmark, these rights include rights to access Personal Data, portable Personal Data, delete Personal Data or opt-out, withdraw consent of processing Personal Data, among others, for more information please see:  https://commission.europa.eu/law/law-topic/data-protection/information-individuals_en.

The US state laws provide similar rights with certain differences, in the US supplement available in Annex A and the Avis de confidentialité de l'ACCP, you.  

Where the IPPL applies, you have the right request deletion of your personal data maintained in our email marketing database, and request to inspect, correct, or delete certain Personal Data, in each case as described in, and subject to, the requirements of our Data Subject Request (DSR) process (including the DSR Form).

The principal rights that may apply to Personal Data relating to you (subject to your jurisdiction and additional conditions) may include:

  • Droit d'être informé, droit de savoir et droit à une liste de tiers spécifiques
  • Access rights, right to inspect Personal Data relating to you
  • Right to correct
  • Droit à l'oubli, droit à la suppression
  • Droit à la portabilité
  • Right to Object, Right to Restrict Processing

End users may request that Face Grouping be turned off for a gallery and may request deletion of face embeddings and related technical data associated with them. Where available, inproduct controls allow users to correct or remove groupings and to opt out for future sessions. End users may also contact us or the Photographer to exercise access, deletion, or objection rights.

Certain rights can be easily executed independently by you without the need to fill out the DSR Form:

  • As a Photographer, you can correct certain data provided under your Account (such as contact information) through the account settings;
  • You can opt-out from receiving our emails by clicking “unsubscribe” link;
  • You can delete Photographs;
  • You can use the cookie settings tool on our website to change your preferences.

For additional information on your rights and how to exercise your rights, please see the Data Subject Request (“DSR”) form available HERE, and sending it to: dpo@pic-time.com.

If the appeal is denied, you may submit a complaint to the applicable authority.Where the GDPR applies, you have the right to lodge a complaint with the applicable Data Protection Authority in the EU or the Information Commissioner in the UK.

9. DATA RETENTION

In general, we retain the Personal Data we collect for as long as it remains necessary for the purposes set forth above, all under the applicable regulation, or until you express your preference to opt-out (where applicable), or terminate your use of the Services, or you request to delete Personal Data relating to you.

Other circumstances in which we will retain Personal Data relating to you for longer periods of time include: (i) where we are required to do so in accordance with legal, regulatory, tax, or accounting requirements; (ii) for us to have an accurate record of your dealings with us in the event of any complaints or challenges; or (iii) if we reasonably believe there is a prospect of litigation relating to Personal Data relating to you. Please note that, except as required by applicable law, we may at our sole discretion, delete or amend information from our systems, without notice to you, once we deem it is no longer necessary for such purposes.

We retain Face Data and related technical data only for as long as they are needed to provide the Face Grouping feature for the relevant Gallery or as required by law. When the feature is turned off for a Gallery, when the Gallery is archived or deleted, or when we no longer need the data for the stated purpose, we permanently delete it from our database. We follow the Photographer’s documented instructions on retention and deletion, consistent with applicable law.

10. SECURITY MEASURES

At Pic-Time, security is our highest priority. We have implemented physical, technical and administrative security measures for the Services that comply with applicable laws and industry such as: encryption using SSL, we minimize the amount of data that we store on our servers, restrict access to Personal Data to Pic-Time employees, contractors and agents, etc. To learn more, you can review our POLITIQUE DE SÉCURITÉ.

Note that we cannot be held responsible for unauthorized or unintended access beyond our control, and we make no warranty, express, implied, or otherwise, that we will always be able to prevent such access.  

We implement technical and organizational measures designed to protect biometric information, including access controls, encryption in transit and at rest, rolebased limitations, and data minimization. We restrict internal access to biometric information to personnel and systems with a need to know for the purposes described in this section

Please contact us at: dpo@pic-time.com if you feel that your privacy was not dealt with properly, in a way that was in breach of our Policy, or if you become aware of a third party's attempt to gain unauthorized access to any of Personal Data relating to you. We will make a reasonable effort to notify you and the appropriate authorities (if required by applicable law) in the event that we discover a security incident related to Personal Data relating to you.

