You (the venue) are the data controller for customer photos taken at your booth. BoothFunnel is the data processor. [Specify joint-controller scenarios if any.]
Subject matter: photos and optional contact info collected by venue customers at the booth.
Duration: rolling 90 days (default) unless changed by the operator.
Nature and purpose: capture, branding overlay, share at customer's option, analytics aggregation for the operator.
Data subjects: venue customers who interact with the booth.
Categories of data: images of identifiable individuals; optional phone numbers / email addresses when shared.
Encryption in transit, encryption at rest, access controls, incident response plan, vendor due diligence. [List exact controls — SOC 2 status if you have it, etc.]
Stripe (payment processing for the operator), our cloud provider (storage, compute), our shipping partner (hardware fulfillment). Updated list maintained at boothfunnel.com/legal/subprocessors. [Add the list page if/when you launch with this commitment.]
We notify affected operators within 72 hours of becoming aware of a personal data breach. [Confirm with counsel — adjust to law.]
On cancellation, customer photos are deleted within 30 days. Operator data is retained 12 months for billing dispute resolution then deleted. [Confirm.]
dpo@boothfunnel.com