Privacy Policy

Here to view our Privacy Policy & Terms before agreeing to them? Head to nowcandid.com/terms-of-use to view our Terms of Use or read on to learn more about our Privacy Policy.

Candid Color Systems, Inc. ("CCS", “NowCandid”, “we”, “us” or “our”) respects your privacy. When it comes to your personal information, we believe in transparency, not surprises. That’s why we’ve set out here what personal information we collect, what we do with it, and your choices and rights. By using any of our services, you confirm you have read and understood this Privacy Policy.

• Some key terms
• How does this Privacy Policy apply?
• Personal information we collect
• How we collect personal information
• How we use your personal information
• How we share your personal information
• Your rights and choices
• How we protect your personal information
• How we retain your personal information
• End Users’ personal information
• Updates to this Privacy Policy

1. Some key terms

In our Privacy Policy, when we refer to “Users”, we mean our customers who use the websites and services of Candid Color Systems, Inc. For example, Users may refer to individuals using NowCandid services for their photography business. The users, visitors, and customers of our Users’ Events are “End Users”. For example, End Users may refer to individuals that have their photo and contact info collected by a User or anyone working on behalf of a User, and/or individuals shopping or browsing on NowCandid-facilitated retail or informative websites. “NowCandid services” refers to all of the functionalities and services of NowCandid and Candid Color Systems, Inc., (and our Third Party Service providers) including but not limited to: event creation, tablet and app usage, online registration, online selfie check-in, online retail, face matching services, image hosting, account management, and more.

2. How does this Privacy Policy apply?

This Privacy Policy describes what we do with personal information that we collect and use for our own purposes (i.e., where we are a controller), such as your account information and information about how you use and interact with NowCandid services, including information you submit to our customer support as well as certain information relating to your End Users. This Privacy Policy does not apply to the personal information of our employees or job applicants (except to the extent employees or job applicants are Users). We use cookies and similar technologies. We also host and process User Content on behalf of our Users.

If you are an End User of one of our User’s Events and want to know how a User handles your information, you should check with the User, if applicable. If you want to know about what we do (or don't do) with your information on behalf of the User, read on.

3. Personal information we collect

We collect various personal information regarding you or your device(s). This includes the following:

• Information you provide to create a NowCandid account, specifically email address, first name, and last name. To receive payments from NowCandid, banking information must be provided during account creation. If you wish to use QuicPics or similar programs or features, we also receive your payment information.
• The emails and other communications that you send us or otherwise contribute, such as customer support inquiries.
• Information you share with us in connection with surveys, contests, or promotions.
• Information from your use of NowCandid services or Users’ Events. This includes IP addresses, preferences, web pages you visited prior to coming to the retail site for a Users' Event, information about your browser, network, or device (such as browser type and version, operating system, internet service provider, preference settings, unique device IDs and language and other regional settings), information about how you interact with NowCandid services and our Users’ Events (such as timestamps, clicks, scrolling, browsing times, searches, transactions, referral pages, load times, and problems you may encounter, such as loading errors).
• Other information you submit to us directly.

4. How we collect personal information

We obtain personal information from various sources. We do this in three main ways:

• You provide some of it directly (such as by creating a NowCandid account).
• We record some of it automatically when you use NowCandid services or Users’ Events (such as entering contact info via a tablet or a selfie check-in webpage).
• We receive some of it from third parties (like via an app store).

We’ve described this in more detail below.

a. Personal information you provide

When you use NowCandid services, we collect information from you in a number of ways. For instance, we ask you to provide your name and email address to register and manage your NowCandid account. We also maintain your marketing preferences and the emails and other communications that you send us or otherwise contribute, such as customer support inquiries. You might also provide us with information in other ways, including by responding to surveys, engaging with a User's NowCandid Event as an End User, submitting a form, or participating in contests or similar promotions.

Sometimes we require you to provide us with information for contractual or legal reasons. We’ll normally let you know when information is required, and the consequences of failing to provide it. If you do not provide personal information when requested, you may not be able to use NowCandid services if that information is necessary to provide you with the service or if we are legally required to collect it.

b. Personal information obtained from your use of NowCandid services

When you use NowCandid services, we collect information about your activity on and interaction with the services, such as your IP address(es), your device and browser type, the web page you visited before coming to our sites, what pages on our sites you visit and for how long and identifiers associated with your devices. If you’ve given us permission through your device settings, we may collect your location information via our apps.

If you are an End User of our Users’ events, we also get information about your interactions with their events, though we use this in anonymous, aggregated, or pseudonymized form which does not focus on you individually. We use this data to evaluate, provide, protect or improve NowCandid services (including by developing new products and services).