11. INTERNATIONAL TRANSFER OF DATA

Our data servers in which we host and store the information are located in the EU, the US and Australia. The Company’s HQ are based in Israel in which we may access the information stored on such servers or other systems such as the Company’s ERP, CRM, Salesforce, and other systems. We will take appropriate measures to ensure that Personal Data relating to you receives an adequate level of data protection upon its transfer. When Personal Data that was collected within the EEA is transferred outside the EEA, we will take necessary steps in order to ensure that sufficient safeguards are provided during the transferring of such Personal Data. You may exercise your rights, where applicable, to receive information regarding the transfer mechanism that was used during such transfer. Personal Data transferred outside the EEA is transferred, in all cases pursuant to standard contractual clauses approved by the European Union ("SCCs"). Additionally, following the withdrawal of the United Kingdom (“UK”) from the European Union on janvier 31, 2020, the UK is no longer considered to be a part of the EEA and therefore, the transferring of Personal Data from the EEA to the UK will also be subject to the SCCs or other contractual clauses that will ensure the security of the Personal Data (pending an adequacy decision from the European Commission).

12. ELIGIBILITY AND CHILDREN PRIVACY

Pic-Time website and Services the Services are not intended for use by children (the phrase "child" shall mean an individual that is under the age defined by applicable law), and we do not knowingly process children's information. We will discard any information we receive from a User that is considered a "child" immediately upon discovering that such a User shared information with us. Please contact us at: dpo@pic-time.com if you have reason to believe that a child has shared any information with us.

ANNEX A- ADDITIONAL NOTICE FOR UNITED STATES RESIDENTS

Information provided below supplements the information contained in this Privacy Policy and applies to residents of such states. These additional disclosures are intended to provide you with additional information regarding our handling of Personal Data relating to you and certain consumer rights.

Residents of certain U.S. states (depending on the applicable state law, acting as an individual or in the household context only and not in a commercial or employment context, as a job applicant or as a beneficiary of someone acting in an employment context or as representative of a business), may have additional rights under applicable privacy laws and be entitled to additional disclosures.

Personal Data” under applicable US privacy laws, generally means any information that is linked or reasonably linkable to an identified or identifiable individual (and usually does not include publicly available information that is lawfully made available from government records, or that a consumer has otherwise made available to the public; de-identified or aggregated consumer information; or information excluded from the states laws scope.

Sensitive Data” includes data revealing racial, ethnic or national origin; religious beliefs; information regarding an individual’s medical history, mental or physical health condition, diagnosis or medical treatment; neural data; status as transgender or non-binary; sex life or sexual orientation; status as a victim of a crime; citizenship or immigration status;  genetic or biometric data; Personal Data collected from a known child; and precise geolocation data. We will obtain your consent before collecting Sensitive Data, such as the biometric identifiers described above, even if they are not used to identify you.

We are required to provide you with a clear and accessible privacy notice that includes the categories of Personal Data processed, the purpose of processing, the categories of Personal Data shared with third parties, the categories of third parties with whom Personal Data is shared, the categories of Personal Data that is sold or used for targeted advertising, if any, the categories of third parties to whom the Personal Data is sold, if any, a list of your data rights and instructions for exercising those rights and appealing decisions, and out contact information. This information is detailed under this Privacy Policy and further below.

