Snapbar: Privacy Policy

Last updated: May, 2026

Thank you for using Snapbar.

The SnapBar, LLC (“Snapbar,” “we,” “our,” “us”) creates photo, video, and AI-powered solutions for hybrid teams, events, and marketing activations. This Privacy Policy explains what information we collect, how we use it, who we share it with, and the choices and rights you have.

This Privacy Policy applies to information we collect from:

  • Visitors to our website at https://snapbar.com/ (the “Site”).
  • Users who access our products as a paying client, administrator, or end user.
  • Participants who interact with a Snapbar product at an event or activation hosted by one of our clients.

“You” in this Privacy Policy refers to whichever of the above categories applies to your interaction with Snapbar.

Where a separate privacy notice is presented to you at the point of collection (for example, a notice provided by our client at their event), that notice may control with respect to that specific collection.

1. Our Role in Data Processing

When we provide Services to a paying client, Snapbar generally acts as a “service provider” (under California law) or “processor” (under other privacy laws), and our client acts as the “business” or “controller.” We process personal information — such as event photos, generated AI outputs, and lead capture information — strictly on behalf of and under the instructions of our clients.

Our clients are responsible for obtaining the participant notice and consent required by applicable law before participants use Snapbar at their event. The terms of our Master Services Agreement (MSA) with each client allocate this responsibility. Where the MSA and this Privacy Policy address the same data flow, the MSA controls as between Snapbar and the client.

When we collect information directly from Visitors to our Site, or from Users in connection with their own account (such as a paying client or administrator), Snapbar acts as a “business” or “controller” for that information.

2. AI Data and Image Processing

Several Snapbar products use AI to generate, enhance, or transform photos and videos. Because this involves processing your images and prompts, we want to be specific about how it works:

  • No model training. We do not use your content, deliverables, or participant data to train, fine-tune, or improve any machine-learning models. We contractually require our AI subprocessors to do the same with data we send them.
  • Transmission to AI subprocessors. To generate AI outputs, we transmit your photos, videos, prompts, and related parameters to third-party AI providers that perform the generation, editing, enhancement, or background removal. Current AI subprocessors include OpenAI, Replicate (which may route requests to downstream model operators including Black Forest Labs, ByteDance, and Kuaishou depending on the selected model), Astria, Luma AI, Topaz Labs, and remove.bg (Canva Austria). The current list is available on request and may change from time to time.
  • Biometric identifiers. Our standard services do not create, extract, or permanently store biometric identifiers (such as faceprints or voiceprints). If a client requires functionality that would constitute biometric processing under applicable law, we will only perform it under a separate, mutually agreed Data Processing Addendum with documented client instructions.
  • AI variability. AI-generated outputs are probabilistic. Likeness, style, and quality may vary, particularly with lower-quality inputs.

3. What is “Personal Information”?

“Personal Information” is information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular individual or household.

“Sensitive Personal Information” is a subset of Personal Information that, under California law, includes things like government-issued identifiers, account credentials, precise geolocation, racial or ethnic origin, contents of mail, email, and text messages, and biometric information used to uniquely identify an individual. We do not use Sensitive Personal Information except as needed to provide the Services you or our clients have requested or for the permitted purposes described in this Privacy Policy.

“Aggregate Information” and “de-identified information” are not Personal Information and are not restricted by this Privacy Policy.

4. What Information We Collect

4.1 Information you give us

Visitors and Users. You may provide Personal Information when you contact us, request information, apply for a job, set up an account, or use our products. This may include name, email address, phone number, billing details, company affiliation, and other information you choose to share.

Participants. When you use a Snapbar product at an event, you may provide your image, voice, prompts, custom field answers, and any other information requested by the experience configuration set up by our client. You may also provide consent or disclaimer responses where shown to you.

4.2 Information collected automatically

When you visit our Site or use our products, we automatically receive technical information including IP address, device identifiers, browser type and operating system, referring URLs, pages viewed, time and duration of access, and similar usage data. Some of this may qualify as Personal Information under applicable law if it can be linked to you.

4.3 Cookies and similar technologies

We use cookies and similar technologies on the Site for the following purposes:

  • Strictly necessary cookies that enable core Site functionality.
  • Analytics cookies that help us understand Site usage and measure marketing performance.
  • Functional cookies that remember your preferences.
  • Advertising and targeting cookies that may be used to deliver more relevant advertising or to measure the effectiveness of our advertising.

You can control cookies through your browser settings. If you reject some categories of cookies, parts of the Site may not work as expected. For more information, visit https://www.allaboutcookies.org or https://www.aboutads.info/choices.

