Last updated: March 2026
Ripple ("we", "us" or "our") operates the Ripple live event photo booth service. This page explains what information we collect when you use Ripple, how we use it, and what rights you have over your data. We keep this simple — we have no interest in selling your data or using it for advertising.
We collect only the information needed to provide the service:
Account information — your email address, and your name if you sign in with Google. If you create an account with email and password, your password is never stored in plain text; it is hashed using industry-standard bcrypt before being saved. If you use Google sign-in, no password is stored at all.
Event data — the names, dates, and settings for events you create (welcome messages, chosen filters, theme colours, etc.).
Photos — images taken by guests at your event are uploaded to secure cloud storage and associated with your event. Guests do not need an account to take photos.
We do not collect payment card details directly; any future paid features will be handled by a third-party payment processor who manages their own data security.
To create and manage your account and authenticate you securely.
To store your events and make photos available in your gallery and slideshow.
To determine which subscription tier you are on and apply the relevant limits.
To send transactional emails (e.g. password reset), if applicable. We will never send marketing emails without your explicit opt-in.
All account data, event settings, and photos are stored on Supabase — a managed cloud database and storage platform built on PostgreSQL and hosted on AWS infrastructure. Supabase encrypts data at rest and in transit (TLS).
Ripple is hosted on Vercel, a cloud platform for web applications. Vercel may log standard request metadata (IP addresses, timestamps) for security and reliability purposes in accordance with their own privacy policy.
Photos are stored in Supabase Storage and may expire after a set period depending on your plan. You will be notified in the dashboard before any photos are deleted.
We do not sell, rent, or share your personal data with third parties for commercial purposes.
We use the following sub-processors to operate the service:
Supabase — database, authentication, and file storage.
Vercel — web hosting and edge delivery.
Google — OAuth sign-in only, if you choose to use it. Google provides your name and email address; we do not receive your Google password.
We may disclose information if required by law or to protect the rights, property, or safety of Ripple, its users, or the public.
Ripple uses a single session cookie, managed by Supabase Auth, to keep you signed in. We do not use advertising cookies, third-party trackers, or analytics that identify individuals.
You have the right to:
Access the personal data we hold about you.
Request correction of inaccurate data.
Request deletion of your account and associated data. You can do this at any time by contacting us at the address below.
Export your photos before they expire using the Export feature in your dashboard.
To exercise any of these rights, please contact us at privacy@ripple.photos. We will respond within 30 days.
Ripple is not directed at children under the age of 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us so we can delete it.
We may update this policy from time to time. When we do, we will update the "Last updated" date at the top of this page. We encourage you to review this policy periodically. Continued use of Ripple after changes constitutes acceptance of the updated policy.
If you have any questions about this Privacy Policy, please contact us at privacy@ripple.photos.