This is the privacy policy of Photobox Limited including affiliate brands operating under the names Photobox, Photobox SAS, monalbumphoto & bonusprint (hereinafter referred to as “we”, “us” and “our”).
In this privacy policy we inform our customers and visitors to our website (hereinafter referred to as “you”, “your” and “yours”) about the way we process and protect your personal data.
Among other things, in this privacy policy we explain who we are, how and for what purposes we process your personal data, and how you can exercise your data protection rights. You will also find further information in this privacy policy that may be relevant to you.
We have made every effort to provide you with this information in a clear and understandable manner. If you have any questions about our processing of your personal data after reading this privacy policy, please feel free to contact us using the contact details provided in section 10 of this policy.
This privacy policy may be changed from time to time. The current version will be published on our website. The last changes to this privacy policy were made in April 2024.
This privacy policy relates to the processing of the personal data of our customers and website visitors. It does not relate to the processing of personal data of applicants, employees and contractual partners who work for Photobox Limited. Special privacy policies have been written for these groups of people. If you interact with us and we identify you as an individual falling into one of these categories, we will provide you with the relevant privacy policy.
Unless otherwise stated in this privacy policy or in any other specific privacy policy made available to you, the controller of your personal data is Photobox Limited and the affiliated company specified in the terms and conditions or terms of use on the website or mentioned in the mobile app in which you create your account and/or your photo product and/or place your order.
We are a company registered in England and Wales (registration number 03906401) trading as Photobox Limited; Our registered office address is Herbal House, 10 Back Hill, London, EC1R 5EN. We are registered as a data controller with the Information Commissioner's Office (registration number Z4768023). We are also registered in France under the name Photobox SAS; the address is 3 Allée des Primevères / 60440 Nanteuil-le-Haudouin / France.
If you want to create a photography product and save and temporarily store your projects, you must first create an account. To create an account, you will be required to provide your email address and set a password. In addition, you can add additional personal information to your account if you wish, such as: First and last name, gender, date of birth, address and company name.
Once your account is created, you can create personalized photo products using our photo editor (either on our website or by downloading our photo editor to your device). So that you can personalize your product, we process the photos that you upload via our website.
The processing of this personal data is carried out on the basis of a contract (more precisely, to take steps before entering into a contract with you) and on the basis of a legitimate interest. Ultimately, you will save time when placing an order if you enter additional personal information in your account. It is also in your interest to be able to save your projects in your own account so that you can edit them at your leisure before ordering.
Request an online version of your photo book and add your photo book to our Inspiration Gallery You have the option to request an online version of a photo book that you have ordered. You can send us your request via your account. The online version of a photo book can be shared via email and social media. It can also be embedded in a blog or website using a public link that we create for you. Although the photo book is not indexed by search engines such as Google, it can be viewed on the Internet by anyone who has the link. We process your photo book and its entire contents based on your consent.
Online versions of photo books can be included in the Inspiration Gallery on our websites. When you add your photo book to the gallery, it will be featured in the gallery on our websites as inspiration for others. Your first name will also be displayed with the photo book. We may also add tags (keywords) to show (potential) customers photo books that might be of interest to them. Please note that photo books in the Inspiration Gallery are indexed by search engines such as Google. We may also add individual pages from photo books to our promotional communications, such as newsletters and social media advertising, which are featured in the gallery. If we include your photo book in our gallery, we will ask for your consent.
If other people are depicted in the online version of your photo book, we rely on a legitimate interest to process their personal data (we refer to paragraph 5 of this data protection declaration in this regard). Please note: If such a person objects to the publication of their photo in the online version of your photo book, we are entitled to remove the photo book from our inspiration gallery immediately and without prior notice or to deactivate the public link.
Some countries allow customers of certain affiliate brands to use a service to organize and store photos. If you qualify, you can sign up for this service online through your account. This service allows you to store digital images that you upload via our website or mobile app. You can unsubscribe from the service at any time.
The processing of your photos in this regard is based on your consent or on the basis of a legitimate interest if other people are depicted in the stored photos (we refer to paragraph 5 of this data protection declaration in this regard).
