Event Photo SearchInstantPixShow up. We find the moments.
HomeBook PhotographerEventsJoin EventAbout Us

Legal

Privacy Policy

Last updated: 2 April 2026

Contents

1. Overview2. Data we collect3. How we use your data4. Data sharing5. Data retention6. Your rights7. Cookies & sessions8. Security9. Children's privacy10. Changes to this policy11. Contact

1. Overview

InstantPix (operated by InstantPix Technologies Pvt. Ltd., "we", "us", "our") is a photography marketplace and event photo platform. This Privacy Policy explains how we collect, process, store, and protect your personal information when you use our website, mobile app, or services. By using InstantPix, you agree to this Privacy Policy. If you do not agree, please discontinue use of the platform.

2. Data we collect

**Account data:** Full name, email address, mobile number, password (stored as bcrypt hash — never in plain text). **Photographer profile data:** Business name, city, GPS coordinates and service radius (when provided), experience, specializations, portfolio URLs, social links, Aadhaar/PAN reference (masked — last 4 digits only, for KYC). **Location data:** When you use location-based photographer discovery, we request your device's GPS coordinates. This data is used only to compute proximity and is not stored permanently on our servers — it is transmitted over HTTPS and used in real time to query nearby photographers. **Face embedding data:** When you upload a selfie for photo search, we compute a mathematical face embedding vector using our AI model. This embedding is processed server-side, used to search the event gallery, and then deleted after the search is complete. Raw selfie images are not retained. **Event media:** Photos and videos uploaded to event galleries are stored in encrypted AWS S3 buckets. Access is restricted to event participants and authorised editors. **Payment data:** We use Razorpay as our payment processor. We do not store raw card numbers, UPI credentials, or bank account details. Razorpay stores this data under their PCI-DSS compliant environment. We store only Razorpay order IDs, payment IDs, and transaction status. **Usage data:** IP address, browser/device type, pages visited, feature interactions (used for analytics and fraud prevention).

3. How we use your data

We use your data to: - Create and manage your account - Match clients with nearby photographers using GPS proximity - Process bookings and payments via Razorpay - Search event photo galleries using face recognition - Send transactional SMS/email (OTP, booking confirmation, payment receipt) - Detect fraud and enforce platform rules - Improve our AI models (using anonymised embeddings only) - Comply with applicable Indian law (IT Act 2000, DPDPA 2023)

4. Data sharing

We do not sell your personal data. We share data with: - **Razorpay** (payment processing) — governed by Razorpay's Privacy Policy - **AWS** (cloud storage and infrastructure) — encrypted at rest and in transit - **Firebase / Twilio** (authentication OTP) — phone number only, not stored by these providers beyond session - **Sentry** (error monitoring) — anonymised stack traces only - **Law enforcement** — if required by a valid court order under Indian law

5. Data retention

- Account data: Retained while your account is active. Deleted within 30 days of account deletion request. - Face embeddings: Deleted immediately after photo search is completed. - Event media: Retained for the duration the event organiser keeps the event active. Deleted upon organiser deletion or 2 years of inactivity. - Payment records: Retained for 7 years as required by Indian tax law. - Location data: Not stored — used in real time only.

6. Your rights

Under the Digital Personal Data Protection Act 2023 (DPDPA), you have the right to: - Access the personal data we hold about you - Correct inaccurate data - Request erasure of your account and associated data - Withdraw consent to data processing (which may affect your ability to use the platform) - Nominate a representative in the event of death or incapacity To exercise any right, email privacy@instantpix.co with subject "Data Rights Request". We will respond within 30 days.

7. Cookies & sessions

We use httpOnly cookies to store your authentication session (JWT). These cookies are secure, not accessible to JavaScript, and expire after 24 hours. We do not use third-party tracking or advertising cookies.

8. Security

- All data is transmitted over TLS 1.2+ - Passwords are hashed using bcrypt (cost factor ≥ 12) - JWTs are signed with HS256 and expire after 24 hours - S3 buckets are private with signed CloudFront URLs - Rate limiting and CSRF protection on all auth endpoints - Face embeddings are processed in memory and not persisted

9. Children's privacy

InstantPix is not intended for users under 18. We do not knowingly collect data from minors. If you believe a minor has provided data, contact privacy@instantpix.co and we will delete it promptly.

10. Changes to this policy

We may update this Privacy Policy. Material changes will be notified via email to registered users at least 14 days before they take effect. Continued use after the effective date constitutes acceptance.

11. Contact

For privacy concerns or data requests: **Email:** privacy@instantpix.co **Address:** InstantPix Technologies Pvt. Ltd., Bengaluru, Karnataka, India

Related policies

Terms of ServiceRefund PolicyCancellation PolicyPhotographer Agreement
Event Photo SearchInstantPix

Book photographers near you. Find your event photos instantly with AI face search.

Product

  • Book Photographer
  • Find My Photos
  • Join Event
  • Browse Events
  • Join as Photographer

Company

  • About Us
  • Privacy Policy
  • Terms of Service
  • Refund Policy
  • Contact

© 2026 InstantPix. All rights reserved.

Privacy·Terms
Home
Events
Photographers
Account