Privacy Policy — Photo Booth FX (“PBFX”)

Last updated: 8 September 2025

PBFX provides creative AI tools, digital prompts, licensed downloads, and related services (the “Services”). This Privacy Policy explains what we collect, how we use it, the choices you have, and the rights available to you under applicable law.

This Policy applies to pbfx.ai and our Squarespace store, to pages we control on social media, and to any site that links to it (collectively, the “Sites”). It does not cover third-party services we don’t control (e.g., Facebook, payment processors’ own sites).

1) Who we are (Controller)

Photo Booth FX (“PBFX”)
Photo Booth FX, LLC
2948 Jo Ann Dr., Richmond, Ca 94806
Email: partners@pbfx.ai
Mail: Attn: Privacy, 2948 Jo Ann Dr., Richmond, Ca 94806

Where laws require a representative or officer:

Privacy Lead (and primary data-rights contact): Christina Hansonpartners@pbfx.ai
EU/UK Representative: To be appointed (for EU/UK users; inquiries may be sent to partners@pbfx.ai until appointed)
Brazil Encarregado (LGPD): partners@pbfx.ai
Singapore Data Protection Contact (PDPA): partners@pbfx.ai
DMCA Agent (if/when UGC is enabled): Christina Hansonpartners@pbfx.ai
South Africa Information Officer / PAIA Manual: Not applicable at this time
India Grievance Officer: Not applicable at this time

2) Information we collect

  • Identifiers & contact data (name, email, phone, address, account handle).

  • Commercial & transaction data (items viewed/purchased, license type, order totals, timestamps).

  • Payment data is processed by our payment provider(s) (e.g., Stripe/PayPal); we receive only limited tokens and status—not full card numbers.

  • User content & communications (support messages, form submissions, reviews, files you upload).

  • Device & usage data (IP address, device IDs, browser type, pages visited, links clicked, session duration).

  • Cookies & similar technologies for analytics, preferences, fraud prevention, and—if you consent—advertising. See our Cookie Policy and Cookie Settings.

  • Inferences we derive about interests or preferences, where permitted.

We do not intentionally collect sensitive categories (e.g., government IDs, precise geolocation, health) through the Sites. If a particular workflow requests such data, we will obtain consent or use it only as allowed by law.

Sources. You (when you provide it), automatic collection via the Sites, service providers (payments, analytics, support), partners (with your authorization), and publicly available records.

3) Why we use your information

  • Provide, operate, and secure the Sites and Services.

  • Process orders, deliver digital goods/licenses, and provide support.

  • Personalize content and remember preferences.

  • Analyze performance, improve features, and develop new offerings.

  • Send service messages (receipts, license notices, security, policy updates).

  • With consent or as allowed, send marketing communications (you can opt out anytime).

  • Detect, prevent, and investigate fraud, abuse, or security incidents.

  • Comply with legal obligations and enforce our Terms and license restrictions.

GDPR/UK lawful bases: performance of a contract; legitimate interests (e.g., site security, service improvement, minimal analytics); consent (e.g., non-essential cookies, email marketing in some regions); legal obligation; and, where necessary, vital interests.

4) Do we sell or share your information?

  • We do not sell personal information for money.

  • We may “share” personal information for cross-context behavioral advertising (e.g., ad pixels) where permitted—only if you consent and subject to your choices. Use Your Privacy Choices to opt out, and we honor Global Privacy Control (GPC) signals supported by your browser. You can also manage preferences in Cookie Settings.

We do not use or disclose sensitive personal information for purposes beyond those permitted by law (e.g., to provide the service, maintain security, or prevent fraud).

5) How we disclose information

We disclose personal information to:

  • Service providers / processors (hosting, cloud storage, payments, customer support, analytics, communications, security, advertising tech where enabled).

  • Affiliates and contractors who help us run PBFX, under confidentiality and use limits.

  • Legal & safety (to comply with law, lawful requests, enforce agreements, protect rights/security).

  • Business transfers (merger, acquisition, financing, or sale of assets).

  • With your direction or consent, including integrations you enable.

We require recipients to protect personal information and use it only for our purposes, unless they are independent controllers (e.g., payment providers or platforms you visit directly).

6) International data transfers

We operate globally. When we transfer personal information across borders, we use recognized safeguards such as Standard Contractual Clauses, UK IDTA/Addendum, and comparable mechanisms. You can request a copy of relevant safeguards using the contact details above.

7) Retention

We keep personal information only as long as necessary to fulfill the purposes in this Policy (for example: transaction records typically 7 years for tax/compliance; support emails 3 years; analytics data 12–24 months depending on tool settings), unless a longer retention is required or permitted by law. When no longer needed, we delete or de-identify the data.

8) Your rights

Your rights depend on where you live, and we honor them as required.

California & other U.S. state privacy laws (e.g., CO/CT/VA/UT):

  • Right to know/access and portability.

  • Right to delete.

  • Right to correct inaccuracies.

  • Right to opt out of sale, sharing/targeted advertising, and certain profiling.

  • Right to limit use/disclosure of sensitive personal information (where applicable).

  • Right to appeal a denial (non-CA states).

  • Freedom from discrimination for exercising rights.

EU/EEA & UK (GDPR):

  • Rights of access, rectification, erasure, restriction, portability, and objection (including to direct marketing).

  • Right to withdraw consent at any time (does not affect prior processing).

  • Right to lodge a complaint with your supervisory authority (find details at edpb.europa.eu; UK: ico.org.uk).

Brazil (LGPD): rights of confirmation, access, correction, anonymization, blocking, deletion, portability, information about sharing, withdraw consent, and petition to the ANPD.

Canada (PIPEDA) & Singapore (PDPA): rights of access and correction, plus withdrawal of consent subject to legal/contractual restrictions.

South Africa (POPIA): rights of access, correction, deletion, and objection; requests may also be made per our PAIA Manual.

How to submit a request.
Use our Privacy Request Form at [/privacy-requests] or email [privacy@pbfx.ai]. To protect your data we will verify your identity (and, where allowed, accept requests via authorized agents). We aim to respond within the timelines set by applicable law.

9) Cookies, analytics, and ads

We use cookies and similar technologies to make the Sites work, remember choices, measure performance, and—if you consent—personalize ads.

  • Manage preferences any time via Cookie Settings (footer).

  • See details in our Cookie Policy (types, purposes, retention, vendors).

  • Where required (EU/UK and similar), we obtain consent for non-essential cookies before they run.

Do Not Track (DNT). Many browsers offer DNT; there is no common standard. We currently do not respond to DNT signals, but we do honor GPC signals for opt-out where required.

10) Children’s privacy

The Sites are not intended for children under 13 (or the age required by your jurisdiction). We do not knowingly collect personal information from children. If you believe a child has provided personal information, contact us and we will delete it.

11) Security

We use administrative, technical, and physical safeguards appropriate to the nature of the data and our Services. No online system can be guaranteed 100% secure. If we discover a security incident involving your personal information, we will notify you and regulators as required by law.

12) Third-party links & platforms

Our Sites may link to third-party websites or services. Their privacy practices are governed by their own policies. Review those policies, especially for payment providers, social networks, and AI platforms.

13) Changes to this Policy

We may update this Policy to reflect changes in our practices or the law. We will post the updated version with a new “Last updated” date, and where required, notify you or seek consent.

14) Contact us

Questions or requests about this Policy?
Email: partners@pbfx.ai