Some of this information is collected automatically using cookies and similar technologies when you use NowCandid services and our Users’ events. Some of this information is similarly collected automatically through your browser or from your device.

c. Personal information obtained from other sources

If you use a Third Party Service (such as using Stripe to receive payments) when using NowCandid services, the Third Party Service may provide us with your information on your behalf, such as your name and email address (we don’t collect or store passwords you use to access Third Party Services). Your privacy settings on the Third Party Service normally control what they share with us. Make sure you are comfortable with what they share by reviewing their privacy policies and, if necessary, modifying your privacy settings directly on the Third Party Service.

5. How we use your personal information

We use the personal information we obtain about you for the following purposes:

• Provision of NowCandid services - Create and manage your NowCandid account, process payments and respond to your inquiries.
• Communicating with you - Communicate with you, including by sending you emails about your transactions and NowCandid service-related announcements.
• Surveys and contests - Administer surveys, contests, and other promotions.
• Promotion - Promote NowCandid services and send you tailored marketing communications about products, services, offers, programs, and promotions of NowCandid and measure the success of those campaigns. For example, we may send different marketing communications to you based on your photography market or what we think may interest you based on other information we hold about you.
• Improving NowCandid services - Analyze and learn about how NowCandid services are accessed and used, evaluate and improve NowCandid’s services (including by developing new products and services and managing our communications) and monitor and measure the effectiveness of our advertising. We usually do this based on anonymous, pseudonymized or aggregated information which does not focus on you individually. For example, if we learn that most Users of NowCandid services use a particular program or feature, we might wish to expand on that program or feature.
• Security - Ensure the security and integrity of NowCandid services.
• Enforcement - Enforce our Privacy Policy and other legal terms and policies.
• Protection - Protect our and others’ interests, rights, and property (e.g., to protect our Users or End Users from abuse).
• Complying with law - Comply with applicable legal requirements, such as tax and other government regulations and industry standards, contracts, and law enforcement requests.

We process your personal information for the above purposes when:

• Consent - You have consented to the use of your personal information in a particular way.
• Performance of a contract - We need your personal information to provide you with services and products requested by you, or to respond to your inquiries. In other words, so we can perform our contract with you or take steps at your request before entering into one. For example, we need your email address so you can sign in to your NowCandid account.
• Legal obligation - We have a legal obligation to use your personal information, such as to comply with applicable tax and other government regulations or to comply with a court order or binding law enforcement request.
• Legitimate interests - We have a legitimate interest in using your personal information. In particular, we have a legitimate interest in the following cases:
  - To operate the NowCandid business and provide you with tailored communications to develop and promote our business.
  - To analyze and improve the safety and security of NowCandid services - we do this as it is necessary to pursue our legitimate interests in ensuring NowCandid is secure, such as by implementing and enhancing security measures and protections and protecting against fraud, spam, and abuse.
  - To provide and improve NowCandid services, including any personalized services - we do this as it is necessary to pursue our legitimate interests of providing an innovative offering to our Users on a sustained basis.
  - To comply with a court order or binding law enforcement request.
  - To anonymize and subsequently use anonymized information.

• Protecting you and others - To protect your vital interests or those of others.
• Others’ legitimate interests - Where necessary for the purposes of a third party’s legitimate interests, such as our Users who have a legitimate interest in having their events function properly and securely and analyzing the usage of their events so they can understand trends and improve their services.

6. How we share your personal information

We share personal information in the following ways:

• Users - We share with our Users the contact information submitted by End Users of their Events. For example, we provide a User with all contact information submitted via the selfie check-in tool, including the selfie.
• Process payments - We transmit your personal information via an encrypted connection to our payment processor.
• Following the law or protecting rights and interests - We disclose your personal information if we determine that such disclosure is reasonably necessary to comply with the law, protect our or others’ rights, property or interests (such as enforcing our Privacy Policy) or prevent fraud or abuse of NowCandid or our Users or End Users. In particular, we may disclose your personal information in response to lawful requests by public authorities, such as to meet national security or law enforcement requirements.
• Business transfers - If we're involved in a reorganization, merger, acquisition, or sale of some or all of our assets, your personal information may be transferred as part of that deal or the negotiation of contemplated deals. (Note: We do not store biometric information, as such it will never be listed as an asset, sold, etc.)

7. Your rights and choices

Where applicable law requires (and subject to any relevant exceptions under law), you may have the right to access, update, change or delete personal information.

You can access, update, change or delete personal information (or that of your End Users) either directly in your Account or by contacting us at ccssupport@candid.com to request the required changes. You can exercise your other rights (including deleting your Account) by contacting us via the same email address. Please note that we may need to verify your identity in connection with your requests, and such a verification process may, if you do not have access to your Account, require you to provide us with additional information (e.g., government identification). Even if you have access to your Account, we may request additional information if we believe it’s necessary to verify your identity. If we are unable to verify your identity or request, we may not, in accordance with applicable law, be able to fulfill your request.

