Privacy Policy: How CrowdClick Handles Your Event Photos

Last updated: 8 May 2026 (v2)

Previous versions: v1 (2026-04-19)

1. Data controller

CrowdClick is operated by Fintech Services Limited, a private limited company registered in England and Wales under company number 13338780, with registered office at Apollo House, Hallam Way, Whitehills Business Park, Blackpool, England, FY4 5FS. Fintech Services Limited is the data controller responsible for your personal data. For questions about this policy or to exercise your data rights, contact us at [email protected].

EU and UK representatives: An EU representative under GDPR Article 27 has not yet been appointed. Their contact details will be added to this policy before the paid service launches. In the meantime, you may contact us directly at the email address above. We are UK-domiciled and so do not require a separate UK GDPR Article 27 representative.

2. Information we collect

When you use CrowdClick, we collect the following categories of personal data:

  • Email address— used for authentication (sign-in via one-time code) and event invitations.
  • Full name— the name you provide when joining an event, shown to other event members.
  • Photos, videos, and guestbook entries— media you upload to event galleries, along with any embedded EXIF metadata (camera model, capture date, GPS coordinates if present). We sanitise uploader-identifying information from stored metadata.
  • Payment data— when you purchase a paid plan, we store a Stripe customer identifier linked to your account, along with purchase records (plan type, amount, currency, payment status, and transaction dates). We do not store your payment card number, expiry date, or CVV — this data is collected and processed directly by Stripe on their hosted checkout page.
  • Usage data— basic information about how you interact with the platform (pages visited, features used), collected for error tracking and service improvement.
  • Push notification tokens— if you enable push notifications, we store the subscription endpoint and cryptographic keys needed to deliver notifications to your device.
  • IP addresses— used transiently for rate limiting and security purposes. IP addresses are not stored long-term or associated with your account.

3. Legal basis for processing (GDPR)

If you are in the European Economic Area (EEA), the United Kingdom, or Switzerland, we process your personal data on the following legal bases under GDPR Article 6(1):

  • Performance of a contract(Art. 6(1)(b)) — processing your email, full name, uploaded media, and payment data is necessary to provide the CrowdClick service and fulfil our obligations under the Terms of Service.
  • Legitimate interests(Art. 6(1)(f)) — processing usage data and error logs to maintain, secure, and improve the Service. Our legitimate interest is ensuring the Service works correctly and identifying issues. This does not override your fundamental rights; we minimise the data collected and do not build advertising profiles.
  • Legal obligation(Art. 6(1)(c)) — retaining purchase and transaction records to comply with tax, accounting, and financial reporting requirements.
  • Consent(Art. 6(1)(a)) — sending push notifications (you can withdraw consent at any time by disabling notifications in your browser or device settings).

4. How we use your information

  • To authenticate you and provide access to your events.
  • To display your photos and media in event galleries visible to event members.
  • To send event invitations and authentication emails.
  • To process payments and manage your purchases.
  • To deliver push notifications about activity in your events (likes, comments).
  • To improve the platform, fix issues, and monitor for errors.
  • To comply with legal obligations, including tax and financial reporting.

We do not sell your personal information. We do not use your photos for advertising, AI model training, or any purpose other than displaying them in your event galleries and processing them as described in this policy (resizing, format conversion, thumbnail generation).

5. Photo privacy

Photos uploaded to CrowdClick are only accessible to members of the event they were uploaded to. Event organisers control access through join policies (open or invite-only) and moderation settings.

We process uploaded photos to generate optimised viewing sizes (thumbnails, medium, and large versions). The original full-resolution file is preserved. We extract EXIF metadata for display purposes and sanitise uploader-identifying information from stored metadata.

Event organisers can configure whether GPS location data is stripped from photos and whether EXIF information is visible to event members. Please be aware that your photo metadata, including GPS location data, may be visible to other event members depending on event settings configured by the organiser. You can strip metadata from photos before uploading to protect your location privacy.

