Legal

Privacy Policy

Last updated: April 2026

Who we are

RealTime.Photos is a live event photo sharing platform operated by Nanjing Zhiyin Trading Co., Ltd. at realtime.photos. As the platform operator, we act as data processor on behalf of photographers who use our service. Photographers are the data controllers for the personal data of their event guests.

If you have any questions about this policy, contact us at hello@realtime.photos.

The short version

Guests leave no trace. We do not store, retain, or transmit any personal data about event guests. Guest selfies taken for face matching are processed in memory and discarded immediately — they never touch a database or permanent storage.

Photographer accounts require only your name and email address to operate. We store the minimum needed to run your account and manage your events.

All event data is automatically deleted. Photos, face data, and event records are permanently purged between 15 and 90 days after the last photo was added, depending on the event plan — and no later than 90 days from the first photo regardless of plan.

Data we collect

Photographers (account holders): Name and email address, collected when you sign in. We use this to identify your account and send transactional communications (e.g. payment receipts). We do not sell or share this data with third parties for marketing purposes.

Event guests:We collect no personal data. Guests browse the gallery anonymously. No account, email, or login is required. Like counts are stored against photo IDs with no user identifier attached. Sort preferences and liked photo IDs are stored in your browser’s local storage only — they never leave your device.

Face recognition

RealTime.Photos uses a third-party face recognition service to detect and match faces in event photos. Because this involves biometric data processing, we want to be fully transparent about how it works:

When a photo is uploaded, our face recognition service detects faces and assigns each a unique identifier and position. Faces that are too small or low-quality are automatically ignored.
Similar face identifiers are grouped into clusters. Each cluster has a representative crop — a small region of a photo showing the face. Clusters have no names, identities, or personal attributes attached.
When a guest takes a selfie to find their photos, the image is sent directly to our face recognition service for matching. The selfie is discarded immediately after the result is returned — it is never stored in any database, file system, or log.
Numerical face representations used for matching are stored in a per-event index and deleted permanently when the event data is purged.

Face clusters are used solely to help guests find photos of themselves within the event gallery. They are not used for identification, surveillance, or any purpose beyond navigating event photos.

For questions about how face data is processed, contact us at hello@realtime.photos.

Photo storage and deletion

Photos uploaded by photographers are stored securely in cloud storage. They are served to guests for the duration of the event window.

All event data — uploaded photos, face recognition data, and all associated records — is permanently and irreversibly deleted on the following schedule:

Between 15 and 90 days after the last photo was added to the event (depending on the event plan chosen by the photographer), OR
No later than 90 days after the first photo was added — whichever comes first.

Photographers can also delete an event and all associated data at any time from the dashboard. Individual photos can be hidden from the guest gallery (they remain in storage until the event is deleted or the event window expires).

Third-party services

We work with a small number of trusted service providers to operate the platform. Each processes only the data necessary for their specific role. We do not share data with third parties for advertising or marketing purposes.

Clerk — Authentication and account management for photographers. Privacy policy ↗

Convex — Database and real-time backend infrastructure. Privacy policy ↗

Amazon Web Services — Cloud infrastructure for photo storage and face recognition processing. Privacy policy ↗

Vercel — Application hosting and delivery. Privacy policy ↗

Dodo Payments — Payment processing (merchant of record). Privacy policy ↗

Resend — Transactional email (deletion warning notifications sent to photographers). Privacy policy ↗

Formspree — Demo request form (name and email submitted by prospective customers). Privacy policy ↗

Vercel Analytics — Anonymous website traffic analytics (pages visited, session duration) — cookieless, no personal data collected. Privacy policy ↗

For a full list of sub-processors or questions about any specific service, contact us at hello@realtime.photos.

Photographer responsibilities

Photographers using RealTime.Photos are responsible for ensuring they have the necessary permissions to photograph and share images of event attendees. By creating an event, you confirm that you have obtained appropriate consent from attendees, consistent with applicable laws in your jurisdiction (including GDPR where applicable).

If a guest requests that photos containing them be removed, the photographer can hide individual photos from the guest gallery at any time from the dashboard.

Your rights

If you are a photographer with an account and wish to access, correct, or delete your personal data, contact us at hello@realtime.photos. We will respond within 30 days.

Guests have no personal data stored by RealTime.Photos, so there is nothing to access or delete.

Changes to this policy

We may update this policy as the product evolves. Material changes will be notified to photographer account holders by email. Continued use of the platform after changes constitutes acceptance of the updated policy.

Read our Cookie Policy →