Privacy Policy

Last updated: January 2025

Data Controller: Groenewegen Solutions B.V. (trading as 21Pix) - Contact: privacy@21snaps.com

Our Privacy Promise: We believe in absolute minimal data collection. We don't track you, we don't profile you, and we delete your photos 7 days after printing. No analytics, no marketing, no sharing with advertisers. Your memories are yours alone.

1. What Data We Collect and Why

1.1 Photos You Take

What: The 21 photos you capture per roll
Why: To print them on photo paper and ship them to you
Legal Basis: Contract fulfillment (you purchase prints, we deliver them)
Retention: 7 days after order placement, then permanently deleted

1.2 Shipping Information

What: Name, address, email, phone (optional)
Why: To deliver your printed photos
Legal Basis: Contract fulfillment
Retention: 2 years for legal/tax requirements

1.3 Payment Information

What: Transaction ID and payment status from Mollie
Why: To process your payment and prevent fraud
Legal Basis: Contract fulfillment and legitimate interest (fraud prevention)
Note: We NEVER see or store your credit card details - Mollie handles this

1.4 Technical Information

Device-Generated User ID: A random ID created by your device (not linked to you personally)
Failed Payment Attempts: For fraud prevention only

2. What We DON'T Collect

            ❌ No cookies or tracking pixels
❌ No analytics or usage statistics
❌ No location data
❌ No device fingerprinting
❌ No advertising IDs
❌ No behavioral profiling
❌ No IP address logging for tracking

        

3. How We Protect Your Data

Transmission: All data is transmitted using SSL/TLS encryption
Storage: Photos stored on secure AWS servers in Ireland (EU)
Access: Limited to essential personnel only
Backups: Automated AWS backups, deleted after 7 days
Deletion: Automated deletion process removes photos after 7 days

4. Third-Party Services

Service	Purpose	Data Shared	Location
Mollie	Payment processing	Order amount, redirect URLs	Netherlands (EU)
AWS	Server infrastructure	All app data (encrypted)	Ireland (EU)

Important: All third parties are EU-based and GDPR-compliant. We have Data Processing Agreements with each service. Your data never leaves the EU.

5. Your Rights Under GDPR

As an EU resident, you have the following rights:

5.1 Right to Access

Request a copy of all data we hold about you. We'll provide this within 30 days.

5.2 Right to Rectification

Correct any inaccurate personal data (e.g., shipping address).

5.3 Right to Erasure ("Right to be Forgotten")

Request deletion of your data, except where we must retain it for legal obligations.

5.4 Right to Restriction

Limit how we process your data in certain circumstances.

5.5 Right to Data Portability

Receive your data in a machine-readable format.

5.6 Right to Object

Object to processing based on legitimate interests (we only use this for fraud prevention).

5.7 Right to Withdraw Consent

While we primarily process data for contract fulfillment, you can withdraw consent anytime where applicable.

To exercise any right: Email privacy@21snaps.com with your request. We'll respond within 30 days.

6. Data Breach Procedures

In the unlikely event of a data breach:

Within 72 hours: We notify the relevant supervisory authority
If high risk to you: We notify you directly via email
We will inform you of:
- What data was affected
- What steps we've taken
- What steps you should take
- How we're preventing future breaches

7. Children's Privacy

Age Requirement: You must be at least 16 years old to use 21Pix.

We do not knowingly collect data from children under 16. If we discover we've inadvertently collected such data, we will delete it immediately. Parents/guardians who believe we have data about their child under 16 should contact us immediately.

8. Data Retention Summary

Data Type	Retention Period	Reason
Photos	7 days after order	Reprint requests/issues
Order Information	2 years	Legal/tax requirements
Shipping Details	2 years	Legal/tax requirements
Payment Records	2 years	Legal/accounting requirements
Failed Payments	6 months	Fraud prevention

9. International Users

21Pix ships across the European Union, including the Netherlands, Belgium, Germany, France, Spain, Italy, Austria, Ireland, Portugal, Finland, Luxembourg, Greece, Slovakia, Slovenia, Estonia, Latvia, Lithuania, Croatia, Cyprus and Malta. If you're accessing our service from outside the EU:

Your data is still processed according to GDPR standards
Data is stored in EU data centers
You have the same rights as EU users

10. Communication Policy

We only contact you for:

✅ Order confirmations
✅ Shipping notifications
✅ Customer support responses
✅ Legal/security notifications

We NEVER send:

❌ Marketing emails
❌ Promotional offers
❌ Newsletters
❌ Third-party offers

11. Cookies and Tracking

We don't use cookies, tracking pixels, or any form of online tracking. The app stores necessary data locally on your device using secure storage, which includes:

Your current film roll status
Photos waiting to be uploaded
Device-generated user ID

This data never leaves your device except when you complete a roll and choose to order prints.

12. Changes to This Policy

We'll notify you of any material changes to this privacy policy via:

In-app notification
Email (if you've made a recent order)
Updated date at the top of this policy

13. Supervisory Authority

You have the right to lodge a complaint with a supervisory authority. In the Netherlands, this is:

Autoriteit Persoonsgegevens
Website: autoriteitpersoonsgegevens.nl
Phone: 0900-2001201

14. Contact Us

For any privacy-related questions or to exercise your rights:

Data Protection Contact:
Email: privacy@21snaps.com
General: info@21pixapp.com
Response time: Within 30 days

15. Legal Basis Summary

We process your data only under these legal bases (GDPR Article 6):

Contract (6.1.b): Processing photos and shipping information to fulfill your order
Legal Obligation (6.1.c): Retaining order data for tax/accounting
Legitimate Interest (6.1.f): Preventing payment fraud (failed payment tracking)