Privacy Policy
Last updated: March 16, 2026
1. Introduction
This Privacy Policy explains how Innova.uno Sp. z o.o., a Polish limited liability company ("Innova.uno Sp. z o.o.," "we," "us," or "our"), operating the service known as BoothApps.ai, collects, uses, stores, and protects personal data.
BoothApps.ai is a B2B platform that provides AI-powered photo transformation workflows to photo booth operators ("Customers"). Our Customers use these workflows at events to transform guest photos into AI-generated images, videos, and documents, which are then delivered to event attendees ("Guests").
This Privacy Policy applies to:
- Customers (booth operators) who register for and use BoothApps.ai
- Guests (event attendees) whose photos are processed and who may receive content via SMS
- Affiliates who participate in our referral program
- Website visitors who browse boothapps.ai
Data Controller: Innova.uno Sp. z o.o., Byslawska 84, 04-993 Warsaw, Poland, Registration number: KRS 0000417704, VAT ID: PL5213629718, Email: hello@boothapps.ai
Data Protection Officer: Based on an assessment under Article 37 GDPR, the appointment of a Data Protection Officer is not required for our organization. For data protection inquiries, contact us at hello@boothapps.ai.
2. Data We Collect
2.1 From Customers (Booth Operators)
We collect the following data when you create an account and use our service:
| Data | Purpose | Required? |
|---|---|---|
| Email address | Account login, notifications | Yes |
| Password | Account authentication (stored hashed) | Yes |
| Display name | Account identification | No |
| Phone number | Usage alert SMS notifications | Yes |
| Company name | Account profile | No |
| Country | Account profile, compliance | No |
Fields marked as required are necessary to create and operate your account. If you do not provide required data, you will not be able to register or use the service. Optional fields enhance your experience but are not necessary for core functionality.
When you purchase a workflow, we also collect:
| Data | Purpose | Required? |
|---|---|---|
| Event name | Purchase identification | Yes |
| Event date | Purchase scheduling | Yes |
| Expected number of guests | Capacity planning | Yes |
| Company logo | Workflow customization | No |
Payment data: All payments are processed by Paddle.com Market Limited, which acts as our Merchant of Record. Paddle collects and processes your payment method, billing address, and tax information directly. We do not store credit card numbers, bank details, or full billing addresses. We only store Paddle-assigned identifiers (customer ID, transaction ID, invoice number) to link your purchases to your account.
2.2 From Event Guests
We process Guest data on behalf of our Customers (booth operators). In this context, the Customer is the data controller for Guest data, and BoothApps.ai acts as a data processor. Guest data is received from the booth operator's software, which submits photos and phone numbers to our processing system via webhook API.
| Data | Purpose | How handled |
|---|---|---|
| Photos | AI transformation processing | Processed by third-party AI providers; originals retained in execution logs for up to 7 days, then deleted |
| Phone number | SMS delivery of photo/video links | Used for one-time message delivery; retained in execution logs for up to 7 days, then deleted |
| IP address | Security and audit logging | Logged in callback records |
| Survey responses and personal characteristics | AI-generated report/content creation | Responses to interactive surveys (e.g., preferences, hobbies, interests) used as input for AI content generation; retained in execution logs for up to 7 days, then deleted |
| Gender | Workflow customization (e.g., gender-appropriate styling) | Either provided by the Guest via a selection screen on the booth, or inferred automatically via facial analysis (see Section 10); not stored permanently; retained in execution logs for up to 7 days, then deleted |
| Physical characteristics (e.g., skin tone, eye color, face shape) | AI-generated personalized analysis (e.g., color analysis reports) | Derived via AI image analysis where the workflow requires it (see Section 10); not stored permanently; retained in execution logs for up to 7 days, then deleted |
Guest photos: Original photos are submitted by the booth software to our processing system. They are sent to third-party AI providers for transformation. Only the AI-generated output (transformed image, video, or document) is stored permanently (for up to 1 year). Original photos and all processing data (including phone numbers) are retained in workflow execution logs for up to 7 days for debugging purposes, after which they are automatically deleted.
Guest phone numbers: When SMS delivery is used, the phone number is passed to Twilio for a single message delivery. BoothApps.ai does not maintain a permanent database of Guest phone numbers. Phone numbers may be temporarily present in workflow execution logs (retained for up to 7 days) before automatic deletion.
