Faces byHeadshotDC

Legal & Privacy

The terms and policies behind the Faces platform

Faces finds your photos from an event after you sign up with a selfie. It's run by Moshe Zusman Photography, LLC in Washington, DC. Face matching only happens if you say yes to it, we never sell your data, and you can delete everything whenever you want. These four documents spell all of that out.

Terms of Service

Version 1.0 · Effective July 15, 2026 · Moshe Zusman Photography, LLC

These Terms of Service ("Terms") govern your use of the Faces platform, including event registration pages, photo galleries, photo submission pages, and host portals (together, the "Service"). By registering for an event, uploading a photo or selfie, or accessing a gallery, you agree to these Terms and to our Privacy Policy and Biometric Data Consent & Retention Policy. If you do not agree, do not use the Service.

1. What the Service Does

Faces lets event guests receive a personal gallery of photos in which they appear. If you choose to register with a selfie, we use facial-recognition technology to match your face against photos taken at the event you registered for. Facial recognition is always optional and requires your explicit consent. You can attend any event without ever using the Service.

2. Eligibility and Minors

  • You must be at least 18 years old to create a registration for yourself.
  • A parent or legal guardian may register their own minor child for an event. By doing so, the parent or guardian represents that they hold parental authority over that child and consents, on the child's behalf, to the processing described in the Biometric Data Consent & Retention Policy. We rely on this representation.
  • You may not register any other person, living or otherwise, or upload a selfie of anyone other than yourself (or your own minor child, as above). Registering another adult without their knowledge and consent is a material breach of these Terms.
  • Minors under 13 may never self-register.

3. Your Content

  • Selfies. You grant us a limited, non-exclusive license to process the selfie you provide solely to (a) generate a facial template used to find your photos, and (b) display the selfie to event staff for verification and support. We do not use your selfie or facial data for advertising, profiling unrelated to the event, or training of our own or third-party AI models.
  • Submitted photos. If an event enables guest photo submission and you upload photos, you represent that you took them or have the right to share them, and you grant the event organizer and us a license to display them within that event's galleries. You must not upload unlawful, infringing, or explicit content; submissions are screened and may be rejected or removed without notice.
  • Event photos. Photos in galleries belong to the event organizer and/or its photographer. Your ability to view, download, or share them is a personal, non-transferable permission granted by the organizer, and may be limited or revoked by the organizer.

4. Your Choices and Controls

  • "Not me." You can remove any photo incorrectly matched to you directly in your gallery.
  • Deletion. You can request deletion of your registration, selfie, facial template, and matches at any time (see the Privacy Policy for how). Deletion is permanent.
  • Magic links. Gallery access links are personal to you. Keep them private; anyone with your link can view your matched photos.

5. Acceptable Use

You agree not to: (a) access another person's gallery or data without authorization; (b) probe, scan, or test the vulnerability of the Service; (c) scrape, harvest, or bulk-download content you are not entitled to; (d) upload malicious code; (e) use the Service to stalk, harass, or surveil any person; or (f) use the Service in violation of applicable law. We may suspend or terminate access for violations.

6. Intellectual Property

The Faces platform — including its software, design, matching pipeline, and know-how — is and remains the exclusive property of Moshe Zusman Photography, LLC. Event-specific branding belongs to the respective event organizer. Except for the limited rights expressly granted, no license or ownership is transferred to you.

7. Third-Party Services

The Service relies on vetted infrastructure providers (identified in the Privacy Policy) to store data and perform matching. We are not responsible for services you use to reach the Service (your email provider, device, or network).

8. Disclaimers

THE SERVICE IS PROVIDED "AS IS" AND "AS AVAILABLE." TO THE MAXIMUM EXTENT PERMITTED BY LAW, WE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT. FACIAL MATCHING IS PROBABILISTIC: WE DO NOT WARRANT THAT EVERY PHOTO OF YOU WILL BE FOUND OR THAT EVERY MATCH WILL BE CORRECT. THE SERVICE MAY BE MODIFIED, INTERRUPTED, OR DISCONTINUED AT ANY TIME.

