Privacy Policy: Foto Lab
Effective from 3 June 2026. Last updated 3 June 2026.
This Privacy Policy explains how Recess, a Highrollerco Ltd brand (“Recess”, “we”, “us”), handles personal data in the Foto Lab service available at recess.land/foto-lab (the “Service”).
Highrollerco Ltd is registered in England and Wales (company number 11259392) with its registered office at 20-22 Elsley Court, Great Titchfield Street, London W1W 8BE. We are the data controller for personal data processed through the Service.
1. Summary
In plain terms:
- Foto Lab lets you find photos of yourself in the Recess photo archive by uploading a selfie.
- Your selfie is processed in memory and sent directly to AWS Rekognition for face matching. It is never written to disk, S3, or any database. It is discarded as soon as the match completes.
- We do not create an account for you, and we do not collect your email, name, or contact details to search. The only exception is if you choose to enter your email at a Recess kiosk to have your photo link sent to you (see Section 3.4).
- People photographed at Recess events have their face vectors stored in our matching system. You can request removal at any time (see Section 9).
- You must be 18 or over to use Foto Lab.
2. Who this policy applies to
This policy applies to two groups of people:
- Users of the Foto Lab service, meaning anyone who uploads a selfie to search the archive.
- Attendees of Recess events whose photos appear in the archive. Even if you have never used Foto Lab, your face may have been indexed for the matching service to work.
3. What data we process
3.1 If you use Foto Lab to search
When you upload a selfie, the following happens:
- The selfie image is sent from your browser to our server as encoded bytes.
- Our server decodes the bytes in memory and passes them directly to AWS Rekognition’s SearchFacesByImage API. Rekognition generates a temporary face embedding to perform the search and does not retain it after the API call returns.
- The selfie image itself is not written to any disk, S3 bucket, database, or other persistent storage. It exists only in the server process memory for the duration of the request and is discarded immediately after.
- We log anonymised analytics about the search: the number of matches, the top similarity score, the threshold used, how long the search took, and a daily-rotating hashed version of your IP address. This log does not contain your image, your face data, or any identifier that could be traced back to you across days.
3.2 If you appear in a Recess event photo
For Foto Lab to be able to match a selfie against the archive, we run AWS Rekognition’s IndexFaces process on every photo in the archive. This generates a face vector (a mathematical representation of a face) for each detected face in each photo, and stores those vectors in a Rekognition collection. The original photo itself is stored in our media storage (Supabase) and presented in the public archive. We do not attach names to faces. The vectors are anonymous representations.
3.3 Standard web data
When you visit Foto Lab, our hosting provider (Vercel) automatically receives standard web request data including your IP address, browser type, the page you requested, and the time of the request. This is used for service operation and security; we do not use it for advertising or profiling.
3.4 If you give us your email at a kiosk
At some Recess events, Foto Lab is available on a kiosk. If you choose to enter your email address there to receive your photos, we use it solely to send you the link to your photo selection. Your email is stored alongside that share link only, and is not used for marketing, newsletters, profiling, or any other purpose, nor shared with third parties for their own use. Giving your email is optional — you can instead scan the on-screen QR code to get the same link without providing any contact details.
4. Why we process this data
We process the data described above for the following purposes:
- To provide the Foto Lab matching service.
- To operate, maintain, and improve the Service.
- To investigate and prevent abuse, fraud, and security incidents.
- To comply with our legal obligations.
5. Legal basis for processing (UK & EU GDPR)
Our legal bases under the UK GDPR and the EU GDPR are:
- Your explicit consent (Article 9(2)(a)) for the processing of biometric data when you upload a selfie. You give this consent by submitting your selfie after being informed by this policy.
- Legitimate interests (Article 6(1)(f)) for indexing faces in the archive to enable the matching service, for operating the service, and for security and fraud prevention. We balance this interest against your rights and freedoms, and you can object to this processing at any time (see Section 9).
6. Who we share data with
We share data with a small number of service providers:
- AWS (Amazon Web Services): for face matching via Rekognition. The Rekognition collection containing face vectors from event photos is stored in the AWS eu-west-2 (London) region.
- Supabase: our database and media storage provider, which hosts the photo archive and search analytics.
- Vercel: our web hosting and serverless function provider, which handles incoming web requests.
- Anthropic:used in the background to generate descriptive tags for archive photos (such as “dancer”, “crowd”). Anthropic does not receive selfies or any data from Foto Lab users.
Each of these providers acts as a data processor on our behalf and is bound by data protection terms. We do not sell personal data, and we do not share it with advertisers.
7. International transfers
Some of our service providers are based outside the UK and EU (notably Anthropic, in the United States). Where data is transferred outside the UK and EU, we rely on appropriate safeguards including the UK International Data Transfer Agreement, the EU Standard Contractual Clauses, or equivalent mechanisms.
8. How long we keep data
- Your selfie: not retained. Discarded immediately after the match completes.
- Face vector generated from your selfie: not retained by AWS Rekognition after the search API call returns.
- Anonymised search analytics: retained for up to 12 months for service operation, then deleted.
- Face vectors from event photos (in the Rekognition collection): retained for as long as the archive is operated, or until the data subject requests removal.
- Event photos themselves: retained indefinitely as part of the Recess archive, subject to removal requests.
9. Your rights
Under UK and EU GDPR you have the right to:
- Access the personal data we hold about you.
- Have inaccurate data corrected.
- Have your data erased (the “right to be forgotten”), including face vectors from event photos.
- Restrict or object to the processing of your data.
- Withdraw consent at any time, where we are processing on the basis of consent.
- Receive a copy of your data in a portable format.
- Lodge a complaint with a supervisory authority. In the UK, this is the Information Commissioner’s Office (ico.org.uk).
To exercise any of these rights, email help@highroller.co with a description of your request. If you are asking to be removed from the archive, please include the name of the event you attended (e.g. Recessland 2026), the approximate date, and a recent photo of yourself so we can identify your face data. We aim to respond to all requests within 30 days as required by the UK GDPR.
10. Children
Foto Lab is not intended for use by anyone under 18. We do not knowingly process the personal data of anyone under 18 through Foto Lab. If you believe a child has used Foto Lab, please contact us and we will delete the relevant data.
11. Security
We use industry-standard technical and organisational measures to protect personal data, including transport encryption (HTTPS/TLS), encryption at rest with our service providers, hashed IP addresses in analytics, and access controls on administrative functions. No system is perfectly secure, but we take reasonable steps to reduce risk.
12. Cookies and local storage
recess.land sets only functional storage:
- Supabase authentication cookies (sb-*): set when a user logs into an account. Foto Lab users do not log in and therefore do not receive these cookies.
- Admin session cookie (admin_auth): set when a user logs into the admin panel. Standard Foto Lab visitors do not encounter this.
- Local storage flag (fotolab_welcomed_v1): a single boolean stored in your browser to remember that you have seen the Foto Lab welcome screen. No personal data is stored, and it is local to your browser.
We do not use analytics cookies, advertising cookies, tracking pixels, or any third-party tracking services. We do not load embedded content from social platforms (YouTube, Instagram, etc.) that would set their own cookies. Standard server logs (handled by our hosting provider Vercel) record request metadata such as IP address and User-Agent for service operation and security.
13. Changes to this policy
We may update this policy from time to time. When we do, we will update the “Last updated” date at the top. Material changes will be flagged prominently on Foto Lab.
14. Contact
For any privacy questions, data requests, or complaints, email help@highroller.co.
Recess is a brand of Highrollerco Ltd, registered in England and Wales (company number 11259392), 20-22 Elsley Court, Great Titchfield Street, London W1W 8BE.