PixPass Global Visa Photo

Privacy Policy

Effective Date: February 7, 2026

GVP Studio LLC ("PixPass," "we," "us," or "our") operates the PixPass platform at globalvisaphoto.com. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered ID photo compliance service.

1. Information We Collect

1.1 Photos You Upload

When you use PixPass, you upload photographs that may contain biometric information (facial geometry). We analyze these photos solely to provide our ID photo compliance verification service — including specification matching, face detection, and compliance assessment.

1.2 Usage Data

We automatically collect standard usage data such as browser type, operating system, referring URLs, pages visited, and timestamps. This data is collected via server logs and analytics tools to improve our service.

1.3 Payment Information

Payment processing is handled entirely by Stripe, Inc. We do not store your credit card number, CVV, or full payment details on our servers. We may retain a transaction ID and the last four digits of your card for customer support purposes.

2. How We Use Your Information

  • To analyze your photos and deliver compliance verification results
  • To improve and optimize our AI verification pipeline
  • To communicate with you regarding your orders or support requests
  • To comply with legal obligations
  • To detect and prevent fraud or abuse of our service

3. Photo Data Handling

We take the handling of your photo data seriously:

  • Automatic Deletion: All uploaded photos and verification results are stored temporarily on Cloudflare R2 (located in the United States) and are permanently deleted after 24 hours via automated object lifecycle rules. This deletion is enforced at the infrastructure level and cannot be overridden.
  • No AI Training: We do not use your photos to train, fine-tune, or improve any AI or machine learning models — neither our own nor those of our providers. Your photos are used exclusively for one-time compliance verification and then deleted.
  • No Biometric Templates: We do not create, store, or retain biometric templates, faceprints, or any persistent biometric identifiers derived from your photos.
  • No Selling of Photos: We never sell, license, or share your photos with any third party for purposes unrelated to delivering our service.
  • Verification Only: Your photos are analyzed in memory and via temporary storage exclusively for the purpose of verifying compliance with official ID photo specifications.

4. Data Sharing

We do not sell your personal information. We may share limited data with the following categories of service providers, solely to operate our service:

  • Cloud Storage: Cloudflare R2 (United States) for temporary photo storage with automated 24-hour deletion lifecycle rules
  • AI Verification: OpenAI API for photo compliance analysis. Photos are submitted via API for one-time analysis only. Per OpenAI's enterprise data usage policy, API inputs are not used to train models and are not retained beyond the duration of the request.
  • CDN & Security: Cloudflare for content delivery and DDoS protection
  • Payment Processing: Stripe, Inc. for secure payment handling

5. Data Location & Security

All data storage and processing occur on servers located within the United States. We do not transfer your photos or personal data to servers outside the United States.

We implement industry-standard security measures to protect your data:

  • 256-bit TLS/SSL encryption for all data in transit
  • Encryption at rest for all stored data (Cloudflare R2 server-side encryption)
  • Automated 24-hour object lifecycle rules ensuring permanent deletion
  • Access controls limiting employee access to user data
  • Regular security audits and monitoring

6. Your Rights

6.1 California Residents (CCPA)

If you are a California resident, you have the right to: know what personal information we collect; request deletion of your personal information; opt out of the sale of personal information (we do not sell personal information); and not be discriminated against for exercising your rights.

6.2 EU/EEA Residents (GDPR)

If you are located in the EU or EEA, you have the right to: access your personal data; rectify inaccurate data; request erasure of your data; restrict processing; data portability; and object to processing. Our legal basis for processing photos is your explicit consent, which you provide when uploading a photo.

6.3 Exercising Your Rights

To exercise any of these rights, please contact us at [email protected]. We will respond to verifiable requests within 30 days (or 45 days if an extension is necessary, with notice).

7. Children's Privacy

PixPass is not intended for use by children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately and we will delete such information.

8. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page with a revised "Effective Date." Your continued use of PixPass after changes are posted constitutes acceptance of the updated policy.

9. Contact Us

If you have questions or concerns about this Privacy Policy, please contact us:

GVP Studio LLC
30 N Gould St Ste R
Sheridan, WY 82801
Email: [email protected]