Not a Moment Lost!

Menu
Menu

Privacy Policy

1. Introduction

This Privacy Policy explains how Not a Moment Lost (“Service”) processes personal data when you use our website and services.
Not a Moment Lost is a service operated by KP Photography (“Company”, “we”, “our”, “us”).

We are committed to protecting your privacy in accordance with the General Data Protection Regulation (GDPR).

2. Data Controller

The Data Controller responsible for the processing of personal data is: KP Photography (kpstudio.gr)

Operating the service: Not a Moment Lost
Website: notamomentlost.com

For any privacy-related requests or data subject rights, please contact:

[email protected]

3. Personal Data We Collect

We collect only the data necessary to provide the service.

Data from Customers (Purchasers)

When purchasing the service, we may collect:

  • Name

  • Email address

  • Billing details

  • Payment information (processed via secure payment providers)

  • Event details (event date, gallery name)

Data from Guests Uploading Content

When guests upload photos or videos, we may collect:

  • Uploaded media files

  • Device metadata (file name, file size, format)

  • IP address (for security and abuse prevention)

  • Upload timestamps

We do not require guests to create accounts.

4. Purpose of Processing

We process personal data to:

  • Provide and operate the gallery service

  • Enable uploading and sharing of event media

  • Maintain security and prevent abuse

  • Process payments and customer support

  • Comply with legal obligations

We do not sell personal data.

5. Legal Basis for Processing (GDPR)

We process data based on:

  • Contractual necessity – to deliver the purchased service

  • Legitimate interests – service security and fraud prevention

  • Legal obligations – accounting and compliance

The Customer is responsible for informing guests that content will be uploaded and stored.

6. Email Communications

We use email communications to provide both service-related notifications and optional marketing messages.

Email delivery is handled by Brevo.

6.1. Service Notification Emails (Contractual Necessity)

Customers who purchase the service are automatically enrolled in a Gallery Notification List.

These emails are required to deliver the service and may include:

  • Gallery setup confirmations

  • Service updates

  • Expiration reminders

  • Instructions for downloading content

Legal basis: Contractual necessity

Customers may unsubscribe, but doing so may result in missing important service communications.

6.2. Marketing Emails (Consent)

Customers may also be subscribed to a Marketing List to receive:

  • Promotions and offers

  • News and feature updates

  • Tips and service announcements

Legal basis: Consent

Customers may unsubscribe at any time via the unsubscribe link in every email.

6.3 Email Data Processing

When sending emails, the following data may be processed:

  • Email address

  • Name (if provided)

  • Email engagement data (opens, clicks)

This data is processed securely and used only for communication purposes.

6.4 Data Retention for Email Lists

Customer email data is stored:

  • For the duration of the service

  • Until the user unsubscribes from marketing communications

  • Or as required by law

Αν θέλεις, επόμενο βήμα που δένει τέλεια με όλα αυτά είναι το Cookie Policy + Consent text για checkout & upload page, που είναι το τελευταίο κομμάτι GDPR που λείπει.

7. User Generated Content & Responsibility

Guests upload content voluntarily.

The Customer (event host) is responsible for informing guests about:

  • The existence of the gallery

  • The upload process

  • The processing of personal data

8. Data Storage & Third-Party Processors

Uploaded media is hosted via SmugMug.

This means uploaded files may be stored on secure servers operated by third-party infrastructure providers.

We use trusted providers for:

  • Media hosting

  • Payment processing

  • Website hosting

All providers are selected based on GDPR compliance and security standards.

Third-Party Email Processing via Brevo

Email communications are processed via trusted third-party providers.

By using the service, the Customer acknowledges that email addresses may be processed by such providers solely for the purposes described above.

9. International Data Transfers

Some service providers may process data outside the European Economic Area (EEA).

When this occurs, appropriate safeguards are used, such as:

  • Standard Contractual Clauses (SCCs)

  • GDPR-compliant agreements with providers

10. Data Retention

We retain personal data only as long as necessary.

Gallery content is stored for a limited hosting period defined during purchase.

After this period:

  • Galleries may be permanently deleted.

  • Customers are responsible for downloading their content.

Billing and legal records may be retained as required by law.

11. Security Measures

We implement technical and organizational measures to protect data, including:

  • Secure hosting infrastructure

  • Encrypted connections (HTTPS)

  • Access control and monitoring

However, no system can guarantee absolute security.

12. User Rights Under GDPR

Individuals have the right to:

  • Access their data

  • Request correction

  • Request deletion

  • Restrict processing

  • Object to processing

  • Request data portability

Requests can be sent to: [email protected]

13. Content Removal Requests

If someone appears in a photo/video and wishes it removed, they may contact us.

We may remove content when legally required.

14. Cookies

The website may use essential cookies for:

  • Website functionality

  • Security

  • Analytics

A separate Cookie Policy may apply.

15. Changes to This Policy

We may update this Privacy Policy periodically.
The latest version will always be published on the website.

16. Contact

For privacy inquiries:
[email protected]

Torna in alto