Terms and Conditions of Use

fotia is a Software as a Service (SaaS) platform that covers the entire life cycle of an event: before the event it organizes access (guest lists, invitations with QR codes), during the event it manages entries (check-in), after the event it collects and distributes photographic content.

The service includes:

• management of organizations (venues, clubs, promoters) with role-based teams: owner, PR and staff
• creation and management of guest lists, list types and reusable templates
• generation of personal invitation QR codes and a shareable invitation page
• guest check-in from the browser, with real-time counts and statistics
• automatic calculation of PR commissions on paid entries
• creation and management of photo galleries with a protected access code
• photo uploads by registered users and anonymous guests
• automatic image processing (optimization, conversion to WebP format, preservation of the original)
• organization into albums (for Pro and Business galleries)
• bulk export of photographs in ZIP format
• sponsor spaces with anonymous, aggregated view counting
• content reporting system compliant with the Digital Services Act (DSA)

fotia provides exclusively technical hosting and management tools. fotia does not carry out preventive editorial moderation, nor does it use event content and data for its own purposes.

• <strong>User:</strong> the person who creates a fotia account.
• <strong>Organizer (owner):</strong> the User who creates and manages an Event, including on behalf of their Organization.
• <strong>Organization:</strong> the entity (venue, club, promoter) that holds a standing team on fotia.
• <strong>PR:</strong> the User, member of an Organization, who manages guest lists in the events they are assigned to.
• <strong>Staff:</strong> the User, member of an Organization, dedicated exclusively to guest check-in.
• <strong>Listed guest:</strong> the person, even without an account, added to a guest list by the Organizer or a PR.
• <strong>Guest:</strong> any person who uploads or views content without registration, via the Event link or access code.
• <strong>Content:</strong> photographs and materials uploaded to the platform.
• <strong>Event:</strong> the entity created by an Organizer on which the Gate module (access management) and/or the Gallery module (photo collection) can be activated, with the related access, duration and plan configurations.

The service can be accessed through registration (User) or, without registration, as a guest: via link or access code for the Gallery, via QR or invitation page for the Gate. PRs and staff join an Organization exclusively by accepting an explicit invitation from the Organizer.

The Organizer acts as Data Controller under the GDPR for the data of their Event: they are solely responsible for the lawfulness of photo collection, of the data of guests added to lists (even when the entry is materially performed by their PRs), for sharing links, QRs and codes with participants and for obtaining the necessary consents.

Guest access is governed by the Event policies configured by the Organizer: for the Gallery, uploads can be open to all guests or restricted to members only; for the Gate, lists can be managed by PRs or reserved to the Organizer.

fotia adopts the principle of data minimization.

4.1 Data collected

• For registered Users: full name, email, phone (optional), acceptance of the terms and any role in the Organization.
• For listed Guests: name, phone (optional, for sending the QR), companions, complimentary entries and any organizational notes, entered by the Organizer or their PRs under the Organizer's responsibility.
• For Gallery Guests: no registration or direct identifying data is required (e.g. name, email), except for technical data processed for security and service operation purposes.

fotia also processes technical data associated with uploads (e.g. browser type, operating system, device type and IP address). IP addresses are retained for a limited period and subsequently deleted as set out in the Privacy Policy. At check-in, the date, time, operator and entry type are recorded.

Uploaded photographs are not analyzed for commercial profiling purposes, nor subjected to facial recognition or processing of biometric data. Data processing complies with Regulation (EU) 2016/679 (GDPR).

The fotia infrastructure (database, storage, hosting, email) is configured to operate primarily within the European Union, in compliance with the applicable data protection legislation.

For further details, please refer to the Privacy Policy.

5.1 Ownership of content

Uploaded content remains the exclusive property of the uploader. fotia does not acquire any commercial, promotional or editorial usage rights over the photographs.

