Your clients' photos deserve enterprise-grade protection
Studioshare is built with security and privacy at every layer — from how we process facial recognition to how we store and deliver your photos.
Encryption at Rest & in Transit
All photos and client data are encrypted using AES-256 at rest and TLS 1.3 in transit. Your clients' memories are protected at every stage.
Privacy by Design
Facial recognition vectors are processed client-side and stored as anonymized embeddings. We never store raw biometric data on our servers.
Access Controls
Fine-grained permissions let you control who sees what. Set gallery-level, event-level, or photo-level access with time-based expiration.
Cloud Infrastructure
Hosted on Google Cloud Platform with automatic scaling, multi-region redundancy, and 99.9% uptime SLA. Your data stays in the region you choose.
Authentication
Multi-factor authentication, SSO support, and secure session management. Clients authenticate via phone OTP or OAuth — no passwords to leak.
Compliance Ready
Built with GDPR and data residency requirements in mind. Data processing agreements, audit logs, and right-to-deletion support included.
How we handle facial recognition data
Facial recognition is the core of Studioshare's photo delivery. Here's how we handle it responsibly:
- Client-side processing: Face detection and descriptor extraction happens in the user's browser. Raw face images never leave the device.
- Anonymized vectors: We store mathematical embeddings, not photos. These vectors cannot be reversed to reconstruct a face.
- Automatic expiry: Facial vectors are automatically deleted after the event window closes, configurable by the photographer.
- Consent-based: Users must explicitly opt in to facial scanning. No passive tracking or background processing.
Questions about security?
We're happy to discuss our security practices, share documentation, or work with your IT team on compliance reviews.