2.3 From Affiliates
If you join our affiliate referral program, we collect:
| Data | Purpose |
|---|---|
| Name and email | Affiliate identification and communication |
| Payment information (PayPal email or bank details) | Commission payouts |
| Coupon code | Referral tracking |
We also collect the following data from referral clicks:
| Data | Purpose |
|---|---|
| IP address hash (anonymized) | Fraud prevention and duplicate detection |
| Browser user agent | Analytics and fraud prevention |
| Referrer URL | Attribution tracking |
| Landing page | Campaign performance |
2.4 Usage Data
We automatically collect the following data as part of operating the service:
| Data | Purpose |
|---|---|
| Transformation counts and timestamps | Usage tracking and billing |
| Processing callback logs (status, processing time, input hash) | Audit trail and service monitoring |
| Webhook event logs | Ensuring reliable event processing (idempotency) |
| Usage notification timestamps | Preventing duplicate alerts |
2.5 Automatically Collected Data
| Data | Purpose |
|---|---|
| Authentication cookies | Maintaining your login session |
| Error tracking data | Service reliability monitoring (see Section 7) |
3. How We Use Your Data
We use the data we collect for the following purposes:
- Service delivery: Processing AI photo transformations, generating personalized reports from survey responses, delivering outputs to Guests, managing your account and purchases
- Payment processing: Facilitating purchases and top-ups through Paddle
- Communications: Sending purchase confirmations, activation notifications, usage alerts (email and SMS), and service announcements
- SMS delivery: Sending one-time messages to Guests containing links to their AI-generated content
- Affiliate program: Tracking referrals, calculating commissions, and processing payouts
- Service monitoring: Tracking errors, monitoring performance, and ensuring service reliability
- Security: Preventing fraud, abuse, and unauthorized access to our systems
- Analytics: Understanding how our website and service are used to improve the experience
4. Legal Basis for Processing (GDPR)
We process personal data under the following legal bases as defined in Article 6 of the General Data Protection Regulation (GDPR):
| Legal Basis | Processing Activities |
|---|---|
| Contract performance (Art. 6(1)(b)) | Account creation, service delivery, payment processing, purchase management, affiliate program participation |
| Legitimate interest (Art. 6(1)(f)) | Error tracking and performance monitoring (to ensure service reliability and diagnose issues affecting users), security monitoring and fraud prevention (to protect the service and users from unauthorized access and abuse), website analytics (to understand usage patterns and improve the service), affiliate click tracking (to prevent referral fraud and ensure accurate attribution) |
| Legal obligation (Art. 6(1)(c)) | Retention of purchase and tax records as required by Polish and EU law |
| Consent (Art. 6(1)(a)) | Marketing communications (if applicable) |
Guest data: We process Guest data (photos, phone numbers) as a data processor under Article 28 GDPR, acting on behalf of the Customer (booth operator) who is the data controller. The Customer is responsible for establishing a lawful basis for collecting Guest data, including obtaining any necessary consent for SMS delivery.
A Data Processing Agreement (DPA) governing the processing of Guest data is available at https://boothapps.ai/legal/dpa and is accepted by Customers during account registration.
5. Third-Party Services
We share personal data with the following third-party services as necessary to operate BoothApps.ai:
5.1 Infrastructure & Hosting
| Service | Provider | Purpose | Data Location |
|---|---|---|---|
| Vercel | Vercel Inc. (US) | Web application hosting and CDN | Global (edge network) |
| Supabase | Supabase Inc. (US) | User authentication and database | EU (Frankfurt region) |
| Cloudflare R2 | Cloudflare Inc. (US) | Storage of AI-generated outputs and logos | EU (automatic nearest data center) |
5.2 Payment
| Service | Provider | Purpose | Data Location |
|---|---|---|---|
| Paddle | Paddle.com Market Limited (UK) | Payment processing, tax compliance, invoicing | UK/EU |
Paddle acts as the Merchant of Record and is a separate data controller for payment and billing data. See Paddle's Privacy Policy for details.
5.3 Communications
| Service | Provider | Purpose | Data Location |
|---|---|---|---|
| Twilio | Twilio Inc. (US) | SMS delivery to Guests and Customers | US |
| Resend | Resend Inc. (US) | Transactional email delivery | US |
5.4 Workflow Processing
| Service | Provider | Purpose | Data Location |
|---|---|---|---|
| Proprietary workflow engine (self-hosted) | Operated by Innova.uno Sp. z o.o. on Vultr Holdings LLC infrastructure | AI workflow orchestration and photo processing | EU (Vultr VPS, Frankfurt) |
| AWS Rekognition | Amazon Web Services Inc. (US) | Facial analysis for gender detection (used in some workflows) | US/EU (depending on AWS region) |
| Third-party AI providers | Various providers | AI image and video transformation | Various (see below) |
Guest photos are processed through our proprietary workflow engine, hosted on EU-based infrastructure, which orchestrates calls to third-party AI providers. These providers may process data in various jurisdictions, including but not limited to the US, EU, and other regions. We select providers based on quality, reliability, and speed, and we rely on their published data processing terms and privacy policies. These providers process the images to generate the transformed output and do not retain the original photos beyond the processing session. Original photos are deleted at the end of each workflow execution. We may change AI providers over time to ensure the best quality and reliability.
