Privacy Policy

The data controller within the meaning of the GDPR is the operator of FindAShoot.

Contact: privacy@findashoot.com

At registration: email address, password (hashed), display name, role (Model / Photographer / MUA).

In your profile (optional): stage name, bio, city, country, categories, photos, Instagram URL.

During use: messages (stored encrypted), booking inquiries, favorites, activity logs (login, logout, profile changes).

Identity verification (temporary): when verification is requested, a selfie and a photo of a valid identity document — retained solely for the duration of the verification process, then permanently deleted.

Support requests: subject, message, category, email address, name (for non-logged-in users), IP address and browser type.

Technical: IP address, browser type (for security and abuse prevention), session cookie.

Providing platform features (profile, search, messaging, booking inquiries).

Platform moderation and safety.

Communication for account requests, password reset, and notifications.

Legal obligations (e.g. upon request from authorities).

Art. 6(1)(b) GDPR — Contract performance: for all features necessary to use the platform.

Art. 6(1)(a) GDPR — Consent: for newsletter (if subscribed) and optional profile data.

Art. 6(1)(f) GDPR — Legitimate interests: for security monitoring and abuse prevention.

Art. 6(1)(c) GDPR — Legal obligation: upon request from authorities.

Uploaded photos are stored on our servers and are visible as part of your public profile.

By uploading, you confirm that you own all necessary rights to the images.

Photos can be deleted at any time from your dashboard. Changes to publicly visible photos are subject to admin review.

For identity verification, users may be asked to upload a selfie and a photo of a valid identity document.

This data is processed solely for verification purposes and is accessible only to authorised administrative staff.

The identity document images and selfie are permanently deleted as soon as the verification process is concluded (approved or rejected) — in any case within 7 business days of receipt.

No copy of this data is retained after the verification process is complete.

Private messages are stored encrypted (AES-256).

Messages are not actively monitored. The operator accesses messages only in the case of a user report, reasonable suspicion of abuse, or legal order.

Reported messages are stored in plaintext for moderation review.

We do not share personal data with third parties, except:

• email service provider (Resend) for transactional emails — solely for delivery,

• when required by law.

We do not sell data.

Account data is retained for as long as the account is active.

After account deletion, personal data is deleted within 30 days, unless a legal retention obligation applies.

Identity documents and selfies uploaded for verification are permanently deleted upon completion of the verification process (approval or rejection), within 7 business days.

Activity logs are automatically deleted after 12 months.

Reported content may be retained longer if legal proceedings are initiated.

You have the right to: access (Art. 15), rectification (Art. 16), erasure (Art. 17), restriction of processing (Art. 18), data portability (Art. 20), and objection (Art. 21 GDPR).

To exercise your rights, contact: privacy@findashoot.com

You have the right to lodge a complaint with the Austrian Data Protection Authority (dsb.gv.at).

You can submit inquiries via the contact form on our support page. We store the subject, message, category, your email address, as well as IP address and browser type.

If you are not logged in, your name and email address are additionally required.

This data is used solely to process your request and is not shared with third parties after the ticket is resolved.

Replies to your ticket are sent via email to the address on file.

We use only technically necessary cookies (session cookie for authentication).

No tracking, advertising, or analytics cookies are set.

No Google Analytics, Facebook Pixel, or similar tools are used.