Skip to main content

Trust Center

BrandStudio handles event photos, guest information, and face recognition data. We take that responsibility seriously. This is the single place to see how we protect your data — and your client's.

Last updated: July 3, 2026

Encrypted in transit and at restFace data encrypted, opt-out anytimeTwo-factor authentication availableGDPR & CCPA deletion supportedSOC 2 program in progress

Security

  • Encryption everywhere: TLS 1.2+ in transit, server-side encryption at rest on Cloudflare R2, Fernet encryption for face embeddings.
  • Authentication: bcrypt password hashing, JWT tokens, optional two-factor authentication with backup codes.
  • Access control: 7-level role hierarchy, company-scoped data isolation, rate limiting on all sensitive endpoints.
  • Infrastructure: Railway (SOC 2 Type II), Cloudflare R2 and CDN, Vercel edge network, Stripe (PCI DSS Level 1) for payments.
Read our full security practices

Privacy

  • Minimal data collection: we collect only what we need to deliver event photos to guests.
  • No selling data: we never sell personal information to third parties.
  • Face recognition: operators can disable it per event with one toggle, and guests can opt out independently. Embeddings are encrypted at rest, isolated per company, and deletable anytime.
  • Analytics: PostHog for product analytics; the marketing site runs in cookieless mode.
  • Data deletion: delete your data from the dashboard or email us. We honor all deletion requests.
Read our privacy policy

Compliance

  • SOC 2: BrandStudio itself is not yet SOC 2 certified — our compliance program is in progress. Our underlying infrastructure providers (Railway, Cloudflare, Stripe) hold their own SOC 2 certifications.
  • GDPR: we support data portability and deletion requests for EU users.
  • BIPA/CCPA: face recognition follows biometric data protection requirements — notice-and-opt-out per event, encrypted storage, company-isolated embeddings, full erase on request.
  • DPA: we offer a Data Processing Agreement for customers who need one. Request a copy at security@brandstudiohq.com.
See our GDPR & CCPA terms in the DPA

Data handling

  • Photo storage: Cloudflare R2 (S3-compatible) with global edge delivery.
  • Database: PostgreSQL on Railway with encrypted connections and automated backups.
  • Company isolation: each company's data is strictly separated. No cross-account access.
  • Audit logging: logins, team changes, data deletion, and face recognition actions are logged.
  • Face Match runs in-house: we never send face data to an outside recognition service.
See every third-party service we use

Sub-processors

The complete, current list of third-party services we rely on — what each one does and the data it touches. Kept current for security and procurement review.

View the full list

Report a vulnerability

Found a security issue? Email security@brandstudiohq.com. We acknowledge reports within 48 hours and fix confirmed vulnerabilities as fast as possible.

Questions

Security or privacy questions — or a procurement review that needs answers? Email security@brandstudiohq.com or use the contact form. A real person replies.