6. Content safety scanning and law enforcement reporting

We scan content uploaded to CrowdClick to detect unlawful material, including child sexual abuse material (CSAM). Scanning is performed by automated tooling and third-party safety vendors acting as data processors on our behalf. Scans run on uploaded media at processing time; we do not retain scan inputs beyond what is necessary to complete the scan and to act on confirmed matches.

Confirmed CSAM. When automated scanning identifies content as a confirmed match, or when human review confirms a match, we:

  • Preserve the content, associated metadata, and account information as evidence.
  • Report the content and account to the National Center for Missing & Exploited Children (NCMEC) CyberTipline as required under 18 USC §2258A.
  • Report to UK and EU authorities (Internet Watch Foundation, NCA-CEOP, and equivalent EU bodies) where applicable.
  • Terminate the responsible account immediately under Section 19 (Suspension and termination) of the Terms of Service.
  • Cooperate with law enforcement requests, subpoenas, and lawful production orders.

Lawful basis. For users in the EEA, UK, and Switzerland, content scanning and reporting is carried out on the basis of (a) compliance with legal obligations under GDPR Article 6(1)(c) and Article 9(2)(g) where applicable, and (b) our legitimate interests in safeguarding users and the integrity of the Service under Article 6(1)(f). Where we report to authorities, the legal basis is compliance with legal obligations.

Retention of evidence. Where we are required to preserve content for law enforcement, that content is held in a quarantined location, accessible only to authorised personnel, for the duration required by the relevant authority. This may exceed the standard retention periods described in Section 10.

7. Third-party services and data processors

We use the following third-party services to operate CrowdClick:

  • Stripe, Inc.(San Francisco, USA) — payment processing. Stripe acts as an independent data controller for payment card data entered on its hosted checkout page, subject to Stripe's Privacy Policy. For the purchase records that CrowdClick stores (customer ID, amounts, dates), Stripe acts as a data processor on our behalf.
  • Cloudflare, Inc.(San Francisco, USA) — media storage (Cloudflare R2) and content delivery. Photos and videos are stored in Cloudflare R2 and delivered via Cloudflare's global CDN.
  • Railway Corp.(San Francisco, USA) — application hosting. The CrowdClick server and database are hosted on Railway's infrastructure in the United States.
  • Resend, Inc.(USA) — transactional email delivery for sign-in codes and event invitations.
  • Sentry (Functional Software, Inc.)(San Francisco, USA) — error tracking and performance monitoring. Sentry receives error reports that may include technical context (browser type, URL, stack traces) but not your photos or media content.

All third-party processors are bound by data processing agreements. We do not share your personal data with any other parties for marketing or advertising purposes.

8. International data transfers

CrowdClick's servers, database, and third-party processors are located in the United States. Cloudflare's CDN distributes cached content globally. If you are located in the EEA, the UK, or Switzerland, your personal data is transferred to the United States and potentially other countries outside your jurisdiction.

We rely on the following safeguards for these transfers, as applicable:

  • EU-US Data Privacy Framework— where our processors are certified participants (Stripe, Cloudflare, Sentry).
  • Standard Contractual Clauses (SCCs)— approved by the European Commission, incorporated into our data processing agreements with all US-based processors.
  • UK International Data Transfer Agreement / Addendum— for transfers from the UK, as applicable.

You may request a copy of the relevant transfer safeguards by contacting [email protected].

9. Data storage and security

Your data is stored securely using industry-standard practices:

  • Authentication tokens are stored as secure, HTTP-only cookies.
  • Passwords are never collected — we use passwordless one-time sign-in codes delivered by email.
  • Photos are stored in encrypted cloud storage (Cloudflare R2).
  • All connections use HTTPS with strict transport security (HSTS).
  • We implement CSRF protection, Content Security Policy, and other security headers.
  • Payment card data never touches our servers — it is processed entirely by Stripe.