9. Limitation of Liability

TO THE MAXIMUM EXTENT PERMITTED BY LAW: (A) WE WILL NOT BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES, OR ANY LOSS OF DATA, PROFITS, OR GOODWILL; AND (B) OUR TOTAL AGGREGATE LIABILITY ARISING OUT OF OR RELATING TO THE SERVICE WILL NOT EXCEED THE GREATER OF ONE HUNDRED U.S. DOLLARS (US $100) OR THE AMOUNT YOU PAID US FOR THE SERVICE IN THE TWELVE (12) MONTHS BEFORE THE CLAIM AROSE. SOME JURISDICTIONS DO NOT ALLOW CERTAIN LIMITATIONS, SO SOME OF THE ABOVE MAY NOT APPLY TO YOU; IN THAT CASE OUR LIABILITY IS LIMITED TO THE FULLEST EXTENT PERMITTED. NOTHING IN THESE TERMS LIMITS LIABILITY THAT CANNOT BE LIMITED BY LAW, INCLUDING LIABILITY FOR GROSS NEGLIGENCE, WILLFUL MISCONDUCT, OR FRAUD.

10. Indemnification

You will indemnify and hold us and the event organizer harmless from claims arising out of your breach of these Terms, including registering a person without authority to do so or uploading content you had no right to upload.

11. Dispute Resolution; Governing Law

These Terms are governed by the laws of the District of Columbia, without regard to conflict-of-law rules. Any dispute that cannot be resolved informally within thirty (30) days of written notice will be resolved by binding individual arbitration in Washington, DC, administered by the American Arbitration Association under its Consumer Arbitration Rules. You and we each waive the right to a jury trial and to participate in a class action. You may opt out of this arbitration provision by emailing us within 30 days of first accepting these Terms. Small-claims actions and requests for injunctive relief for IP or data misuse are excluded from arbitration.

12. Changes

We may update these Terms from time to time. The "Effective" date above reflects the latest version, and material changes will be posted at this page. Continued use after changes take effect constitutes acceptance.

13. Contact

Moshe Zusman Photography, LLC — Washington, DC Email: moshe@headshotdc.com (subject line "Faces Legal")

Privacy Policy

Version 1.0 · Effective July 15, 2026 · Moshe Zusman Photography, LLC

This policy explains what personal data the Faces platform collects, why, where it is stored, how long it is kept, and the rights you have over it, no matter where you live. It applies to all Faces surfaces: event registration ("join") pages, galleries, guest photo submission pages, and host portals. Facial data is additionally governed by our Biometric Data Consent & Retention Policy, which is part of this policy.

1. Who Is Responsible for Your Data

Faces operates events on behalf of event organizers (the company or person hosting your event). For most legal purposes the organizer is the data controller of its event's guest data, and Moshe Zusman Photography, LLC is the processor/service provider operating the platform under the organizer's instructions. For platform operations data (audit logs, security, service email delivery) we act as a controller. Questions about a specific event can be directed to the organizer or to us — we will route them correctly.

2. What We Collect

Data When Purpose
Name and email address You register for an event, or the organizer imports its guest roster Identify you, deliver your personal gallery link
Selfie (photo of your face) You choose to register with a selfie Create a facial template; verification and support
Facial template (a numerical representation of facial geometry — a "biometric identifier") Derived from your selfie and from faces detected in event photos Match your face to event photos. Collected only with your explicit consent.
Event photos and derived thumbnails The organizer's photographers upload them; guests may submit photos where enabled Operate the event gallery
Photo metadata (EXIF, e.g. time taken) and submitter name/email for guest submissions You submit a photo Sort photos into event days; attribute and moderate submissions
Technical/security data (IP-derived anti-bot verification, access logs, audit trail) You use the Service Security, abuse prevention, troubleshooting

We do not collect payment information from guests, do not use advertising trackers or cookies for advertising, and do not sell or share personal data for advertising or cross-context behavioral advertising. We do not use your data to train AI models.

3. How Facial Recognition Works Here

If you give explicit consent at registration (and only then), your selfie is converted into a facial template by Amazon Web Services ("AWS") Rekognition. Faces detected in event photos are converted the same way and compared against registered templates within your event only, or, where the organizer enables it, that organizer's related events. Matching never happens across unrelated organizers. Matching is probabilistic and you can remove any incorrect match ("Not me") yourself. Templates are numerical data; they are not images and cannot be reverse-engineered into a photo of you.

4. Legal Bases (GDPR / UK GDPR)

Where EU/EEA, UK, or Swiss law applies: facial templates are special-category biometric data processed on the basis of your explicit consent (Art. 9(2)(a) GDPR), which you may withdraw at any time with effect for the future. Name, email, and gallery delivery are processed for performance of a contract (Art. 6(1)(b)) and the organizer's or our legitimate interests (Art. 6(1)(f)) in operating the event; security processing is based on legitimate interests. Consent for a minor is given by the parent or legal guardian who registers the child.

