Skip to content

Privacy Policy

Image in a Box, LLC, its affiliated companies, and its third-party service providers ("Image in a Box") value your privacy. This Privacy Policy (“Policy”) applies to all users of Image in a Box's website (“Image in a Box Website Visitors”), and governs data collection and usage on Image in a Box's website by Image in a Box. For purposes of this Policy, “You” and “Your” refer to Image in a Box Website Visitors. By using this website, You consent to the data gathering and usage practices described in this Policy.

COLLECTION, USE, AND SECURITY OF YOUR PERSONAL INFORMATION

Image in a Box automatically collects information about Your computer software and/or hardware, such as IP address, browser type, domain names, access times, and referring website addresses, as well as anonymous demographic information that is not unique to You (“Your Information”). Image in a Box may use Your Information to provide quality service, analyze website usage statistics, and inform You about products and services offered by Image in a Box.

We store your personal data on our platform indefinitely, allowing you the flexibility to manage and maintain your service-related information for as long as you need. If you decide to remove your data, you can request deletion at any time by contacting support@imageinabox.com (or support@simpleevents.io). Upon receipt of a deletion request, we will promptly remove your data from our systems in compliance with applicable legal requirements.

LEGAL BASIS FOR PROCESSING PERSONAL DATA

We process personal data based on the necessity of a contract. When you sign up for one of our platforms, you enter into a contractual agreement with us to provide services that enable you to run and manage digital projects or events. The personal data collected is solely used to fulfill these services. We commit to not using your personal data for any other purposes without your consent.

SHARING AND SELLING OF PERSONAL INFORMATION

Image in a Box does not sell, rent, trade, or otherwise monetize your Personal Identifiable Information. We disclose your personal information only to trusted service providers and affiliates who perform services on our behalf, as outlined in this Policy. These providers may include:

  • Amazon Web Services (AWS) – Cloud hosting and infrastructure
  • Stripe – Payment processing
  • Mailgun – Transactional email delivery
  • Sentry.io – Application monitoring and error tracking
  • HubSpot – CRM and marketing automation
  • Google Analytics / Ads – Web analytics and advertising optimization
  • Hotjar – User behavior analytics

Each service provider is contractually obligated to process data only to the extent required to deliver services to us.

If you are a California resident, you have the right under the California Consumer Privacy Act (CCPA) to opt-out of the sale of your personal information — but we do not sell personal information in any event.

INTERNATIONAL DATA TRANSFERS

Your personal data is stored and processed in the United States. We apply strong security measures including:

  • TLS 1.3 encryption for all data in transit
  • Multi-factor authentication for database access
  • Role-based access control for system users

We may disclose personal data to third parties listed above in order to deliver services or maintain security. These disclosures are limited to the purposes described and are governed by contracts requiring privacy compliance.

EU-U.S. DATA PRIVACY FRAMEWORK COMPLIANCE

Image in a Box, LLC complies with the EU-U.S. Data Privacy Framework (DPF), including the UK Extension to the EU-U.S. DPF, as set forth by the U.S. Department of Commerce. We have certified to the Department of Commerce that we adhere to the DPF Principles for personal data transferred from the EU and UK to the United States.

  • FTC Jurisdiction: Image in a Box, LLC is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC).
  • Lawful Disclosures: We may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
  • Onward Transfers: In cases of onward transfers to third-party agents, Image in a Box remains liable under the DPF Principles if its agent processes personal data in a manner inconsistent with those Principles, unless we can prove we were not responsible for the event giving rise to the damage.

To learn more about the DPF and view our certification, visit: https://www.dataprivacyframework.gov

USE OF AUTOMATIC DATA COLLECTION TECHNOLOGIES; OPTING OUT

We use several tools for analytics and service optimization, including:

  • Google Analytics / Google Ads – Tracks website activity and ad performance
  • HubSpot – Collects voluntary personal information for contact forms and email marketing
  • Hotjar – Collects anonymous user behavior to improve site usability

These tools do not collect personally identifiable information unless explicitly provided by you.

To opt out:

RIGHTS OF DATA SUBJECTS

If you are a data subject under the General Data Protection Regulation (GDPR), you have the following rights:

  • Right to Access – View your personal data
  • Right to Rectification – Correct inaccuracies
  • Right to Erasure – Request deletion (“Right to be Forgotten”)
  • Right to Restrict Processing – Pause data use under certain conditions
  • Right to Data Portability – Export your data in machine-readable format
  • Right to Object – Object to certain types of processing

To exercise your rights, contact us at:
📧 support@imageinabox.com or support@simpleevents.io

CHILDREN UNDER THIRTEEN

This website is not intended for children under 13. We do not knowingly collect personal information from users under 13. If you believe we have collected such information, contact:
📧 mgivens@imageinabox.com
📞 (256) 886-8269

DATA BREACH NOTIFICATION PROCESS

In the event of a data breach, we will notify affected individuals and regulatory authorities within 72 hours, in compliance with GDPR. Notifications will include:

  • The nature of the breach
  • Data affected
  • Steps taken and next actions

We are committed to full transparency and cooperation with regulators.

CONTACT INFORMATION

If you have questions about this policy or wish to exercise your privacy rights, contact:

Michelle Givens
Managing Director
📧 mgivens@imageinabox.com
📞 (256) 886-8269

Effective Date: February 8, 2011
Last Updated: November 12, 2025