We offer a mobile app for iOS and Android devices, which can be found in the Apple App Store and Google Play. With this app you can design our photo products on your mobile phone, tablet or laptop. To determine which country you are in and most likely want to order our photography products, we use either your country settings (if using an iOS device) or your IP address (if using an Android device).
To log in to the app, you must enter your account details. In addition to this information, we also process the photos that you upload to the app and use to design your photo products. The processing of this personal data is based on a contract and a legitimate interest. For more information, see the “Designing Photo Products” section. If you wish to purchase a product, it may be necessary to provide us with additional personal information so that we can process your payment and ship the product to the desired address. In this case you will be redirected to our website. Further information can be found in the “Order, pay and receive photo products” section.
If you would like to delete your account, you can do so using the “Delete my account” button on our website. You can also find the button in the app's settings menu. Additionally, if you would like to delete locally stored data in our app, such as photo thumbnails or account information, please delete the app from your iOS or Android device.
We process your personal data to create, print and deliver your photo products. This includes the photos you have uploaded, your order details, your contact details and your billing and delivery addresses. We rely on the performance of the contract we have with you to process this personal data.
If you would like to send your photo product to another person or third party and provide us with their contact and address details, we will rely on a legitimate interest to process this data. For more information, see Section 5.
If you choose to store a payment method with us, it will not be stored with us, but with a payment service provider contracted with us. The payment service provider that stores your data is obliged to comply with the Payment Card Industry Data Security Standard (PCI DSS). Please note: When using a saved payment method to pay for your order, certain techniques are used to ensure the security of your saved payment method details. For example, you will not be shown the full payment card number (usually all but the last four digits are hidden). In order to proceed with this payment method, you will also be required to provide certain information (e.g. a CV2 card verification number). To remove or change a saved payment method, please follow the instructions provided on the website or app.
We may also process your personal data for the purposes of customer service and to answer your questions. This includes us storing and recording all relevant information about your question, regardless of whether it was asked by telephone, chat or email. This may include your name, contact details, order number and financial information. If your contact request relates to an order you have previously placed with us, this processing is based on the performance of the contract we have entered into with you. In other cases, we rely on a legitimate interest when processing your personal data, which includes our and your interest in processing your question or other request as well and quickly as possible.
We may record the telephone conversations you have with our customer service team for training purposes. This includes all information exchanged during the conversation, but at least your name and contact information. This is based on our legitimate interest in ensuring that our high standards of service are maintained.
To ensure that our products and services meet the needs of our customers, we conduct analyzes about the use of our website and the sales of our goods and services. For this purpose, we may process data about your order history, your contact with customer service, your name, your contact details and the information collected on our website.
We may also send you marketing messages through various communication channels, such as email or SMS, which you can unsubscribe from at any time. We also use segment-based marketing and social media marketing, e.g. on Facebook and Instagram. We carry out these activities on the basis of a legitimate interest, including ensuring that our products and services meet the needs of our customers, and on the basis of consent where necessary. We would like to continue to inform you about discounts, special promotions and news. This takes place in the form of a newsletter. You will receive this newsletter if you have signed up for it or placed an order with us. If you no longer wish to receive the newsletter, you can unsubscribe by clicking on “Unsubscribe” at the end of the newsletter.
To ensure that our products and our website(s) meet our customers' expectations, we use various types of algorithms to automatically design products. To do this, we analyze photos that are uploaded to our systems for this purpose. By automatically designing products for customers, we can reduce the time required from months to minutes. We also use techniques to analyze project names entered by our customers to better understand customer needs. The use of these technologies has no legal or significant implications. The processing of personal data for these purposes is carried out on the basis of a contract (more precisely, to take steps before entering into a contract with you) and on the basis of a legitimate interest.
We collect information through the use of cookies and similar technologies. Cookies are small data files that can store and retrieve information about your visit to this website. This includes, for example, how you get to our website, how you navigate through our website and what content you are interested in. For more information about our use of cookies, please see our Cookie Policy on the website.
To comply with laws and regulations, we may process personal data such as your name, contact details and financial information. This may be the case, for example, if we have to comply with tax or business obligations. In order to comply with relevant laws and regulations, we may also need to share your personal information with government or regulatory authorities in certain circumstances.
