Revised on Oct 21, 2023 (preliminary)
· Information collected through our photo upload web application & FTP (File Transfer Protocol) file transfer server.
1. In the case of our photo upload web application, we store your name, shipping address (if provided), telephone #, and email. This information is emailed to our internal systems as well as you (our customer) with a confirmation of your order. If the order is unsuccessfully placed, the external web application will store your information and photos nonetheless, so that we may contact you to verify either there was a technical problem, or that the pending order was actually cancelled.
2. In the case of receiving print orders through our FTP service (for file transfer), your information stored consists of your name, phone number and email address, as well as the images that you transmit to us. The contact information had to have been previously provided to us by phone when we set up the FTP account for you.
3. The photos that you submit that are stored on our web application/ FTP server, are located on a drive that is encrypted. This does not mean that your photos are encrypted. Due to technical limitations, images cannot be encrypted. We transfer a copy of your information along with the images you have submitted to our internal image processing system, typically once or twice a day. We keep your photos and information on our web application / FTP server typically for up to 1 month, before being erased. The purge process is manual at present.
YOU CAN REQUEST THAT YOUR ORDER INFORMATION and IMAGES be removed
from our web application / FTP server and our internal systems by sending an
email to email@example.com. We will confirm to you that this has been done. Customers with
FTP access can request that their images be removed, or that their FTP access
account be closed/purged. Note that all requests may take a few days to
complete since we must also locate your images which can be stored in a
printer-formatted version which is identified by a job code only.
· Information stored on our internal image retrieval and processing system (referred to as ‘server’). This applies to all photos submitted to us, physically, electronically, or by the internet (with the exception of our walk-in system as described below)
1. This system is air gapped from the Web app / FTP server. Information on this server is placed in a unique folder identified by a nickname that we will internally assign to you and the date the order was placed(approximatively). The folder will contain a copy of the online order information (if placed that way), a copy of an email you sent with your instructions, or any other pertinent information describing your order. Your images will be stored in this folder as well as any modified images (cropped versions, transformed versions, photoshop work).
2. Typically, information on this server is stored for a period of up to 1 year. This is to enable us to easily print / reprint orders so that they reasonably match the original printing. Many of our customers print school / sports orders and require us to keep their photos print ready for their customers’ additional orders. Some of other customers resell their photos over and over on platforms like Etsy, and require us to keep their work print-ready on short notice. The delete process is done manually and is usually done in January.
3. Unless specifically instructed by the customer, we no longer archive older images
4. YOU CAN REQUEST THAT YOUR IMAGES BE REMOVED from our internal image processing system by contacting us by email at firstname.lastname@example.org. We will confirm to you by email. Since this process is manual, it may take a few days to accomplish this as we must locate any printer-formatted versions of your images as well.
· Our walk-in print while you wait system
Customers who use our walk-in print while your
wait system will submit their photos by USB stick or other media. Once the
selection of the photos is done and the print job is submitting, the software
will transform the images into a print-ready format. This system DOES NOT
store your original images. The print-ready format is manually erased
approximately after 90 days. We can instruct our systems to reprint copies of
photos submitted by this system but cannot modify the photos as we do not have
access to the originals once the customer removes the USB media from the
walk-in print while you wait system.
· Emailing photos
DO NOT email us photos. Photos that are emailed to us, live on the
email providers servers and it is beyond our control as to retention of such
information and photos.
· Our billing / invoicing system
1. We no longer store credit card information in our accounting software. Clients who present themselves at our location will use our credit card terminal. We do not have access to your credit card information at any time before, during, or after this process. We staple a copy of your credit card receipt to our copy of your invoice. This receipt only indicates the last 4 digits of your credit card/debit card number.
2. For online order or phone orders, we will request your credit card # by phone, key it in our terminal, and safely dispose of the credit card information you provided.
3. Invoice information is kept for an indeterminate amount of time.
4. Some our daily / regular customers have requested that we keep their credit card info on file, to facilitate/expedite fulfillment of their orders. This is stored in an encrypted folder and not in our accounting software.
· Our file servers
1. We backup the complete contents of our image processing servers on a daily basis, to the cloud. The cloud servers are located in the United States of America. Cloud data is doubly encrypted (client side, server side).
2. We backup the complete contents of our image processing servers to external USB drives. This data is encrypted.
3. The backups (cloud, USB drive) are rotated and the oldest backups are deleted automatically. We have not yet established a fixed timeframe for retention of old data that has been captured in a server backup image but are working to establish a policy that satisfies the need for restoral for disaster recovery or equipment failure. We are also in the process of deleting older server copies which we might still have. To the best of our knowledge, these server copies are encrypted.
4. Backup server – we have a backup server which has a mirrored image of the original server. The same policies apply to the backup server as the original server
· Automatic computer workstation backups.
Our workstations are backed up to another server on an almost daily basis. It is possible that a workstation backup occurred while we were viewing/modifying your images, and thus your image got captured in the backup. These backups automatically are rotated on a schedule of about 90 days.
· Unclaimed prints
We will rip up unclaimed print orders periodically, usually twice a year.
As we install a faster image processing server, we will implement new policies and procedures to improve our data handling and processing procedures. Please refer back to this document on occasion for updates. This document is subject to revision to correct errors or to implement new policies.