Data Processing Practices
This overview provides a high-level summary of Simple Booth's data handling practices. These practices are subject to change.
For specific regulatory compliance needs or detailed security questionnaires, please contact our support team directly. We can provide a list of data sub-processors upon request for customers subscribed to the Select plan.
Storage & Security
Data Residency: All data and backups are stored in the United States, specifically within the AWS region US East 1 (Ohio).
Encryption:
In Transit: All data is encrypted using TLS version 1.2.
At Rest: Our primary database is encrypted using AES-256.
Data Retention & Deletion
General Retention: We retain data indefinitely by default to ensure your historical event data remains available.
Manual Deletion: Users can delete their entire account at any time.
PII Purging: For users on the Select plan, tools are available to purge Personally Identifiable Information (PII) at-will. Once initiated, data is typically deleted within a few hours, though it may persist in encrypted backups for up to 14 days.
Participant Requests: Participants may request the removal of specific photos or records by emailing [email protected].
Information Collected
Participant Data
Required: Photos or videos, depending on your booth configuration.
Optional: Email addresses and phone numbers used for digital delivery.
Custom Data: Any specific fields added to your "Data Capture" forms for marketing purposes.
You can run a booth using only QR code delivery to avoid capturing any emails or phone numbers.
Customer (User) Data
Account Info: Any PII entered during sign-up, in account settings, or provided during the sales process.
Digital Identifiers: We track IP addresses for account logins and generate unique device identifiers to manage your HALO hardware.
Analytics: We use Google Analytics to track how participants interact with galleries. This data is used for performance trends and is not linked to specific individuals.
Last updated