01 Data Scope & Information Capture
FlipZap collects and processes only the absolute minimum data required to deliver automated photographic delivery and CRM solutions:
- Photographer Profile Information: Account data including studio name, physical business coordinates, email identity, active Razorpay sub-billing records, and billing settings.
- Event Images & Metadata: Reduced-resolution photograph previews synchronized by the Photographer to visual galleries under explicit customer event shoot assignments.
- Guest Selfie Queries: One-time selfies uploaded transiently by visitors to match and extract their photographs from large event galleries.
02 Biometric Vectoring and Hashing Principles
The facial recognition search system does NOT index, reconstruct, or store raw biometric profiles:
Mathematical Face Maps: When an event photo is uploaded, our local and cloud models extract standard structural coordinates of faces to form high-dimension mathematical matrices (Facial Vectors). These maps are one-way cryptographic models: they cannot be used to reverse-engineer or construct a physical portrait.
No Global Tracking: Vectors are isolated inside the scope of the specific event. FlipZap does not share or cross-compare face coordinates across separate photographer accounts, studios, or events.
03 Studio Consent Mandates
Because FlipZap processes biometrics on behalf of the studio, the photographer holds absolute responsibility as the primary **Data Controller**:
- ✓ Photographers represent and warrant that they have acquired complete, written consent from the event organizer, clients, and attendees for image processing.
- ✓ Photographers must provide clear indicators at physical event sites informing visitors that biometric selfie matching is in operation.
04 Transient Processing & Vector Wipe Timeline
We do not store vectors longer than necessary.
Guest Selfie Search: The selfie uploaded by a guest to locate their event photos is processed transiently inside highly secure RAM slots and is **instantly deleted** upon completion of the database search query session.
Event Lifetime: Face index vectors generated for event photos are kept online only as long as the event is active. The moment a photographer deletes an event, its associated facial vector models are wiped from our active cache databases.
05 DPDP Act and Global Visitor Rights
Under India's DPDP Act and international privacy frameworks, event attendees and website visitors hold strong personal rights:
- Right to Erasure: Any guest can request the photographer or FlipZap to delete their photos from a live event portfolio. Once authorized, our system will purge all target media files immediately.
- Right to Correction: Guests hold the right to alter incorrect profile associations or contact fields listed under invoicing records.
06 System Level Security & Data Controls
We safeguard all visual media assets and studio configuration files with cutting-edge network protection layouts:
Encryption Covenants: All sync actions are encrypted using SSL/TLS protocols during transition, and data items rest behind highly robust AES-256 cloud encryption structures.
Restricted Access: Platform databases are partitioned securely. Visual galleries are accessed exclusively using random cryptographically compiled tokens to secure user sessions.