5. Where Data Lives and Who Touches It (Subprocessors)

All data is stored in the United States (us-east-1 region). We use a small, fixed set of infrastructure providers under data processing agreements:

Provider Role
Amazon Web Services (Rekognition) Facial template creation and matching
Supabase (on AWS) Database, authentication, selfie storage
Cloudflare (Pages, R2, Turnstile) Web hosting, photo storage, anti-bot verification
Resend Transactional email (gallery links, notifications)

No one else receives your personal data, except: the event organizer (its own event's data), professional advisers, or authorities where the law compels disclosure. We never sell personal data and never disclose biometric data except to the processors above acting on our instructions.

6. International Transfers

If you register from outside the United States, your data is transferred to and processed in the United States. For transfers subject to GDPR/UK GDPR, we rely on our providers' Standard Contractual Clauses (and, where certified, the EU-U.S. Data Privacy Framework). You may request a copy of the relevant safeguards.

7. Retention

In plain terms: we keep data while the event gallery is active, and you can delete yours whenever you want.

  • Facial templates and selfies follow the schedule in the Biometric Data Consent & Retention Policy: destroyed when the purpose is fulfilled, when you request deletion, when the organizer closes or deletes the event, or at latest 3 years after your last interaction with the Service — whichever comes first. Retention for a specific event may be shorter where the organizer directs it.
  • Name, email, matches, and gallery data are kept for the life of the event gallery as set by the organizer, then deleted.
  • Audit and security logs are kept up to 24 months. Deletion cascades through all systems, including the facial template held in AWS Rekognition.

8. Your Rights

Depending on where you live, you have the right to access, correct, delete, or receive a copy of your personal data; to withdraw consent; to object to or restrict processing; and to not be discriminated against for exercising rights.

  • EU/EEA/UK/Switzerland (GDPR): all rights above, plus the right to complain to your supervisory authority.
  • California (CCPA/CPRA): rights to know, delete, correct, and limit use of sensitive personal information. We do not sell or share personal information as defined by the CPRA.
  • Illinois (BIPA), Texas (CUBI), Washington: rights and protections for biometric identifiers as described in the Biometric Policy, including our public retention and destruction schedule.
  • Canada (PIPEDA), Brazil (LGPD), Australia (APPs) and other jurisdictions: we honor access, correction, and deletion requests globally. The same standard applies to everyone.

To exercise any right: email moshe@headshotdc.com with subject "Privacy Request," or use the "Not me" and deletion options in your gallery. We verify requests via the email address on the registration and respond within 30 days (or sooner where the law requires). A parent or guardian may exercise these rights for their child.

9. Children

The Service is not directed to children. Self-registration requires being 18+. A child's data may be registered only by their parent or legal guardian, who may also access, correct, or delete it at any time. If we learn a child was registered by anyone other than a parent or guardian, we will delete the registration and associated biometric data promptly.

10. Security

Photos and selfies are stored in private buckets accessible only by short-lived signed URLs; all traffic is encrypted in transit; database access is governed by row-level security; gallery and admin access is token- or role-gated; the platform undergoes recurring security review. No system is perfectly secure — if a breach affects your personal data, we will notify affected organizers and individuals and regulators as required by applicable law (for GDPR-covered data, within the legally required timeframes).

11. Changes and Contact

We will post any changes to this policy here with a new version number and effective date; material changes to how biometric data is handled will require fresh consent. Contact: Moshe Zusman Photography, LLC — Washington, DC · moshe@headshotdc.com.

Biometric Data Consent & Retention Policy

Version 1.0 · Effective July 15, 2026 · Moshe Zusman Photography, LLC

This is our written, publicly available policy for the collection, use, retention, and destruction of biometric identifiers and biometric information, published in accordance with biometric privacy laws including the Illinois Biometric Information Privacy Act (740 ILCS 14, "BIPA"), the Texas Capture or Use of Biometric Identifier Act, and Washington law. It forms part of our Privacy Policy.

1. What We Collect

When you consent at registration, we collect: (a) the selfie you provide, and (b) a facial template — a numerical representation of face geometry generated by AWS Rekognition from your selfie and from faces detected in event photos. The facial template is a "biometric identifier" under the laws above. We collect no other biometric identifiers (no fingerprints, voiceprints, iris or hand scans).

