Home
Nexsas

Security and compliance at PicPick

Your creative assets and client data are your livelihood. We built PicPick with enterprise-grade security architecture to ensure your business remains protected, private, and compliant.

Data Privacy & Ownership

At PicPick, we operate under a strict "Your Data is Your Data" policy. We do not claim any copyright over the photos, videos, or PDFs you upload to our platform. We act solely as a secure processor and hosting provider. We will never sell your client lists, nor will we use your private, unedited client galleries to train external or public AI models.

Enterprise Cloud Infrastructure

PicPick is built on top of Amazon Web Services (AWS), utilizing the same secure infrastructure trusted by global banks and governments.

  • Encryption at Rest: All high-resolution files stored in our S3 buckets are encrypted using industry-standard AES-256 encryption.

  • Encryption in Transit: All data moving between your browser, our native apps, and our servers is secured via TLS 1.3.

  • Redundancy: Your CRM data and financial records are backed up automatically across multiple geographically isolated availability zones.

Granular Access Control

We provide you with the tools to protect your unedited work from unauthorized access or theft before final payment is received.

  • Dual-PIN Systems: Secure your digital albums with one PIN for viewing and a separate, restricted PIN for leaving edit annotations.

  • Automated Expiry: Set hard deadlines on gallery links. Once the expiry date hits, access is automatically revoked to prevent lingering public links.

  • Download Restrictions: Disable high-resolution downloads globally, or restrict downloads to specific private folders (e.g., Boudoir sessions) using folder-level visibility toggles.

AI & Biometric Ethics

Our AI Face Search Collections are powerful, but they handle sensitive biometric data. We process this data responsibly:

  • Guest Verification: Guests must physically take a selfie and register via secure access tokens to view matched photos, preventing random users from scraping event galleries.

  • Data Deletion: When you delete a Collection, all associated vector embeddings and facial data are permanently purged from our indices.

Financial Compliance

For studios managing revenue through PicPick, our billing and invoicing engines are built to comply with strict regional tax laws (including GST/SGST). We generate automated, compliant tax invoices for all your platform subscriptions and feature unlocks to ensure your accounting remains pristine.