Workflow execution data: Our proprietary workflow engine temporarily retains execution logs that may include input photos, phone numbers, and processing metadata for debugging and quality assurance purposes. This execution data is automatically pruned after 7 days.
5.5 Monitoring
| Service | Provider | Purpose | Data Location |
|---|---|---|---|
| GlitchTip (self-hosted) | Operated by Innova.uno Sp. z o.o. | Error tracking and performance monitoring | EU (self-hosted server) |
Our error tracking system captures user identifiers and error context to help diagnose issues. Authorization headers and cookies are automatically redacted before data is stored. Our client-side error tracking uses a proxy tunnel endpoint to ensure error reports are captured reliably.
5.6 Feedback
| Service | Provider | Purpose | Data Location |
|---|---|---|---|
| Fider (self-hosted) | Operated by Innova.uno Sp. z o.o. | User feedback and feature requests | EU (self-hosted server) |
6. SMS Communications
BoothApps.ai uses SMS in two contexts:
6.1 Guest Content Delivery
When an event Guest provides their phone number at a photo booth (either by selecting SMS delivery or as part of the booth workflow), we send a single, one-time SMS containing a link to their AI-generated content (image, video, or report).
- Messages are transactional and one-time — we do not send follow-up or marketing messages to Guests
- Guest phone numbers are not stored in our database — they are used only for the single message delivery
- Messages are sent via Twilio and may be delivered to international numbers depending on the event and Guest location
- Twilio's carrier-level STOP keyword handling is active — if a Guest replies STOP, Twilio will automatically prevent future messages to that number from our service
6.2 Customer Usage Alerts
We send SMS notifications to Customers (booth operators) at critical usage thresholds (95% and 100% of their transformation limit) to prevent service interruption during events. Customers provide their phone number during registration and can update it in their account settings.
7. Error Tracking
We use a self-hosted error tracking system (GlitchTip, compatible with the Sentry protocol) to monitor service reliability. When an error occurs, the following data may be captured:
- User ID and email address (for identifying affected users)
- Error details, stack traces, and request context
- Performance metrics (sampled at 10% of requests in production)
Privacy safeguards:
- Authorization headers and cookies are automatically redacted before storage
- Our client-side error tracking uses a tunnel endpoint to ensure errors are captured reliably
- Error data is stored on our self-hosted infrastructure
8. Data Retention
| Data Category | Retention Period |
|---|---|
| Customer account data | Retained while the account is active; deleted upon account deletion request |
| Purchase records | 5 years after the end of the fiscal year in which the transaction occurred, as required by Polish accounting law |
| AI-generated outputs (images, videos, documents) | Automatically deleted 1 year (365 days) after creation |
| Original Guest photos | Deleted after AI processing; retained in workflow execution logs for up to 7 days |
| Guest phone numbers and survey responses | Not stored permanently; retained in workflow execution logs for up to 7 days |
| Workflow execution logs | Automatically pruned after 7 days |
| Usage and callback logs | Retained for the lifetime of the associated purchase |
| Affiliate data | Retained while the affiliate relationship is active and until all commissions are settled |
| Affiliate click data | Retained for the lifetime of the affiliate program |
| Customer logos | Retained for the lifetime of the associated purchase; deleted with purchase data |
| Error tracking data | 90 days |
9. Data Security
We implement appropriate technical and organizational measures to protect personal data:
- Encryption in transit: All data is transmitted over HTTPS/TLS
- Password security: Passwords are hashed using industry-standard algorithms (managed by Supabase Auth)
- Database security: All database tables are protected by Row Level Security (RLS) policies, ensuring users can only access their own data
- Payment security: No payment card data is stored on our systems — all payment processing is handled by Paddle
- API security: Rate limiting is applied to API endpoints to prevent abuse
- Error tracking: Personally identifiable information is scrubbed from error reports (authorization headers, cookies)
- Access control: Administrative access is restricted to authorized personnel
10. Automated Processing
BoothApps.ai uses artificial intelligence to transform Guest photos into stylized images, videos, and documents. This processing is fully automated — photos are submitted to AI providers, transformed, and the outputs are returned without human review.
Depending on the workflow, the following types of automated analysis may be performed on Guest photos:
- Gender detection: Some workflows require gender information to customize the output. This may be obtained via (a) a selection screen on the booth provided by the booth operator, or (b) automated facial analysis performed by a third-party service (such as AWS Rekognition). The booth operator configures which method is used.
- Facial characteristic analysis: Some workflows (e.g., personal color analysis) use AI image analysis (such as OpenAI) to derive physical characteristics from the Guest's photo — including skin tone, eye color, hair color, face shape, and facial landmarks. These characteristics are used as input to generate a personalized report or recommendation. The AI does not identify who the person is — it describes visual attributes to produce creative or advisory content.