2. Purpose

Facial templates are used for exactly one purpose: matching you to photographs taken at the event(s) you registered for, so your personal gallery can be delivered to you. They are not used for advertising, identification outside your event context, surveillance, model training, or any other purpose.

3. Written Consent — Collected Before Capture

We do not create a facial template for a registered guest without first obtaining a written release, given electronically at registration, that states:

I consent to Faces (operated by Moshe Zusman Photography, LLC) collecting my selfie and generating a biometric facial template from it to find photos of me from this event. I have read the Biometric Data Consent & Retention Policy, including the retention schedule and my right to delete my data at any time. If I am registering my minor child, I confirm I am the child's parent or legal guardian and give this consent on the child's behalf.

Registration cannot proceed without checking this consent. A parent or legal guardian provides this consent on behalf of their own minor child; self-registration is limited to individuals 18 and older.

Faces appearing in event photographs are detected and templated to power matching for consented registrants; event organizers are contractually required to provide event-level notice to attendees that photography and face-matching services are in use at the event.

4. No Sale; No Disclosure; No Profit

We do not sell, lease, trade, or otherwise profit from biometric identifiers or biometric information — ever. We do not disclose them to anyone except: (a) the infrastructure processors that perform storage and matching on our instructions (AWS Rekognition, Supabase, Cloudflare — listed in the Privacy Policy), (b) as required by valid legal process, or (c) with your further explicit consent.

5. Retention Schedule and Destruction

Biometric identifiers (facial templates) and selfies are permanently destroyed at the earliest of:

  1. Your request — you may request deletion at any time (gallery link or moshe@headshotdc.com); honored within 30 days;
  2. Purpose fulfilled — the event's gallery is closed or the event is deleted by its organizer;
  3. Organizer-directed schedule — where the event organizer sets a shorter retention period for its event, that schedule controls;
  4. Statutory outside limit — no later than 3 years after your last interaction with the Service.

Destruction cascades through all systems: the facial template in AWS Rekognition, the selfie in storage, match records, and database rows. "Not me" removals delete the specific match immediately.

6. Storage and Protection

Biometric identifiers are stored using a reasonable standard of care at least equal to how we protect other confidential information, and consistent with industry standards for this kind of data: private storage accessible only via short-lived signed URLs, encryption in transit, role- and token-gated access, row-level database security, and recurring security review.

7. Your Rights

You may withdraw consent and request destruction of your biometric data at any time, without giving a reason and without affecting your ability to attend any event (you will simply no longer receive matched galleries). Parents and legal guardians may exercise all rights for their registered minor children.

8. Contact

Moshe Zusman Photography, LLC — Washington, DC · moshe@headshotdc.com (subject "Biometric Data Request").

Client Platform Terms

Version 1.0 · Effective July 15, 2026 · Moshe Zusman Photography, LLC

These terms govern each agreement under which a business client ("Client") licenses the Faces platform for its events, whether under a signed order form, proposal, or invoice referencing these terms (together, the "Agreement"). They are published here for transparency to clients and their attendees.

1. The Service; License

Provider grants Client a non-exclusive, non-transferable, non-sublicensable license to use the Faces platform for the events and term stated in the applicable order ("Subscription" — the lease model). Client's event staff, hosts, and guests may use the platform surfaces provided for them. No source code, software copy, or other rights are granted.

2. Intellectual Property

  • Provider owns the platform. The Faces software, architecture, matching pipeline, documentation, and all improvements and know-how are and remain the exclusive property of Provider. Nothing in any engagement transfers ownership, and white-labeling (Client's branding on platform surfaces) creates no rights in the platform itself.
  • Client owns its materials. Client retains all rights in its trademarks, brand assets, guest rosters, and event photographs. Provider uses them only to operate the Service for Client.
  • Product purchase. If Client wishes to acquire the platform (perpetual license or asset purchase) rather than lease it, that is available by separately negotiated written agreement; these terms do not effect any such transfer.