4.4 Information from third parties

In limited cases, we may receive information about you from third parties, such as social media platforms when you interact with our content there, or business contact data sources used for B2B outreach. We treat this information consistent with this Privacy Policy.

5. How We Use Personal Information

We use Personal Information for the following purposes:

  • To provide, operate, and maintain our Site and products.
  • To process transactions, deliver purchased services, and provide customer support.
  • To communicate with you about products, services, account matters, security notices, and changes to our terms or policies.
  • To send marketing communications you have not opted out of, including with the assistance of third-party providers.
  • To personalize your experience and improve our products.
  • To enforce our Terms of Use, Master Services Agreement, and applicable Proposals.
  • To detect, prevent, and address fraud, security incidents, and prohibited activity.
  • To comply with legal obligations and enforce our legal rights.
  • To carry out any other purpose disclosed at the time of collection or to which you consent.

5.1 Retention

We retain Personal Information for as long as needed to provide the Services, comply with our legal obligations, resolve disputes, and enforce our agreements. Specific retention periods depend on the nature of the Personal Information and the purpose of collection. For example, billing records are retained as required by tax and accounting laws; participant submissions are typically retained for the duration of the applicable experience plus a limited period after, or as instructed by the client. You may request deletion of your Personal Information as described in Sections 10 and 11.

5.2 International transfers

We are based in the United States, and our subprocessors may store and process Personal Information in the United States and other countries. When you provide Personal Information to us, you understand that it may be transferred to and processed in jurisdictions other than your own.

6. How We Share Personal Information

We share Personal Information only as described in this Privacy Policy:

  • Service providers and subprocessors. We use third-party vendors to operate the Site and products, including cloud hosting, database and authentication infrastructure, content delivery, AI image and video processing, error monitoring, transactional email, payment processing, and bot/CAPTCHA protection. These vendors are contractually limited to using Personal Information only to provide their services to us.
  • Our paying clients. If you are a Participant at a client event, the information collected through the Snapbar product (such as your image, lead capture responses, and consent/disclaimer responses) is shared with the client who hosted the event. The client’s use of that information is governed by the client’s own privacy policies and applicable law, and Snapbar’s sharing with the client is subject to the terms of the applicable MSA between Snapbar and the client.
  • Legal compliance. We may share Personal Information when required by law, subpoena, court order, or government request, or to enforce our agreements, protect our rights, or protect the rights and safety of others.
  • Business transfers. In connection with a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, Personal Information may be transferred to the successor or acquirer.
  • With your consent. We may share Personal Information for any other purpose with your consent or at your direction.

We do not sell Personal Information for money. Under California law, however, certain uses of analytics, advertising, and similar third-party cookies may be considered “sales” or “sharing” for cross-context behavioral advertising. See Section 11 for how to exercise your right to opt out.

6.1 Current subprocessor categories

As of the last updated date, Snapbar uses third-party subprocessors in the following categories:

  • Cloud and infrastructure: Supabase (database, authentication, storage), Google Cloud Platform (processing infrastructure), Netlify (hosting, CDN), Cloudflare (bot protection).
  • Media storage and delivery: Cloudinary.
  • AI image and video processing: OpenAI, Replicate (and downstream model operators), Astria, Luma AI, Topaz Labs, remove.bg.
  • Error monitoring and observability: Sentry.
  • Transactional email: Postmark and ActiveCampaign.
  • Payments: Stripe.

This list may change from time to time as we update our infrastructure or add new product capabilities.

7. How We Protect Information

We maintain administrative, technical, and physical safeguards designed to protect Personal Information against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. These include encryption in transit and at rest where appropriate, access controls, vendor security review, and incident response procedures. No method of transmission over the internet or method of electronic storage is perfectly secure, however, and we cannot guarantee absolute security.

8. Third-Party Websites and Applications

Our Site and products may link to or integrate with third-party websites and applications. We do not control those services and are not responsible for their privacy practices. We encourage you to review the privacy policies of any third party with which you interact.

9. Your Privacy Rights

Depending on your jurisdiction and our role with respect to your Personal Information, you may have the following rights:

  • Access — to request information about the Personal Information we hold about you.
  • Correction — to request that we correct inaccurate Personal Information.
  • Deletion — to request that we delete Personal Information, subject to legal exceptions.
  • Opt out of sale or sharing — as described in Section 11.
  • Limit use of Sensitive Personal Information — as described in Section 11.
  • Non-discrimination — we will not discriminate against you for exercising your privacy rights.
  • Withdraw consent — where we rely on your consent, you may withdraw it at any time.
  • Unsubscribe — you may opt out of marketing communications at any time via the unsubscribe link in our emails.