In all cases, the derived data (gender, physical characteristics) is not stored permanently — it is used only during the workflow execution and retained in execution logs for up to 7 days.
This automated processing does not produce decisions with legal or similarly significant effects on Guests. The purpose is solely to generate creative visual content and personalized reports as requested by the Customer (booth operator). No profiling, scoring, or decision-making about individuals takes place. The AI analysis describes physical attributes for creative purposes — it does not identify, authenticate, or make judgments about individuals.
11. Cookies and Tracking
This section applies in accordance with the General Data Protection Regulation (GDPR, EU 2016/679) and the ePrivacy Directive (Directive 2002/58/EC).
11.1 Essential Cookies
We use essential cookies for authentication and session management. These cookies are strictly necessary for the service to function and do not require consent.
| Cookie | Purpose | Duration |
|---|---|---|
| Supabase auth tokens | Maintaining your login session | Session / refresh token expiry |
11.2 Affiliate Tracking
If you arrive at our website via an affiliate referral link, we store the referral code in your browser's local storage for attribution purposes. This data is used to credit the referring affiliate and is retained for 30 days. You can remove this data at any time by clearing your browser's local storage.
11.3 No Marketing Cookies
We do not use marketing, advertising, or cross-site tracking cookies.
12. International Data Transfers
Our core infrastructure (database, workflow processing, file storage) is hosted within the European Union. However, some of our third-party service providers are located outside the European Economic Area (EEA). When personal data is transferred outside the EEA, we ensure appropriate safeguards are in place:
- Standard Contractual Clauses (SCCs): We rely on EU-approved Standard Contractual Clauses with our US-based processors (Twilio, Resend, Vercel, AWS)
- Adequacy decisions: Where applicable, we rely on adequacy decisions by the European Commission (e.g., for UK transfers via Paddle)
- Third-party AI providers: Guest photos are sent to third-party AI providers for transformation. These providers may process data in various jurisdictions, including the US and other regions. We rely on each provider's published data processing agreements and privacy commitments. As AI providers may change over time, we ensure that any provider we use maintains appropriate data protection commitments.
Paddle, as Merchant of Record, independently ensures compliance with international data transfer requirements for payment data.
The data processing agreements and transfer safeguards of our key processors are publicly available:
You may also request a copy of the transfer safeguards we rely on by contacting us at hello@boothapps.ai.
13. Children's Data
BoothApps.ai is a B2B service provided to business customers (photo booth operators). We do not knowingly collect personal data directly from children.
Guest data, which may include photos of minors taken at events, is processed on behalf of the Customer (booth operator) who acts as the data controller. The Customer is responsible for ensuring appropriate consent and legal basis for processing any Guest data, including data relating to minors.
14. Your Rights
Under the GDPR, you have the following rights regarding your personal data:
| Right | Description |
|---|---|
| Access | Request a copy of the personal data we hold about you |
| Rectification | Request correction of inaccurate data (you can also update your profile directly in your account settings) |
| Erasure | Request deletion of your personal data, subject to legal retention obligations |
| Restriction | Request that we limit how we process your data |
| Portability | Request your data in a structured, machine-readable format |
| Objection | Object to processing based on legitimate interest |
| Withdraw consent | Where processing is based on consent, you may withdraw it at any time |
How to Exercise Your Rights
To exercise any of these rights, contact us at hello@boothapps.ai. We will respond to your request within 30 days, as required by GDPR.
Account deletion: You may request complete deletion of your account and all associated data. This will remove your profile, purchase records (subject to legal retention requirements for accounting purposes), uploaded logos, and AI-generated outputs. Account deletion can be initiated from your account settings or by contacting us at the email above.
Supervisory Authority
If you believe your data protection rights have been violated, you have the right to lodge a complaint with a supervisory authority. As our company is established in Poland, the lead supervisory authority is:
UODO (Urząd Ochrony Danych Osobowych) ul. Stawki 2, 00-193 Warszawa, Poland Website: https://uodo.gov.pl
You may also lodge a complaint with the data protection authority in your own EU/EEA member state of residence or place of work (Art. 77 GDPR).
Event Guests
If you are an event Guest and wish to exercise your data rights regarding photos or other data collected at a photo booth, please contact the booth operator (the event organizer or photo booth company) who is the data controller for your data. If you need assistance identifying the controller, you may contact us at hello@boothapps.ai and we will direct you to the appropriate party.
15. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. If we make material changes, we will notify registered Customers via email.
The "Last updated" date at the top of this policy indicates when it was last revised. We encourage you to review this policy periodically.
16. Contact Us
If you have questions about this Privacy Policy or our data practices, contact us at:
Innova.uno Sp. z o.o., Byslawska 84, 04-993 Warsaw, Poland, Email: hello@boothapps.ai