Please note that, for technical reasons, there may be a delay in deleting your personal information from our systems when you ask us to delete it. We also will retain personal information in order to comply with the law, protect our and others’ rights, resolve disputes or enforce our legal terms or policies, to the extent permitted under applicable law.

You may have the right to restrict or object to the processing of your personal information or to exercise a right to data portability under applicable law. You also may have the right to lodge a complaint with a competent supervisory authority, subject to applicable law.

8. How we protect your personal information

While no service is completely secure, we have staff dedicated to keeping personal information safe. We maintain administrative, technical, and physical safeguards that are intended to appropriately protect against accidental or unlawful destruction, accidental loss, unauthorized alteration, unauthorized disclosure or access, misuse, and any other unlawful form of processing of the personal information in our possession. We employ security measures such as using firewalls to protect against intruders, building redundancies throughout our network (so that if one server goes down, another can cover for it), and testing for and protecting against network vulnerabilities.

9. How we retain your personal information

We retain personal information regarding you or your use of NowCandid services for as long as your Account is active or for as long as needed to provide you or our Users with NowCandid services. We also retain personal information for as long as necessary to achieve the purposes described in this Privacy Policy, for example, to comply with our legal obligations, to protect us in the event of disputes and to enforce our agreements, and to protect our and others’ interests.

The precise periods for which we keep your personal information vary depending on the nature of the information and why we need it. Factors we consider in determining these periods include the minimum required retention period prescribed by law or recommended as best practice, the period during which a claim can be made with respect to an agreement or other matter, whether the personal information has been aggregated, or pseudonymized, and other relevant criteria. For example, the period we keep your email address is connected to how long your Account is active, while the period for which we keep a support message is based on how long has passed since the last submission in the thread.

As Users may have a seasonal business or come back to us after an Account becomes inactive, we don’t immediately delete your personal information when your account becomes inactive. Instead, we keep your personal information for a reasonable period of time, so it will be there for you if you come back.

You may delete your Account by contacting us at ccssupport@candid.com and NowCandid will delete the personal information it holds about you (unless we need to retain it for the purposes set out in this Privacy Policy).

Please note that in the course of providing NowCandid services, we collect and maintain aggregated, anonymized or de-personalized information which we may retain indefinitely.

10. End Users’ personal information

Our Users who have created an event using NowCandid are responsible for what they do with the personal information they collect, directly or through NowCandid, about their End Users. This Section 10 and following Section 11 are directed to such Users.

If you’re one of our Users, you will collect personal information about your End Users. For example, using selfie check-in you will ask your End Users to provide their name, email address, and cell phone number so that you can send them their image gallery.

Users are solely responsible for complying with any laws and regulations that apply to their collection and use of End Users’ information, including personal information they collect about End Users using NowCandid, or using NowCandid services.

Users must publish their own privacy policies and comply with them. We’re not liable for Users' relationship with End Users or how they collect and use personal information about End Users (even if they collect personal information using NowCandid's tools, services, or functionalities) and we won’t provide Users or End Users with any legal advice regarding such matters.

We are also not liable for how Users use any contact information they have collected from End Users or other individuals using means outside of the data collection systems we provide. If Users use independently gathered or acquired contact information with our system, it is the Users' responsibility to ensure they have permission to market to the End Users and other individuals to which that contact information belongs.

We do not keep or store any User or End User biometric information regarding photo content for photos uploaded to NowCandid. Any face matching that takes place is our face matching software provider simply pairing photos based on similarity within a single Event, with no information such as assumed age, gender, race, hair color, or anything similar being collected. In addition, no face matching is done at a service level, account level, or any level besides Event level.

An End User's face is briefly 'used' by our face matching software provider in a non-storage process, but biometric information is not viewed, stored, retained, or otherwise kept by NowCandid or Candid Color Systems, Inc. Our face match software provider does not use any face information to 'identify' any people in photos, it simply pairs faces together and does not collect or store biometric information or provide it to NowCandid or any other party.

Once our face matching software provider has grouped images together by face (without any regard for the identity of those in the photo) that information is deleted by the face matching software provider. NowCandid and Candid Color Systems, Inc. do not have the information and are thus, unable to delete it. The face matching software provider may utilize images for repeated non-storage face matching processes for up to 100 hours after the start time of a User's NowCandid Event (and only on Events where Face Matching is being used).

11. Updates to this Privacy Policy

We’ll update this Privacy Policy from time to time to reflect changes in technology, law, our business operations, or any other reason we determine is necessary or appropriate. When we make changes, we’ll update the “Last material changes” at the top of the Privacy Policy and post it on our site(s). If we make material changes to it or the ways we process personal information, we’ll notify you (by, for example, prominently posting a notice of the changes on our site(s) before they take effect or directly sending you a notification).

We encourage you to check back periodically to review this Privacy Policy for any changes since your last visit. This will help ensure you better understand your relationship with us, including the ways we process your personal information.