Safety & Privacy & GDPR
How do I prevent visitors from seeing the sub-galleries of a gallery?
To ensure that visitors of a gallery do not have access to existing sub-galleries, the item "View Sub-Galleries" in the parent gallery must be inactive. Thus no one in the parent gallery can see the lower galleries - and vice versa.
See also: How do I prevent visitors to a gallery from accessing the parent gallery?Link to this entry
How do I prevent visitors to a gallery from accessing the parent gallery?
To ensure that visitors to a sub-gallery in the left menu do not have access to the parent gallery, the option "Navigation to sub-galleries and vice versa" must be inactive in this parent gallery. Therefore, no one in the parent gallery can see the sub-galleries - and vice versa.
Are you using Custom Links for your gallries? In order to additionally prevent a "clever" visitor from shortening the address of a sub-gallery by one level and still being able to access the parent gallery, we recommend only using the automatically generated random link. This link consists of only one random code and does not allow any conclusions on your folder structure. You can find it in the "Send" section.Link to this entry
How can I protect my images with watermarks?
In your account settings ("Your watermarks") you can upload your logo or other graphics and create multiple watermarks with just a few clicks. You can set the place for the watermark and adjust its size and opacity to your needs.
Note: the watermarks will “only” protect the thumbnails and previews in picdrop, so your clients can’t take screenshots or steal the pictures in other ways. If you activate the download of the original images at the same time, these will not be protected by watermarks because picdrop will never modify your originally uploaded images.
Find a German introduction video to our watermarks here:Link to this entry
Who can view and access a gallery?
In general, every person who is given the external address to a gallery can also access it. This means that you are responsible for who can see your galleries.
For this reason we recommend two things:
- Please use the external address that is auto-generated for your galleries whenever possible. This address consists of a random combination of letters and numbers. It is almost impossible to guess these addresses by chance. If you set an easy-to-read custom link for your gallery, it is more likely that links to your galleries can be guessed.
- Additionally, please always protect your galleries with a password that only you and your customers know. Especially when sharing sensitive material such as weddings, erotic images, company secrets, etc.
With these two precautions you are on the safe side!Link to this entry
Where are your servers located?
PicDrop GmbH is a purely German company. All our servers are located at large and well-known providers in Germany. Your data is therefore subject to strict German data protection regulations.
For the reliable delivery of data and for our communication with clients (newsletters, customer support, credit card payments, etc.) we use further, international services and tools from industry-leading companies. It is important to us that each of these companies is contractually bound to the same GDPR obligations towards us, you and your clients.
Which link can be used to access my galleries externally?
The galleries in your picdrop account can be either private or externally available.
If you set a gallery to private, this gallery will only be visible to you as the owner of the picdrop account when you are logged in.
… or externally available galleries
If you set the gallery to be available externally (and this will be true in most cases, because you want your customers to be able to see their galleries), then we will always automatically create a randomly generated link for each gallery. This link consists of a random combination of numbers and letters.
For example, an externally available link may look like this: https://www.picdrop.com/username/sKdzPJbtGD
You would rather use a custom link for your gallery?
No problem - you can change the randomly generated link for a gallery at any time!
Just type the desired name into the field for the custom link. Save the custom link with the button Apply Changes and from now on the gallery is only accessible via this custom link.
This is how a custom link can look like: https://www.picdrop.com/username/2021-12-XMAS-Shooting-outdoor
You can use the button Insert gallery path as custom link, which you will find directly below the field for the custom link, to automatically insert the name or the entire path to your gallery as a custom link.
ATTENTION The simpler the structure of your custom link, the higher the probability that third parties can get access to your galleries by mere guessing of the link.
That is why we advise you to use only the automatically created, randomly generated links for your galleries.
If you do decide to use custom links, please always use a password for your galleries so that no one can get into your gallery by simply guessing the gallery link.
Where can I find the link for a gallery?
You can find the current gallery link in three places:
via the send button at the very top of the gallery
in the gallery settings in the section labeled Security
in the address bar of your browser
If you have set a password for the gallery, you will find it in the gallery settings or via the send button!Link to this entry
How can I make a Data Processing Agreement?