When we act as a service provider or processor on behalf of a client, requests to exercise rights with respect to Personal Information collected through that client’s use of our product should be directed to the client. We will forward such requests to the appropriate client when reasonable to do so.

Snapbar does not engage in solely automated decision-making that produces legal or similarly significant effects about you.

10. Children’s Privacy

Our Site and products are not directed to children under 13, and we do not knowingly collect Personal Information directly from children under 13 through the Site. Our products are deployed by our clients at their events. Where children may participate, our clients are responsible under our MSA and applicable law (including COPPA) for obtaining any required parental consent and for providing age-appropriate notices to participants. If you believe a child has provided Personal Information to us directly through the Site, please contact us using the information in Section 14 and we will take appropriate steps to delete it.

11. Notice to California Residents

This section provides additional information for California residents under the California Consumer Privacy Act, as amended by the California Privacy Rights Act (together, the “CCPA”), and applies only to California residents. The terms “you” and “your” in this section refer to California residents.

11.1 Categories of Personal Information collected, used, and disclosed

In the 12 months preceding the last updated date, we have collected the following categories of Personal Information about California residents. For each category, we describe the sources, business purposes for collection, and categories of recipients to whom we disclose the information for a business purpose.

  • Identifiers (real name, alias, postal address, unique personal identifier, online identifier, IP address, email address, account name, similar identifiers). Sources: you, our clients, automatic collection, third parties. Purposes: providing the Site and products, communications, security, analytics. Recipients: our subprocessors, our paying clients (for Participant data), authorities as required by law.
  • Customer records information (name, contact information, billing details) under Cal. Civ. Code § 1798.80(e). Sources, purposes, and recipients are the same as Identifiers.
  • Commercial information (records of purchases, services obtained). Sources: our clients and internal records. Purposes: transaction processing, account management. Recipients: payment processors, subprocessors.
  • Internet or other electronic network activity information (browsing and interaction data, device and session information). Sources: automatic collection. Purposes: Site and product operation, analytics, security. Recipients: analytics and infrastructure subprocessors.
  • Geolocation data (general, derived from IP address). Sources: automatic collection. Purposes: analytics, fraud prevention. Recipients: analytics and infrastructure subprocessors.
  • Audio, electronic, visual, or similar information (photos, videos, voice recordings captured by Snapbar products). Sources: Participants, Users. Purposes: providing the requested experience, generating AI outputs, delivering galleries and shareable assets. Recipients: AI subprocessors, media delivery subprocessors, and the paying client hosting the experience.
  • Professional or employment-related information (where provided by job applicants or users). Sources: you. Purposes: providing the requested service or recruitment processing. Recipients: HR systems and recruiting subprocessors.
  • Inferences drawn from the above to characterize preferences or behavior. Sources: internally generated. Purposes: product improvement, personalization. Recipients: analytics subprocessors.

11.2 Sensitive Personal Information

We do not collect Sensitive Personal Information for the purpose of inferring characteristics about you. Where we collect information that may be considered Sensitive Personal Information (for example, account login credentials), we use it only for the purposes permitted by California law without a separate right to limit, such as performing the Services you or our client have requested, ensuring security, and complying with our legal obligations.

11.3 Sale and sharing

We do not sell Personal Information for money, and we do not engage in cross-context behavioral advertising that would constitute “sharing” under the CCPA. We do not knowingly sell or share the Personal Information of California residents under 16.

If you would like to confirm or formally exercise an opt-out of sale or sharing for your information, email us at [email protected] with your request.

11.4 Right to know, delete, and correct

California residents have the right to:

  • Know what categories and specific pieces of Personal Information we have collected about you, the categories of sources, the business or commercial purposes for which we collected it, and the categories of third parties with whom we share it.
  • Delete Personal Information we have collected from you, subject to exceptions provided by law (for example, to complete a transaction, detect security incidents, comply with legal obligations, or perform internal uses that are reasonably aligned with your expectations).
  • Correct inaccurate Personal Information we maintain about you.

You may submit verifiable requests up to twice in a 12-month period. We will respond within the timeframe required by law.

11.5 Right to limit use of Sensitive Personal Information

Because we do not use Sensitive Personal Information for purposes beyond those permitted by California law without a right to limit, this right has limited application to our practices. You may still submit a request, and we will respond consistent with the CCPA.

11.6 Right to non-discrimination

We will not deny you services, charge you different prices, or provide a different level or quality of services because you exercised your rights. We may offer different prices or service levels where reasonably related to the value of your Personal Information, as permitted by law.

