Privacy Policy

Your Privacy is Our Priority

This Privacy Policy explains how MindPix collects, uses, processes, and protects your personal information when you use our AI-powered event photo distribution platform.

Last Updated: December 31, 2024

Overview

MindPix ("we," "our," or "us") is committed to protecting your privacy and ensuring compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and Turkish Personal Data Protection Law (KVKK). This policy applies to all services provided through our platform, mobile applications, and related services.

Important Notice

Our platform uses advanced facial recognition technology to automatically identify and distribute photos. By using our services, you acknowledge and consent to this biometric data processing as detailed in this policy.

Information We Collect

Personal Information

Name, email address, phone number, and account details you provide when registering or contacting us.

Processing Purpose:

Account creation, communication, and service delivery

Facial Recognition Data

Biometric identifiers and facial patterns extracted from photos for identification purposes.

Processing Purpose:

Automated photo sorting, identification, and distribution to event participants

Event Photos

Digital images uploaded by photographers or captured during events using our platform.

Processing Purpose:

AI-powered analysis, organization, and secure delivery to identified individuals

Usage Analytics

Information about how you interact with our platform, including device data and usage patterns.

Processing Purpose:

Service improvement, security monitoring, and platform optimization

How We Use Your Information

Primary Processing Activities

  • Automated Photo Recognition: Using facial recognition AI to identify individuals in event photos and create personalized galleries
  • Service Delivery: Processing payments, managing accounts, and providing customer support
  • Platform Security: Detecting fraud, preventing abuse, and maintaining system security
  • Service Improvement: Analyzing usage patterns to enhance our AI algorithms and user experience
  • Legal Compliance: Meeting regulatory requirements and responding to legal requests

Legal Basis for Processing

We process your personal data based on the following legal grounds:

  • Consent: For facial recognition processing and marketing communications
  • Contract Performance: To provide our photo distribution services
  • Legitimate Interest: For security, fraud prevention, and service improvement
  • Legal Obligation: To comply with applicable laws and regulations

Data Security and Protection

Enterprise-Grade Security

Technical Safeguards

  • End-to-end encryption for all data transmission
  • Advanced access controls and authentication systems
  • Regular security audits and penetration testing

Organizational Measures

  • Secure cloud infrastructure with ISO 27001 certification
  • Automated threat detection and monitoring systems
  • Regular staff training on data protection and security

Data Breach Response: In the unlikely event of a data breach, we will notify affected users and relevant authorities within 72 hours as required by law.

Your Rights and Controls

Right to Access

You can request a copy of all personal data we hold about you.

How to Exercise:

Contact us to receive a detailed report of your data within 30 days

Right to Rectification

You can request correction of inaccurate or incomplete personal data.

How to Exercise:

Update your profile or contact us to correct any information

Right to Erasure

You can request deletion of your personal data under certain conditions.

How to Exercise:

Delete your account or request specific data removal

Right to Data Portability

You can request your data in a structured, machine-readable format.

How to Exercise:

Export your data or transfer it to another service provider

Right to Object

You can object to certain types of data processing activities.

How to Exercise:

Opt-out of marketing communications or specific data processing

Right to Restrict Processing

You can request limitation of how we process your personal data.

How to Exercise:

Contact us to discuss processing restrictions for your account

Response Timeframes

Standard Requests: 30 days
Complex Requests: 60 days
Urgent Matters: 72 hours

Data Sharing and Third Parties

When We Share Information

We only share your personal data in the following limited circumstances:

  • Service Providers: Trusted partners who help us deliver our services (cloud hosting, payment processing, customer support)
  • Legal Requirements: When required by law, court order, or government authorities
  • Business Transfers: In case of merger, acquisition, or sale of company assets
  • Safety and Security: To protect the rights, property, or safety of MindPix, users, or the public

What We Never Do

  • Sell your personal data to third parties
  • Share facial recognition data for advertising
  • Use your photos for purposes other than our services

International Data Transfers

MindPix operates internationally and may transfer your personal data to countries outside the European Economic Area (EEA) and Turkey. We ensure adequate protection through:

  • European Commission adequacy decisions
  • Standard Contractual Clauses (SCCs)
  • Binding Corporate Rules (BCRs)
  • Certification schemes and codes of conduct

Data Retention

Retention Periods

Account Data

Retained while your account is active plus 2 years after closure

Facial Recognition Data

Deleted immediately after photo processing unless consent given for future events

Event Photos

Retained according to photographer's settings or user preferences (max 10 years)

Analytics Data

Anonymized after 18 months, aggregate data retained indefinitely

Automatic Deletion

We automatically delete inactive accounts and associated data after 3 years of inactivity. You will receive advance notice before any automatic deletion occurs.

Children's Privacy

Our services are not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If a parent or guardian becomes aware that their child has provided us with personal information, they should contact us immediately.

Special Note: If children appear in event photos, we rely on the event organizer or photographer to obtain appropriate consent from parents or guardians.

Contact Information

Data Protection Officer
privacy@mindpix.com
+90 (554) 706-0043

Maslak Office

Istanbul, Turkey

Supervisory Authorities

Turkey (KVKK)

Personal Data Protection Authority

kvkk.gov.tr

EU (GDPR)

European Data Protection Board

edpb.europa.eu

Questions About Your Privacy?

Our privacy team is here to help you understand how we protect your data and exercise your rights.

Contact Privacy TeamCookie Policy