  1. Categories of Personal Data & Categories of Third Parties with Whom Personal Data is Shared:
    Under Section 3 of the Policy “3.PERSONAL DATA PROCESSED, PURPOSE OF USE, LAWFULL BASIS”, we describe our collection and processing of Personal Data, the categories of Personal Data that are collected or processed, and the purposes for which Personal Data is processed, stored or used. We will not collect additional categories of Personal Data or use the Personal Data we collected for materially different, unrelated, or incompatible purposes without obtaining your consent, unless we are otherwise entitled, required or permitted under applicable laws.
    Additionally, under Section 8 of the Policy “7. DATA SHARING– CATEGORIES OF RECIPIENTS WE SHARE PERSONAL DATA WITH we detail and disclose the categories of third parties we share Personal Data with for a business purpose.
  2. Chat and AI‑Assisted Support, Specifications:  
    We offer website chat support, which may include automated assistance that uses artificial intelligence to help generate replies. Our chat is monitored and recorded, and we create and store chat transcripts to provide support, ensure quality, and improve the service. We engage third‑party service providers to operate and support the chat on our behalf. These providers act under our instructions, are contractually prohibited from using chat data for their own purposes and may not disclose chat data except to provide services to us or as required by law.
    Before you start a chat, we will ask you to provide your consent to the monitoring and recording of the conversation and to our use of service providers to receive and process the chat on our behalf. If you do not consent, please do not use the chat. Do not share sensitive personal information (for example, government identifiers, financial account numbers, or health information) in chat. We retain chat transcripts only as long as needed for the purposes described above and then delete or de‑identify them. You may request access to or deletion of your chat transcripts through our Privacy Requests page. We do not sell or share chat transcripts for cross‑context behavioral advertising.
  3. “Sale” of Personal Data:
    Under US privacy laws, in principle, the term “sale” refers to disclosing or making available Personal Data to a third-party in exchange for monetary or other valuable consideration, including for targeted advertising purposes. We do not “sell” information as this term is commonly understood, meaning - we do not, and will not, disclose Personal Data relating to you in direct exchange for money or some other form of payment. However, subject to the definition of the term “sale” under applicable US privacy laws, our practice of using “cookies or other third-party advertising services and sharing Personal Data for such purpose promoting our Services and Platform is considered a “share” and “sale”.
    Such practice includes the following Personal Data categories shared with these third parties: Identifiers – online identifiers such as IP and Cookie ID; Internet and electronic network activity information – such as your engagement with our Website, ads that referred you to the Website, and geolocation data – derived from IP.
  4. Consumer Rights Related to Their Personal Data:
    Residents of certain US States may have additional rights under applicable privacy laws, subject to certain limitations, which may include:
    • Access – the right to confirm whether we are processing their Personal Data and to obtain a copy of their Personal Data in a portable and, to the extent technically feasible, readily usable format.
    • List of Third Parties – the right to receive a list of the specific third parties to which we have disclosed either Personal Data relating to you or any Personal Data.
    • Delete – the right to request us to delete their Personal Data provided to or obtained by us.
    • Correct – the right to request us to correct inaccuracies in their Personal Data, taking into account the nature and purposes of the processing of the Personal Data.
    • Opt-Out – the right to opt out of certain types of processing, including: (i) to opt out of the “sale” of their Personal Data; (ii) to opt out of targeted advertising by us; and (iii) to opt out of any processing of Personal Data for profiling in furtherance of making decisions that produce legal or similarly significant effects. However, as noted above, we do not engage in profiling in furtherance of legal or similarly significant decisions.
    • Appeal – the right to appeal if we decline to take action in response to your exercise of a privacy right.Non-Discrimination – the right to not be discriminated against for exercising your privacy rights.

      Section 9 under this Policy “8. YOUR RIGHTS provides additional information regarding your principal rights.
  5. Exercising Consumer Privacy Rights:
    You may submit a request to exercise most of your privacy rights under US State privacy laws by submitting a Data Subject Request form available here or sending an email to our DPO: dpo@pic-time.com.

    Further, certain rights can be exercised from the App: you may correct, revise and delete information using the App settings at any time. Additionally, any consent provided may be easily withdrawn and you may opt-out from certain features and tracking. Therefore, we recommend you use the technical solutions we have provided you with to exercise your rights.

    For certain rights, we will take steps to verify your identity and your request by matching the information provided by you with the information we have in our records. In some cases, we may request additional information to verify your identity, or where necessary to process your request. If we are unable to verify your identity after a good faith attempt, we may deny the request and, if so, will explain the basis for denial and how to remedy any deficiencies, where applicable.

    Authorized agents may initiate a request on behalf of another individual, provided that they provide proof of their authorization, and we may also require that the individual directly verify his/her identity and the authority of the authorized agent.

    We will respond to your request within the timeframe required under applicable law, and we reserve the right to extend the response time subject to applicable law requirements. If we refuse to take action on a request, we will notify you and our notification will include a justification for declining to take action and instructions on how you may appeal. Within the timeframe set out under applicable law of our receipt of your appeal, we will inform you in writing of any action taken or not taken in response to the appeal, including a written explanation of the reasons for the decisions. If the appeal is denied, you may submit a complaint to the applicable authority or Attorney General of your jurisdiction.
FrançaisEspañolPortuguêsjęzyk polskiDeutschNederlandsItalianoEnglish