11.7 Authorized agents

You may use an authorized agent to submit a request on your behalf. We will require written authorization from you, verification of your identity, and verification of the agent’s authority before responding to the request.

11.8 How to submit a CCPA request

To submit a request to know, delete, correct, opt out, or limit, email us at [email protected] or use the contact form at https://snapbar.com/contact. To verify your identity, we may ask you for information sufficient to confirm you are the person about whom we collected Personal Information. We will use that information only for verification.

If you submit a request related to Personal Information that we process on behalf of a client (for example, your participation in a client’s event), we will forward your request to the client where appropriate and notify you that we have done so.

11.9 Shine the Light

California Civil Code Section 1798.83 permits California residents to request information about disclosures of certain Personal Information to third parties for those third parties’ direct marketing purposes. We do not disclose Personal Information to third parties for their direct marketing purposes.

11.10 Do Not Track

Some browsers offer a “Do Not Track” signal. There is no industry-standard interpretation of this signal, and we do not currently respond to it.

12. Notice to Users in the European Economic Area, United Kingdom, and Switzerland

This section provides additional information for individuals located in the European Economic Area, the United Kingdom, or Switzerland (collectively, “European Users”) under the EU General Data Protection Regulation, the UK GDPR, and the Swiss Federal Act on Data Protection. The terms “you” and “your” in this section refer to European Users.

12.1 Our role

As described in Section 1, when we provide Services to a paying client, we generally act as a “processor” and our client acts as the “controller” for personal data captured through the Services. When we collect personal data directly from Visitors or Users in connection with their own account or our Site, we act as a “controller.”

12.2 Your rights

Subject to applicable law, you have the right to:

  • Access the personal data we hold about you and obtain a copy.
  • Rectification of inaccurate or incomplete personal data.
  • Erasure of your personal data, subject to certain exceptions.
  • Restriction of processing in certain circumstances.
  • Portability of personal data you provided to us, in a structured, commonly used, machine-readable format.
  • Object to processing based on legitimate interests or for direct marketing.
  • Withdraw consent where we rely on your consent, at any time and without affecting the lawfulness of processing prior to withdrawal.
  • Lodge a complaint with your local data protection supervisory authority.

To exercise any of these rights, contact us using the details in Section 14. If your personal data was collected through a Snapbar product used by one of our clients, we will forward your request to the relevant client where appropriate, since they act as the controller for that data.

12.3 Lawful bases for processing

Where we act as a controller, we process personal data on one or more of the following lawful bases:

  • Performance of a contract — to provide the Site and our products to you or your organization, and to deliver Services purchased by our clients.
  • Legitimate interests — to operate, secure, and improve our products, to communicate with our business contacts, to detect and prevent fraud, and for other legitimate business purposes that do not override your rights.
  • Consent — where required, for example for certain marketing communications or cookies.
  • Legal obligation — to comply with applicable laws, tax and accounting requirements, and lawful requests.

12.4 International transfers

Snapbar is based in the United States. When you provide personal data to us, it is transferred to and processed in the United States, and may be processed by our subprocessors in other countries. Where required by law, we rely on appropriate safeguards for such transfers, including the European Commission’s Standard Contractual Clauses, the UK International Data Transfer Addendum, or equivalent mechanisms.

12.5 Retention

Retention periods are described in Section 5.1. You may request deletion of your personal data at any time, subject to legal exceptions.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we do, we will revise the “Last updated” date at the top of this page. For material changes, we will provide additional notice as required by applicable law, which may include email notice or a prominent notice on the Site.

14. Contact Us

If you have questions about this Privacy Policy or our privacy practices, or if you would like to exercise your rights, please contact us:

Contact form: https://snapbar.com/contact

Email: [email protected]

Mail:

The SnapBar, LLC

P.O. Box 2466

Gig Harbor, WA 98335

Boost event engagement & brand awareness with user-generated content that turns moments into marketing gold.

Products
AI Photo Booth
AI Video
AI Stories
Persona Quiz
Digital Photo Booth
Trading Cards
Event Headshots
Company Headshots
Selfie Stations
Displays
Live Slideshow
Social Walls
Mosaics
Photo Booth Gallery
How It Works
Overview
Lead Capture
Displays
Survey Engagement
AI Group Photos
Our Work
Activation Concepts
Client Projects
Example Galleries
Company
Contact UsHelp DeskAboutBlogLog inJobsTerms of UsePrivacy Policy
© The SnapBar LLC
2025
Crafting unique experiences since 2012
close
Get in touch for demos, pricing, and questions.
close
Get in touch for demos, pricing, and questions.
close
Get in touch for demos, pricing, and questions.
close
Get in touch to learn more about the platform.