When you use our Services, you may provide us with personal information about people other than yourself. This occurs if you upload or order photos that include people other than yourself, or if you enter other people's contact and address details during the ordering process because you would like to have a photo product delivered directly to them.
If you provide us with other people's personal data, we will rely on a legitimate interest to process that person's personal data. These interests include, among other things, your desire to be able to quickly and conveniently create a photo product that shows not only yourself, but also your friends, family, acquaintances and other people, as well as our business interest in offering these services to our customers . We take into account that in most cases it will be practically impossible or at least very difficult for us to identify the individual people in the photos. In addition, we do not process your photos for this purpose.
However, we urge you not to provide us with personal information from anyone who does not consent to this. We also ask you to inform these individuals, ask them to read this privacy policy, and obtain their consent before sharing their photos and other personal information with us.
Our employees are only authorized to access personal data to the extent necessary for the respective purpose and their work. All employees are obliged to keep their data confidential.
We do not pass on your personal data to third parties, except to subsidiaries and/or affiliates of Photobox Limited and to data processors who are contractually linked to us. This includes:
– payment service providers;
– manufacturers, wholesalers and retailers;
– delivery and parcel services;
– advertising and marketing service providers; and
– Cloud storage and software provider.
We will not share your personal information with other third parties without your consent unless:
– we have a legal obligation or right to do so (for example, as a result of a court order or to prevent or detect crime or fraud);
– We are negotiating with third parties to sell or purchase any of our businesses or assets. In this case, we may disclose your personal information to the prospective seller or buyer of such business or asset;
– a Photobox Limited affiliate company or all of Photobox Limited’s material assets are acquired by third parties or transferred to another company in the same group. In this case, one of the transferred assets will be the personal data of customers held by a Photobox Limited;
– we want to enforce or protect our rights, property and safety or those of our customers or others
Some of the above-mentioned contracting parties are located in countries outside the European Economic Area. If necessary, we will ensure that appropriate protective measures are taken, for example by concluding EU standard contractual clauses.
The protection of your personal data is important to us. Therefore, we have taken appropriate technical, physical and organizational measures to protect personal data from accidental or unlawful destruction or accidental loss, damage, alteration, unauthorized disclosure or access and any other form of unlawful processing (including, but not limited to, unnecessary data collection) or further processing. Examples include IT security policies, employee training and secure servers.
Your personal data will be retained for as long as necessary to fulfill the purposes set out in this privacy policy, including to meet any legal, accounting or reporting requirements. Please note that in some cases we are required by law to store your personal data according to certain retention periods.
In order to determine the appropriate retention period for your personal data, we will consider whether there is a legal retention period to which we are subject or whether retention is necessary taking into account our legal situation, the purposes for which your personal data was collected and processed and the amount, type and sensitivity of the personal data makes sense.
Under the EU General Data Protection Regulation (GDPR), you have a number of rights that you can exercise in relation to your personal data. These can include:
– the right to receive a copy of your personal data;
– the right to receive certain personal data in electronic format;
– the right to have inaccurate personal data corrected (you can correct most of your data yourself by logging into the profile section of your account);
– the right to request that processing be stopped or to object to processing in certain circumstances;
– the right to request deletion of data in certain circumstances; and
– the right to withdraw your consent at any time where it is the legal basis for our processing. Please note that revoking consent does not affect the lawfulness of the processing carried out based on consent before its revocation.
If you would like to exercise any of these rights, please contact us using the contact details below. Please note that we may ask for additional information to verify your identity before we can process your request. Please also note that we are not obligated to comply with your request in all circumstances.
If you have any questions or complaints regarding this privacy policy or the handling of your personal data, please first consult our FAQ. If your question is not answered there or you have further questions or complaints, please contact our customer service.
To have your data removed, please go to My Account (Account settings → Delete my account). See our FAQ for more detailed instructions. If you lost access to your account, but still want to delete your account, you can contact customer care via data-deletion@albelli.com
You also have the right to lodge a complaint with your local supervisory authority about the way we process your personal data. You can contact your local data protection authority. Please use the contact details on their website. If you have a complaint, we ask you to first contact our data protection officer. Please send an email to dpo@photobox.com.