Privacy notice

Your photographer delivers galleries through a hosting platform. The platform stores and serves the photos on the photographer's behalf and aims to handle personal information in line with the Australian Privacy Principles as a baseline. For anything about a specific gallery, your photographer is the first point of contact.

Photos delivered to you are stored for fast serving on Cloudflare R2, operated by a United States company. Where you keep an archived copy through the optional keepsake plan, that archive is held in Amazon Web Services' Sydney region, in Australia.

Because the hot-serving store is operated by a United States company, the data may be subject to United States law, including the United States CLOUD Act, which can in some circumstances compel a United States provider to produce data it holds regardless of where that data sits. This is true of essentially every mainstream cloud host; we state it plainly so you can make an informed choice.

Cameras often write the capture location (GPS coordinates) and other technical details into a photo file. Every copy you download has its EXIF location and GPS data stripped, on every download. Your home or venue coordinates do not travel with the file.

When a gallery is protected by an access code, that code is required to view it, the code is checked server-side with rate limiting, and the gated gallery is never cached on a shared content network. The gallery's web address is an unguessable token, not a sequential id, so it cannot be found by guessing.

There is no face search or facial recognition on delivered galleries today, and none is planned. You will never be asked to upload a selfie to find yourself in a gallery.

To remember your favourites and keep a gated gallery open during your visit, the platform sets a single signed viewer cookie tied to that gallery. It is created by the server, cannot be set or read by other sites, and carries no advertising identifier.

For security and abuse investigation, the platform keeps an audit log of gallery access and downloads, including the IP address and browser user-agent of the request. Those personal details are retention-limited and held for 90 days, then aged out.

If you are in a gallery and want your image removed, contact your photographer first. If you cannot reach them, or your concern is about safety or unlawful content, use the report link in the gallery footer.