10. Data retention

We retain your data for as long as necessary to provide the Service and comply with our legal obligations:

  • Event media (photos, videos, guestbook entries)— retained while the event is active. After the event access period expires, media is preserved during the grace period (30 days for free-tier events, 3 months for paid events), then permanently deleted from storage.
  • Account data (email, full name)— retained while your account exists. When you delete your account, personal data is anonymised and your identity is disassociated from uploaded content.
  • Purchase and payment records— retained for 7 years after the transaction date to comply with tax and financial reporting obligations (including HMRC, IRS, and other tax authority requirements). These records are not deleted when you delete your account, but they are disassociated from your identity to the extent possible while maintaining legal compliance.
  • Error logs and usage data— retained for up to 90 days, then automatically purged.
  • Authentication tokens (one-time sign-in codes)— expire and are deleted within 24 hours of creation.
  • Content flagged for safety review or preserved under a legal obligation— retained in a quarantined location for the duration required by the applicable authority or legal process. This retention overrides the grace-period and hard-delete schedule above, and applies even after account deletion. Once the legal hold ends, content is permanently deleted.
  • Records of CSAM reports made to NCMEC or equivalent authorities— retained indefinitely as required by 18 USC §2258A(h) and equivalent UK and EU obligations. These records contain only the metadata and report identifiers necessary to evidence compliance; the underlying content is deleted in accordance with the relevant authority's instructions.

11. Your rights

Depending on your location and applicable law, you have the following rights regarding your personal data:

  • Access— request a copy of the personal data we hold about you. You can export your data at any time from the account settings page.
  • Rectification— request correction of inaccurate personal data. You can update your full name and email through the account settings.
  • Erasure— request deletion of your personal data. You can delete your account through the account settings page, which anonymises your data. Purchase records may be retained in minimal form for tax and legal compliance for up to 7 years, even after account deletion, as required by law (see Section 10).
  • Data portability— receive your personal data in a structured, commonly used, machine-readable format. The data export feature in account settings provides a JSON download of your data.
  • Restriction of processing— request that we limit how we use your data in certain circumstances.
  • Objection— object to processing based on our legitimate interests. We will cease processing unless we have compelling legitimate grounds that override your interests.
  • Withdraw consent— where processing is based on consent (e.g., push notifications), you may withdraw consent at any time without affecting the lawfulness of prior processing.
  • Delete photos— delete photos and media you have uploaded at any time through the event gallery.
  • Leave events— leave events you have joined at any time.

To exercise these rights, contact us at [email protected]. We will respond to your request within one calendar month (or within the timeframe required by applicable law). We may ask you to verify your identity before processing your request.

Right to lodge a complaint:If you are in the EEA or the UK, you have the right to lodge a complaint with your local data protection supervisory authority. For UK residents, this is the Information Commissioner's Office (ICO) at ico.org.uk. For Swiss residents, this is the Federal Data Protection and Information Commissioner (FDPIC).

Erasure exception: Where we are required to retain content or account data to comply with a legal obligation (including law enforcement preservation orders, NCMEC reports under 18 USC §2258A, and tax records under Section 10), we will retain only what is required by that obligation, and we will inform you that an exception applies. Your other personal data will be erased on request as described above.

12. Cookies

CrowdClick uses a single essential cookie for authentication (crowdclick-token). This cookie is HTTP-only, secure, and required for the platform to function. We do not use advertising, analytics, or tracking cookies. Because this cookie is strictly necessary, no consent is required under the ePrivacy Directive. We also use a service worker for offline capability and performance optimisation. This stores cached content locally on your device and does not transmit tracking data.

13. Children's privacy

CrowdClick is not directed at children under 16. We do not knowingly collect personal data from children. If you believe a child under 16 has provided us with personal data, please contact us at [email protected] and we will take steps to delete it.

14. California privacy rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA). We do not sell personal information. We do not share personal information for cross-context behavioural advertising. You have the right to know what personal data we collect, request deletion, and not be discriminated against for exercising your rights. To exercise these rights, contact [email protected].

15. Changes to this policy

We may update this privacy policy from time to time. If we make material changes, we will notify you by email (if you have an account) or by prominent notice on the Service at least 30 days before the changes take effect. Continued use of CrowdClick after the changes take effect constitutes acceptance of the updated policy. For material changes to how we process your personal data, we will seek your affirmative consent where required by applicable data protection law.

16. Contact

For privacy-related questions or to exercise your data rights:

Questions about privacy? Contact us.