Cookie Policy — Photo Booth FX (“PBFX”)

Last updated: 8 September 2025

This Cookie Policy explains how PBFX uses cookies and similar technologies on pbfx.ai and our Squarespace store (together, the “Sites”). It also tells you how to manage your preferences at any time through Cookie Settings (linked in the footer) and how these choices interact with privacy laws in your region.

1) What are cookies and similar technologies?

  • Cookies are small files placed on your device that store information for a period of time.

  • Pixels/Beacons are tiny images or code that help us understand usage and campaign performance.

  • Local storage/SDKs provide app-like functionality and remember settings.
    We use these to make the Sites work, keep your cart/session, prevent fraud, measure performance, and—if you consent—personalize marketing.

2) Your choices (consent & controls)

  • Accept / Reject: When you first visit, you’ll see a banner. In regions that require it (EU/UK and similar), non-essential cookies won’t run unless you Accept. You may also Reject non-essential categories in one click.

  • Cookie Settings (always on): Change or withdraw consent anytime via the Cookie Settings link in our footer.

  • Global Privacy Control (GPC): If your browser sends a GPC signal, we treat it as an opt-out of sale/share or targeted advertising for that browser.

  • Scope: Choices apply per browser/device. Clearing cookies, switching browsers, or using private mode may reset your preferences. If you have an account and are signed in, we will try to remember your preferences across sessions.

3) Legal basis we rely on

  • EU/UK: We use consent for non-essential cookies (analytics/ads). Strictly necessary cookies rely on legitimate interests or are exempt.

  • US/California and similar: We honor opt-out rights for sale/share and targeted advertising (see Your Privacy Choices).

  • Other regions: We apply the stricter rule set when in doubt.

4) Categories we use

Strictly Necessary
Enable core functions: page loading, session management, cart/checkout, account login, security, legal notices, consent logging. These can’t be switched off.

Security & Fraud Prevention
Help detect and mitigate malicious or abusive activity (rate-limiting, bot detection). May use device/IP signals.

Functional (Preferences)
Remember choices like language, region, accessibility settings, and UX preferences.

Performance/Analytics
Measure traffic, diagnose errors, and improve features (page views, scroll depth, referrers). Data is aggregated where possible.

Advertising/Targeting
With consent, help us understand ad performance and show more relevant PBFX ads across services. Opt-out stops cross-context behavioral use for this browser.

Unclassified
New or updated tools pending categorization. We keep this list current.

5) Cookies & vendors we (may) use

Vendor/Tool Category Purpose Typical Retention Data Points Vendor Controls Squarespace (hosting & store) Strictly Necessary / Security / Functional Site delivery, cache, consent log, cart/session, basic analytics Session to 1 year Session ID, page/path, cart state See Squarespace Privacy Policy in their site footer Stripe (payments) Strictly Necessary / Security Checkout, fraud prevention, payment status tokens Session to 2 years Payment tokens, country, risk signals Stripe cookie/privacy docs Google Analytics 4 (gtag.js) Performance/Analytics Traffic patterns, content performance 2–14 months (configurable) Pseudonymous IDs, page events, referrer Google Analytics controls / opt-out add-on Google Tag Manager Strictly Necessary (loader) Manages loading of other tags per your consent N/A (doesn’t set its own cookies) N/A GTM docs Meta Pixel Advertising/Targeting Ad performance and retargeting 3–24 months Pseudonymous IDs, events (view content, purchase) Your Privacy Choices; Meta ads settings Klaviyo / Mailchimp (email) Functional / Analytics Email preferences, campaign measurement 13 months Email hash, campaign events Vendor privacy center reCAPTCHA (if used) Security & Fraud Bot detection on forms 6 months Device/network signals Google reCAPTCHA policy

We maintain a current list of active vendors and cookie names in Cookie Settings. Some vendors may set additional cookies when you interact with embedded third-party content (e.g., social media, map embeds).

6) Retention guidelines

  • Strictly necessary & security: session to 12 months (consent logs up to 24 months).

  • Functional: 6–12 months.

  • Analytics: 2–14 months (GA4 default windows).

  • Advertising: typically 3–24 months, depending on the partner.
    Vendors control their own retention; see their policies linked from Cookie Settings.

7) Managing cookies outside our banner

You can block or delete cookies in your browser settings. Each browser has different steps (e.g., “Clear browsing data,” “Cookies and site data”). Blocking strictly necessary cookies may break site features like checkout or login.

8) Do Not Track & children

  • Do Not Track: There’s no uniform DNT standard; we don’t respond to DNT, but we do honor GPC as noted above.

  • Children: Our Sites aren’t intended for children under 13 (or the applicable age in your region). We don’t knowingly use cookies to profile children.

9) Updates to this policy

We’ll update this page when we add or change vendors, categories, or legal requirements. Check the “Last updated” date at the top. Significant changes may also appear in the banner or via in-site notice.

10) Contact

Questions about this Cookie Policy or your choices?
Privacy Lead: Christina Hanson — partners@pbfx.ai
Mail: Attn: Privacy, PBFX, 2948 Jo Ann Dr., Richmond, Ca 94806

Shortcuts: Cookie Settings · Your Privacy Choices · Privacy Policy