5.2 Technical license

By uploading content, the User or Guest grants fotia a limited, non-exclusive and temporary license, exclusively necessary to:

• store the content in the platform's storage
• process and optimize the images (conversion to WebP format, resizing, compression)
• keep the original version for download and export
• generate ZIP archives for bulk export
• make the content accessible within the Event

This license ends with the deletion of the Event or of the content.

5.3 Content retention and deletion

Content is retained for the period set by the gallery plan — from a minimum of 30 to a maximum of 365 days from the creation of the gallery — unless deleted earlier. Upon expiry, all photos (originals and optimized versions) and any exports are permanently deleted through automated procedures.

Photo export download links (ZIP) automatically expire 7 days after generation. The technical metadata embedded in the photographs (EXIF) is not removed on upload.

The Organizer and their PRs enter guest data into the lists. The Organizer guarantees the accuracy of such data and the lawfulness of its collection, including with regard to people without a fotia account.

• Invitation QRs are based on unpredictable random identifiers; the public invitation page shows only the guest's name, event and list, cannot be indexed and the link stops working 24 hours after the end of the event.
• Check-in records are immutable: once recorded, an entry cannot be individually modified or deleted. This property guarantees the integrity of the counts and is authoritative for statistics and commission purposes.
• Capacities, list limits and the types allowed to PRs are configured by the Organizer; {projectName} merely enforces them technically.

PR commissions are calculated automatically as the product of recorded paid entries and the per-entry commission configured by the Organizer. The visibility of the commission summary to PRs is at the Organizer's discretion. fotia provides only the calculation tool: it is not a party to the economic relationships between Organizer, Organization and PRs and does not guarantee the payment of commissions.

The User guarantees that the uploaded content does not infringe third-party rights.

7.1 Content Reporting — Notice & Takedown (DSA)

In compliance with the Digital Services Act (EU Regulation 2022/2065), fotia provides a dedicated system for reporting illegal or inappropriate content, accessible to anyone, even without registration.

7.2 Report categories

Reports may concern:

• illegal content (high priority)
• copyright or intellectual property infringement
• privacy violation (unauthorized photos)
• harassment or bullying
• hate speech
• non-consensual sexual content
• spam or phishing

7.3 Report handling process

fotia undertakes to meet the following timelines, in compliance with the DSA:

• <strong>Acknowledgment:</strong> normally within 24 hours of receiving the report.
• <strong>Decision:</strong> normally within 7 days of the report (normally within 24 hours for manifestly illegal content).

At the end of the assessment, fotia may:

• remove the individual reported photo
• deactivate the entire associated event
• reject the report if deemed unfounded

7.4 Notifications and transparency

Both the reporter and the User who owns the event are informed by email at every stage of the process: acknowledgment, decision and action taken.

7.5 Right of appeal

The User whose content has been removed or whose event has been deactivated receives an email with a link to file an appeal. The appeal process is free of charge and is reviewed by the platform.

7.6 Anti-abuse limits

To prevent misuse of the reporting system, a maximum limit of 10 reports per day per IP address applies.

To the extent permitted by law, fotia:

• does not guarantee the total absence of interruptions or errors,
• is not responsible for data loss caused by events not directly attributable to the platform,
• is not liable for improper use of the service by Users,
• is not responsible for the truthfulness of the consents declared by Users (including those relating to minors),
• is not a party to the contractual and economic relationships between Organizers, Organizations, PRs, staff and guests.

The service is provided "as is".

The User may stop using the service at any time.

fotia reserves the right to suspend or close accounts and organizations in case of violation of these Terms, or to deactivate events following well-founded reports handled through the Notice & Takedown system.

Upon termination, Events and all associated data — Content, guest lists and check-in records — are deleted according to the timelines set out in the Privacy Policy. Deletion includes all photo variants (originals and optimized versions) and any exports, through automated storage deletion procedures.

fotia may update these Terms for technical or legal reasons or due to the evolution of the service. Changes will be communicated through the website or the User account.

These Terms are governed by Italian law.

Any dispute shall fall under the jurisdiction of the courts of the place of establishment of the service owner, unless otherwise required by mandatory provisions of law.