Biometric Information Policy

Last Updated: February 2026

Candid Color Systems (“Candid,” “CCS”, “NowCandid”, “TSS Photography”, Candid Color Photography”, “Party Pics “, “we,” “us,” or “our”) is committed to protecting biometric information and complying with applicable biometric privacy laws, including the Illinois Biometric Information Privacy Act (BIPA), Texas Business & Commerce Code § 503.001, Washington RCW 19.375, and other applicable laws.

This Biometric Information Policy explains how biometric data is collected, used, stored, retained, and destroyed when photographers or studios enable optional facial recognition features within our Services.

 

1. Scope

This Policy applies only to biometric data processed through Candid’s optional facial recognition features.

Facial recognition features are optional and must be affirmatively enabled by the photographer, studio, or account holder.

If facial recognition is not enabled, we do not collect or process biometric identifiers.

2. Definitions

For purposes of this Policy:

Biometric Identifier means a retina or iris scan, fingerprint, voiceprint, or scan of face geometry.

Biometric Information means any information based on a biometric identifier that is used to identify an individual.

Biometric identifiers do not include:

  • Photographs
  • Video recordings
  • Physical descriptions
  • Demographic data
  • Information derived from photographs unless used to create a facial template for identification

3. What Biometric Data We Collect

If facial recognition is enabled, we may collect:

  • Facial geometry data derived from photographs voluntarily uploaded to the platform by a photographer with consent or an end user

We do not collect:

  • DNA
  • Retina scans
  • Fingerprints
  • Voiceprints
  • Health or medical biometric data

Biometric data is generated solely for the purpose of identifying and grouping images of the same individual within a gallery.

4. Purpose of Collection

Biometric data is collected solely to:

  • Enable facial recognition search functionality
  • Group or tag images of the same individual
  • Allow users to locate photos more efficiently

Biometric data is:

  • Not sold
  • Not leased
  • Not traded
  • Not used for advertising
  • Not used for profiling
  • Not used for automated decision-making

5. Consent Requirements

Facial recognition features are activated only when:

  1. The photographer or studio affirmatively enables the feature; and
  2. Required consents are obtained where applicable under law.

Where required by law, written consent must be obtained from the individual (or parent/guardian for minors) before biometric data is collected.

Photographers and studios are responsible for obtaining legally required releases and consents from their subjects.

By enabling facial recognition, the studio represents and warrants that it has obtained all legally required consents.

6. Disclosure and Sharing

We do not sell biometric identifiers or biometric information.

We do not disclose biometric data except:

  • To service providers who process data solely to operate our platform
  • As required by law, court order, or subpoena
  • To protect rights, property, or safety

All service providers are contractually required to safeguard biometric data and are prohibited from using it for independent purposes.

7. Data Retention Schedule

Biometric data is retained only for the shortest period necessary to fulfill the purpose of collection.

Biometric data will be permanently deleted when the earliest of the following occurs:

  1. The user requests deletion in writing;
  2. The associated account or gallery is deleted;
  3. The facial recognition feature is disabled;
  4. Three (3) years after the individual’s last interaction with the platform; or
  5. As otherwise required by applicable law.

Deletion is permanent and irreversible.

8. Data Storage and Security

We use reasonable administrative, technical, and physical safeguards to protect biometric data, including:

  • Encryption in transit and at rest (where applicable)
  • Access controls and authentication restrictions
  • Secure cloud storage environments
  • Restricted internal access to authorized personnel only

However, no security system is completely impenetrable.

9. No Sale of Biometric Data

Candid does not:

  • Sell biometric identifiers
  • Profit from biometric data
  • Use biometric data for advertising
  • Use biometric data for cross-platform tracking

Biometric data is used solely to provide requested facial recognition functionality.

10. Children’s Biometric Data

Where facial recognition is used for minors (e.g., school photography, youth sports):

  • Photographers/studios must obtain parental or guardian consent where required by law.
  • We rely on photographers and studios to ensure lawful collection.

We will delete biometric data of minors upon verified request from a parent or guardian.

11. Individual Rights Regarding Biometric Data

Individuals may:

  • Request confirmation of whether biometric data is being processed
  • Request deletion of biometric data
  • Withdraw consent (where applicable)
  • Disable facial recognition (through the studio or account holder)

Requests may be submitted to:

ccssupport@candid.com

We may require identity verification before fulfilling requests.

12. Geographic Limitations

Candid operates in the United States. Biometric data may be stored and processed in the United States.

If you access our Services from outside the United States, you consent to the transfer and processing of biometric data in the United States.

13. Changes to This Policy

We may update this Biometric Information Policy periodically. Updates will be posted with a revised effective date.

Continued use of facial recognition features after updates constitutes acceptance of the revised Policy.

14. Contact Information

If you have questions about this Biometric Information Policy, please contact:

Email: ccssupport@candid.com

Mailing Address:

Candid Color Systems, Inc

1300 Metropolitan Ave

Oklahoma City, OK 73108