Vima

Vima Privacy Policy

Last Updated: February 2025

Vima ("we," "our," or "us") operates a race photo marketplace in the Philippines. We value your privacy and are committed to protecting your personal information. This Privacy Policy explains what information we collect, how we use it, who we share it with, and how you can exercise your rights when you use our website or services.

1. Who Uses Vima?

We collect information from four types of users:

  • Runners – People who appear in race photos, search for their photos (e.g., via selfie or bib number), and purchase or download them
  • Photographers – Individuals who upload event photos, set pricing, and receive payouts (e.g., 85% of sales)
  • Organizers – Event or club organizers who manage events, clubs, and programs
  • Admins – Platform staff who handle support, moderation, financials, and system operations

2. Information We Collect

From Runners

  • Account details: name, email, login credentials (or social login via Google/Facebook)
  • Reference photos: selfies for AI face matching
  • Purchase data: orders, checkout email, download history

From Photographers

  • Account details: name, email, login credentials
  • Uploaded content: event photos, watermarks, logos, cover images
  • Payout information: GCash or other payout account details (handled via payment partners)

From Organizers

  • Contact information: name, email, and other contact details
  • Event and club data: information about events, clubs, and programs you manage

Payment Information

Payments are processed by third-party providers (e.g., Stripe, PayMongo). We do not store credit card or full payment details. We may store transaction records (amounts, dates, status) for billing and support.

Technical & Analytics

  • Device and browser: type, IP address, and similar technical data
  • Usage data: how you interact with our site (e.g., pages visited, features used)
  • Analytics: tools like Google Analytics may be used to improve our services

3. How We Use Your Information

We use your data to:

  • Provide and operate the service (photo search, purchase, delivery)
  • Improve search and matching (face recognition, bib recognition)
  • Support photographers (sales stats, earnings, invoices)
  • Support organizers (event management tools, where applicable)
  • Handle support, moderation, and system maintenance
  • Comply with legal obligations and enforce our Terms of Service

4. Who Can Access Your Data?

We share data only when necessary:

  • Runners: their own data and public event photos available for purchase
  • Photographers: only their own photos, sales, and earnings
  • Organizers: summary data for their events (where applicable)
  • Admins: data required for support, moderation, and platform management
  • Service providers: hosting, payments, analytics—under strict agreements
  • Legal: when required by law or to protect rights and safety

Note: At public events, photographers not on our platform may also take photos. We do not control how those photographers use or distribute those photos.

5. Data Security

We protect your data by:

  • Using HTTPS and strong encryption (e.g., AES-256) for data in transit and at rest
  • Enforcing role-based access control so users only see data relevant to their role
  • Not storing biometric templates; facial data is used only for matching and not retained permanently
  • Applying Row-Level Security (RLS) in our database to restrict access by role

6. Data Retention

  • Event photos: Up to 12 months after the event, unless removed earlier
  • Selfies: Deletable at any time; not retained longer than needed for matching
  • Bib numbers: Not stored beyond what is needed for search
  • Runner accounts: Retained until you request deletion
  • Photographer accounts: While active; some payout records may be kept longer for legal/accounting
  • Organizer data: For the duration of the relationship and as needed for the service
  • Admin activity logs: For auditing, support, and security

7. Your Rights

Under the Philippine Data Privacy Act of 2012, you have the right to:

  • Know what personal data we hold and how we use it
  • Request a copy of your data
  • Request correction of inaccurate or outdated data
  • Object to marketing or non-essential uses
  • Request deletion when data is no longer necessary
  • Request your data in a portable digital format

To exercise these rights, contact us using the details in Section 10.

8. Children's Privacy

Vima is not intended for users under 13. We do not knowingly collect data from children under 13. If you are a parent or guardian and believe your child has provided us with personal data, please contact us so we can delete it.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will post the updated policy on this page and update the "Last Updated" date. Continued use of our services after changes constitutes acceptance of the updated policy.

10. Contact Us

For privacy requests, questions, or to request deletion of your data:

11. Legal Basis

This Privacy Policy is issued in compliance with the Philippine Data Privacy Act of 2012 (Republic Act No. 10173) and its implementing rules and regulations, and other applicable laws.

Contact UsTerms of Service