3. Data Protection Roles and Processing Terms

  • Roles. For guest personal data of Client's events, Client is the controller (or "business") and Provider is the processor (or "service provider"), processing only to operate the Service per Client's configuration and documented instructions.
  • Biometric data. Facial templates are created only for guests who give explicit consent through the platform's consent flow, under the published Biometric Data Consent & Retention Policy. Provider does not sell or disclose guest data and uses it for no purpose other than the Service (no advertising, no AI training).
  • Subprocessors. Provider uses the infrastructure subprocessors listed in the Privacy Policy (AWS, Supabase, Cloudflare, Resend), each bound by data processing agreements. Provider will give Client notice before adding subprocessors that handle guest personal data.
  • Security. Provider maintains commercially reasonable technical and organizational safeguards: private storage with short-lived signed URLs, encryption in transit, role- and token-based access control, row-level database security, and recurring security review.
  • Breach notice. Provider will notify Client without undue delay, and in any case within 72 hours, of becoming aware of a personal data breach affecting Client's event data, with the information reasonably needed for Client's own notification obligations, and will cooperate in remediation.
  • Data return and deletion. On termination or on request, Provider will delete (or export, then delete) Client's event data, including cascading destruction of biometric templates.
  • Audit. Provider will, upon reasonable notice no more than once annually, answer Client's reasonable written security questionnaires and provide summaries of its security posture.

4. Retention — Client Decides

Retention is a Client-configurable term of the order. Under the Subscription (lease) model, Provider operates whatever retention schedule Client directs for its events — including immediate post-event destruction — subject to the platform's outside statutory limit (no later than 3 years after a guest's last interaction) and each guest's independent right to delete their own data sooner. If Client purchases the product, retention policy passes entirely to Client's control as controller and operator.

5. Client Responsibilities

Client will: (a) provide legally required event-level notice to attendees that photography and optional face-matching services are in use; (b) ensure any guest roster or photos it uploads were lawfully collected and may be used for the Service; (c) not instruct Provider to process data in violation of applicable law; (d) manage its hosts' access responsibly; and (e) where its event includes minors, communicate that registration of a minor may only be performed by the minor's parent or legal guardian.

6. Warranties; Disclaimer

Each party warrants it has authority to enter the Agreement. Provider warrants the Service will materially perform as described. Facial matching is probabilistic; Provider does not warrant that all photos of a guest will be identified. EXCEPT AS STATED, THE SERVICE IS PROVIDED "AS IS" AND PROVIDER DISCLAIMS ALL OTHER WARRANTIES, EXPRESS OR IMPLIED.

7. Indemnification

  • By Provider: Provider will defend and indemnify Client against third-party claims that the Faces platform itself (excluding Client materials and third-party content) infringes intellectual-property rights, or arising from Provider's material breach of Section 3 (Data Protection).
  • By Client: Client will defend and indemnify Provider against third-party claims arising from Client's event content, rosters or materials, Client's failure to provide required attendee notice, or Client's instructions.
  • Standard procedure applies: prompt notice, control of defense by the indemnifying party, no settlement imposing obligations on the other party without consent.

8. Limitation of Liability

NEITHER PARTY IS LIABLE FOR INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES. EACH PARTY'S TOTAL AGGREGATE LIABILITY UNDER THE AGREEMENT IS CAPPED AT THE FEES PAID OR PAYABLE BY CLIENT IN THE TWELVE (12) MONTHS PRECEDING THE CLAIM, EXCEPT THAT FOR PROVIDER'S BREACH OF SECTION 3 (DATA PROTECTION) OR EITHER PARTY'S INDEMNIFICATION OBLIGATIONS THE CAP IS TWO TIMES (2×) THAT AMOUNT. NOTHING LIMITS LIABILITY FOR GROSS NEGLIGENCE, WILLFUL MISCONDUCT, OR AMOUNTS THAT CANNOT BE LIMITED BY LAW.

9. Insurance

Provider maintains commercially appropriate insurance for a service of this kind and will provide certificates on request.

10. Term; Termination

The Agreement runs per the order. Either party may terminate for material breach uncured within 30 days of written notice. Sections 2, 3 (deletion/return), 7, 8, and 11 survive. On termination, guest-facing galleries close on the schedule Client directs, and data is handled per Section 3.

11. General

Governing law: District of Columbia, exclusive venue in the state and federal courts located in Washington, DC. No assignment without consent (except to a successor in a merger or asset sale). Neither party is liable for delay caused by events beyond its reasonable control. The Agreement (order + these terms + the published policies referenced) is the entire agreement; if an order conflicts with these terms, the order controls. Provider may reference Client as a customer only with Client's prior written approval.

Contact: Moshe Zusman Photography, LLC — Washington, DC · moshe@headshotdc.com

Moshe Zusman Photography, LLC · Washington, DC · moshe@headshotdc.com
Terms · Privacy · Biometric Policy · Client Terms