Privacy Policy

Last updated: 2026-06-11

1. Who we are

PhotoEnroll.com (the “Service”) is operated by Unleavened LLC, a Delaware limited liability company with its principal place of business in New York (“we,” “us,” “our”). The Service uses facial recognition technology to help parents and guardians find photos of their children in galleries uploaded by camps, schools, photographers, and event hosts (each, a “Partner”).

For privacy questions, contact privacy@photoenroll.com or write to us at 138 Main Street, #1020, East Rockaway, NY 11518.

2. The information we collect

We collect only what we need to run the Service for you:

  • Account data. Name, email address, and an optional phone number. We sign you in with a one-time code sent to your email — we do not store a password. If you choose to sign in with Google or Facebook, we receive your account identifier and basic profile (name, email) per the permissions you grant.
  • Children information. The name and (optionally) date of birth of each child you enroll. Children do not have their own accounts and do not interact with the Service directly; all enrollment happens through your account.
  • Reference photos. Photos you submit at enrollment — or frames from a short clip you optionally record — so we can teach the matcher what an enrolled subject looks like.
  • Face templates (biometric data). A mathematical representation (a 512-dimensional vector, also called an embedding) derived from your reference photos. The template is not a recognizable image and cannot be reversed into one.
  • Consent record. When you consent, we store a written record of that consent (a “ConsentLog” entry): your account identifier, the name you typed as your signature, the disclosure version you agreed to, and the IP address, user agent, and timestamp at the moment of consent. We do not record a video of your consent.
  • Match records. When our pipeline detects an enrolled face in a Partner-uploaded photo, we store the photo reference, the matched subject, the similarity score, and the bounding box of the face within the image.
  • Partner-uploaded photos. Photos uploaded by Partners to their galleries, processed by our matcher.
  • Billing data. If you subscribe to Pro, our payment processor (Stripe) collects payment details on its own systems. We receive a customer identifier, subscription status, and the date your current period ends — we do not store your full card number.
  • Operational metadata. IP address and user agent at consent and signup time (so the consent record is meaningful), request logs, error reports, and similar service telemetry.

3. How we use this information

  • To run the matcher against Partner photo galleries you select.
  • To send you notifications and digest emails when we find matches, per your settings.
  • To document and retain the parental and biometric consent you give us, as required by BIPA, COPPA, and similar laws.
  • To process payments for the Pro subscription via Stripe and to send transactional receipts and renewal notices.
  • To prevent abuse, secure the Service, and respond to support requests.
  • To comply with our legal obligations and respond to lawful requests.

We do not sell biometric information, and we do not use biometric data for advertising or third-party analytics. We do not sell personal information of children. We do not use face templates for any purpose other than matching against the Partner galleries you have opted into.

4. Who we share information with

We share information only with the following categories of recipients:

  • Service providers (sub-processors) that help us run the Service. As of the last-updated date these include: Amazon Web Services (cloud hosting, S3 storage, SES email); Stripe, Inc. (payment processing); and Google LLC (OAuth sign-in for accounts that choose it). Each sub-processor is bound by confidentiality and security obligations and may only use your data to provide its service to us.
  • Additional recipients you designate. If you add a co-parent or grandparent as an additional email recipient in your account settings, we send them the match digests you authorize.
  • Legal and safety. Government authorities, courts, or other parties when required by law, to enforce our Terms, or to protect the rights, property, or safety of users, the public, or us.
  • Business transfers. If we are involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will require any successor to honor this Privacy Policy or provide notice of material changes before applying them to your data.

5. How long we keep it

We retain biometric data (face templates, reference photos, and any enrollment clip) for the shorter of (a) the duration of your account or (b) three years from your last interaction with the Service. This matches the retention rules in the Illinois Biometric Information Privacy Act (BIPA) §15(a), which we apply to all users regardless of state.

The written consent record (the consent-log entry documenting that consent was given) is retained as evidence of consent for the longer of (a) three years from your last interaction or (b) the period required by applicable law, even after the biometric data it authorized is deleted.

Partner-uploaded photos are retained per the Partner's agreement with us and may be removed when a Partner ends its relationship with the Service.

6. Security

We host biometric data and Partner photos in encrypted-at-rest cloud storage with access restricted to operational personnel. Reference photos, any enrollment clips, and Partner photos are not publicly accessible; URLs delivered to your browser are short-lived, signed URLs scoped to your session. Production access is limited and audited. No system is perfectly secure; we recommend you keep access to your email account secure and your devices up to date.

7. Your privacy rights

You have the following rights with respect to your information:

  • Access. Request a copy of the personal information we hold about you.
  • Correction. Update your profile and your children's details from your account settings.
  • Deletion. Delete your account and your enrolled children's biometric data at any time from the account settings page.
  • Consent withdrawal. Withdraw biometric consent for yourself or any child you enrolled at any time; we will permanently delete the relevant templates and crops.
  • Notification preferences. Disable match emails, add or remove additional recipients, and change other settings from your account.
  • California, Colorado, Virginia, and other state-law rights. Where applicable state privacy law gives you additional rights (e.g., to know, to delete, to correct, to opt out of certain processing, and to non-discrimination for exercising rights), you may exercise them by contacting privacy@photoenroll.com.

To exercise these rights, use your account settings or email privacy@photoenroll.com. We may need to verify your identity before acting on certain requests, particularly those involving deletion or access.

8. Children's information (COPPA)

PhotoEnroll knowingly collects and processes information about children under 13 only with the verifiable consent of a parent or legal guardian. Children do not have accounts and do not interact with the Service directly. See our Notice to Parents (COPPA + biometric data) for the disclosures, consent mechanism, and parental rights specific to children's data.

9. International users

PhotoEnroll is operated from the United States and our service providers process data in the United States. If you access the Service from outside the United States, you understand that your information will be processed in the United States, which may have different data protection rules than your country.

10. Cookies and similar technologies

We use a small number of cookies and similar technologies to keep you signed in, to remember your preferences, and to operate authentication and payment flows. We do not use third-party advertising cookies on the Service.

11. Changes to this Policy

We may update this Privacy Policy from time to time. The “Last updated” date at the top reflects the most recent change. For material changes we will notify registered users by email. Where applicable law requires renewed affirmative consent — including for changes to biometric processing — we will request it before applying the change.

12. Contact

Unleavened LLC, d/b/a PhotoEnroll.com
138 Main Street, #1020
East Rockaway, NY 11518
Email: privacy@photoenroll.com