Selfish Software Ltd. - Privacy Policy
Last updated: January 24, 2026
SELFISH SOFTWARE LTD. - PRIVACY POLICY
Last Updated: January 24, 2026
This Privacy Policy describes how Selfish Software Ltd. ("Selfish," "we," "us," or "our") collects, uses, discloses, and protects your personal data when you use our facial recognition photo matching service (the "Service").
---
1. INTRODUCTION
1.1 About Selfish
Selfish Software Ltd. is a technology company registered in Israel that provides a cloud-based platform enabling event photographers and hosts to use facial recognition technology to help guests find their photos from events.
1.2 Scope
This Privacy Policy applies to our website, mobile applications, Event Host dashboard, Guest photo retrieval interface, and all related services.
1.3 Agreement
By creating an account, uploading content, or using any part of our Service, you agree to this Privacy Policy. If you do not agree, you must not use the Service.
---
2. ROLES AND RESPONSIBILITIES
2.1 Under GDPR and Similar Frameworks
- Event Host (Data Controller): When an Event Host uploads photos, they act as the Data Controller. They determine the purpose and means of processing and are solely responsible for ensuring they have a lawful basis to process personal data of individuals depicted in their photos.
- Selfish (Data Processor): Selfish acts as a Data Processor when processing photos and biometric data on behalf of Event Hosts. We process this data solely upon the documented instructions of the Event Host.
- Selfish (Data Controller): Selfish acts as a Data Controller for Event Host account information and platform operations.
- Guest (Data Subject): When a Guest uploads a selfie for matching, they provide explicit consent for Selfish to process their biometric data for the limited purpose of finding their photos from a specific event.
2.2 Lawful Basis for Processing
We process personal data based on:
- Consent: For Guest biometric data processing
- Contract Performance: For providing the Service to Event Hosts
- Legitimate Interests: For fraud prevention, security, and Service improvement
- Legal Obligation: For compliance with applicable laws
---
3. INFORMATION WE COLLECT
3.1 From Event Hosts
Account information (name, email), payment information, uploaded photos and videos, and usage data necessary for providing the Service.
3.2 From Guests
When a Guest uses the selfie-matching feature, we temporarily process their selfie image to create a biometric identifier for matching purposes. Guest selfies and biometric data are immediately and permanently deleted after the matching process.
3.3 Biometric Data
We collect biometric data in the form of facial geometry measurements used to create numerical identifiers ("faceprints") that enable photo matching. This data is processed using industry-standard security measures.
---
4. HOW WE USE YOUR DATA
4.1 Service Provision
We use collected data to:
4.2 Accuracy Limitations
Facial recognition technology is not 100% accurate. Users may experience false positives (incorrect matches) or false negatives (missed matches). Accuracy varies based on image quality, lighting, and other factors.
---
5. DATA RETENTION AND DESTRUCTION
5.1 Retention Schedule
- Guest Selfies and Temporary Faceprints: Immediately deleted after matching
- Event Biometric Index: Until event deletion by Host or maximum one (1) year
- Event Photos: Until Host deletion or maximum one (1) year
- Host Account Data: Duration of account plus 30 days after closure
5.2 Destruction Protocol
Biometric data is permanently destroyed when the initial purpose for collecting it has been satisfied. In no event shall biometric data be retained longer than three (3) years from the individual's last interaction with the Service.
---
6. DATA SHARING
6.1 No Sale of Data
We do not sell, lease, rent, or trade biometric data or any other personal data.
6.2 Service Providers
We share data with service providers (sub-processors) solely for providing the Service. All sub-processors are bound by data protection agreements requiring equivalent security and privacy protections.
6.3 Other Disclosures
We may disclose personal data to comply with legal obligations, protect our rights, or in connection with a business transaction (with notice).
---
7. INTERNATIONAL DATA TRANSFERS
Personal data may be transferred internationally. For transfers from the EEA/UK, we rely on Standard Contractual Clauses and implement appropriate safeguards including encryption.
---
8. YOUR RIGHTS
8.1 Under GDPR (EEA/UK Residents)
You have rights to access, rectification, erasure, restriction, portability, objection, and withdrawal of consent.
8.2 Under CCPA/CPRA (California Residents)
You have rights to know, delete, correct, opt-out, limit use of sensitive information, and non-discrimination.
8.3 Under BIPA (Illinois Residents)
See our AI & Biometric Data Policy for complete BIPA disclosures.
To exercise any rights, contact info@selfish-events.com. We will respond within 30 days or as required by applicable law.
---
9. DATA SECURITY
We implement industry-standard technical and organizational security measures to protect personal data, including encryption at rest and in transit, access controls, and secure infrastructure.
---
10. CHILDREN'S PRIVACY
Our Service is not directed at children under 13. Event Hosts warrant they will not upload photos of children under 13 without verifiable parental consent as required by COPPA.
---
11. CHANGES TO THIS POLICY
We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy and sending notice to registered Event Hosts.
---
12. CONTACT
Email: info@selfish-events.com
Selfish Software Ltd.
Israel