Skip to content
VisaPass Photo
๐Ÿ‡บ๐Ÿ‡ธ๐Ÿ‡ฌ๐Ÿ‡ง๐Ÿ‡จ๐Ÿ‡ฆ๐Ÿ‡ฆ๐Ÿ‡บ๐Ÿ‡ฉ๐Ÿ‡ช๐Ÿ‡ซ๐Ÿ‡ท๐Ÿ‡ฎ๐Ÿ‡น๐Ÿ‡ช๐Ÿ‡ธ๐Ÿ‡ณ๐Ÿ‡ฑ๐Ÿ‡จ๐Ÿ‡ญ๐Ÿ‡ฎ๐Ÿ‡ณ๐Ÿ‡จ๐Ÿ‡ณ๐Ÿ‡ฏ๐Ÿ‡ต๐Ÿ‡ฐ๐Ÿ‡ท๐Ÿ‡ง๐Ÿ‡ท๐Ÿ‡ฒ๐Ÿ‡ฝ๐Ÿ‡ฟ๐Ÿ‡ฆ๐Ÿ‡ธ๐Ÿ‡ฌ๐Ÿ‡ฆ๐Ÿ‡ช๐Ÿ‡ณ๐Ÿ‡ฟ๐Ÿ‡น๐Ÿ‡ท๐Ÿ‡ท๐Ÿ‡บ
Back to home

Privacy Policy

Last updated: 2026-05-20

The short version

  • Your photo never leaves your device. All face detection, background removal, cropping, and compositing run inside your browser. We do not see, receive, or store any photograph you upload.
  • Payment is processed by Stripe. We never touch your card details.
  • We retain only minimal order metadata โ€” Stripe session ID, country code, document type, package, and timestamp โ€” so we can verify your purchase and unlock your download.

1. Who we are

VisaPass Photo is the operator of visapassphoto.com. For privacy questions: privacy@visapassphoto.com.

2. What runs on your device only

The following operations are executed entirely in your browser and never leave it:

  • Image decoding from your upload or camera capture.
  • Facial-landmark detection via Google's MediaPipe Tasks Vision (downloaded as a WASM model directly from a public CDN to your browser).
  • Background removal via the @imgly/background-removal library (a Web Worker running an ONNX segmentation model in your browser).
  • Country-specific cropping, color tuning, and JPEG/PNG export.

Once your purchase is confirmed by Stripe, the rendered photograph is delivered to you directly from your own browser memory. It is not uploaded to our servers as part of this flow.

3. What we do collect

  • Order metadata: Stripe checkout session ID, the document type and country code you selected, the package purchased, the amount paid, and a timestamp.
  • Payment details โ€” but only via Stripe. Stripe collects your card number, billing address, CVC, and (for wallet payments) token data. Stripe shares only a token and the final payment status with us; we never have access to raw card data.
  • Receipt email: if you opt in on Stripe's checkout page, Stripe sends your receipt to the email you provide. We see the email address only if Stripe shares it back with the session metadata.
  • Standard server logs: our hosting provider records HTTP request metadata (IP address, user agent, timestamp) for security and abuse prevention. These logs are retained for up to 30 days.
  • Local browser storage: we store your locale preference, theme, the document type you last picked, and recent order IDs in your browser's localStorage and sessionStorage. This data never leaves your device.

4. Cookies

We do not set advertising or cross-site tracking cookies. Stripe may set its own cookies on its embedded checkout iframe for fraud prevention; those are described in Stripe's policy.

5. Third parties

  • Stripe, Inc. โ€” payment processing.
  • Vercel Inc. โ€” hosting and edge delivery.
  • jsDelivr / Google Cloud Storage โ€” public CDNs that deliver the MediaPipe and imgly model files to your browser. Standard HTTP request logs apply.

6. Legal bases and retention (GDPR / UK GDPR)

  • Order processing โ€” performance of a contract (Art. 6(1)(b) GDPR). Retained for 7 years for tax and accounting purposes.
  • Server logs โ€” legitimate interest in security (Art. 6(1)(f)). Retained for up to 30 days.
  • Email receipts โ€” performance of a contract; managed by Stripe.

7. Your rights

Depending on your jurisdiction (GDPR, UK GDPR, CCPA/CPRA, LGPD, etc.) you may have the right to access, correct, delete, port, or restrict the processing of your personal data, and to lodge a complaint with a supervisory authority. To exercise any of these rights, email privacy@visapassphoto.com with your Stripe session ID. We do not sell personal data.

8. International transfers

Our sub-processors may transfer data outside your country of residence. Stripe and Vercel rely on Standard Contractual Clauses and equivalent safeguards where required.

9. Children

The Service is not directed to children under 16. We do not knowingly collect personal data from anyone under that age. If you believe a minor has used the Service without adult supervision, contact us and we will delete any associated metadata.

10. Changes to this policy

We may update this policy from time to time. Material changes will be announced on this page with a revised "Last updated" date.

11. Contact

Data-protection officer and privacy questions: privacy@visapassphoto.com.