You can conclude and print out a Data Process Agreement (DPA) here in your picdrop. Of course, we offer this agreement independent of your chosen plan and without additional costs.
Link to this entry
Can I protect my galleries with a password?
Definitely. Just open "Gallery Settings", click on "Security" and define the password your client or everyone else has to enter before entering your gallery.Link to this entry
Do I have to complete a Data Processing Agreement?
If you process personal data of your clients with the help of a service provider (e.g. picdrop), it is a Data Processing Agreement (in the past this was called order data processing or ADV; but in principle, it is the same thing). This data processing must be regulated by contract, which ensures that the service provider (i.e. us) adheres to the rules of the GDPR and also ensures the protection of your data (and that of your clients) if it is passed on to third parties.
The conclusion of such an agreement with us is voluntary. The decisive criterion is rather whether you process "personal data" of your clients (i.e. "information that refers to an identified or identifiable natural person"; §4 GDPR) via picdrop. According to some experts, this term could already include portrait photos. Depending on the nature of your work, however, this may not be necessary. The deciding factor is always the specific individual case. To find out whether this applies to your work, please contact your lawyer or your photographers' association directly.
Either way, it cannot hurt to conclude a Data Processing Agreement with us.
Link to this entry
I have general questions about GDPR.
On May 25 2018, the General Data Protection Regulation (GDPR) was enforced in the EU. This standardizes the strict data protection laws of all European countries and thus ensures an even better and more effective protection of your data as well as the data of your clients.
What changes with the GDPR?
Actually, not much has changed. German legislation on data protection has already been very strict, so the changes are more in the details. The protection of your data has always been an important concern for us, in which we invest a lot of money and effort. Your photos at picdrop are automatically subject to German jurisdiction and data protection.
What changes for me?
The changes for you can be divided into two areas. The first area concerns your picdrop account. Not much will change here. We will have revised our data protection regulations at the latest by the time the GDPR is enforced and will inform you in good time. Since your rights as a client are significantly strengthened with the GDPR, this is only to your advantage.
Sharing data? Do we have to do this?
For example, in order to send a newsletter or to debit money for the monthly services from your account, we use other but serious and reliable service providers who support us like any other website. We carefully select these service providers and ensure through contracts that your data is also secure there and that all parties involved are adhering to the high legal data protection standards.
As part of the order processing agreement, we accurately list the service providers we work with and keep you informed of any changes.Link to this entry
Bye bye, Plain Links! Hello, Custom Links!
With today's update (16.11.21), you can create individual "custom links" independently of the gallery name. Sharing new galleries via the previous "plain links" linked to the gallery names will no longer be possible. Existing galleries with active plain links can still be opened until December 15th. To increase the security of your galleries, we take a logical step here.
Read more about what you can and should do to ensure that your clients can still access their galleries in this article.
Plain links? What are Plain Links?
Plain Links are links that don't look like this: picdrop.com/username/3zj7uG6ZR, but for example like this: picdrop.com/username/grandmas-birthday.
In the security settings of your galleries you could choose between both variants. The Plain Link variant was used to get more readable URLs. However, for the last 4 years the second variant, the "secure link", is the default setting for all new picdrop users.
So if you are part of the majority of our users who always use the "secure link" to share galleries, you can stop reading here. Nothing will change for you!
You are using Plain Links?
If you use Plain Links regularly or have used them in the past, please note that these plain links will STOP working as of Wednesday, December 15th. This also applies to links that have already been sent. If you currently sent out links to clients, you have 2 options:
You can send a new (secure) link to your clients. Or …
You can create a new Custom Link for the gallery.
Go to the gallery settings and edit the Custom Link according to your wishes. You can e.g. use the gallery name as before or enter a completely individual name. Please note, however, that this link is then again less secure than the randomly generated link. To increase security, we strongly advise you to always set a password as well.
The security of your data is important to us
At picdrop we regularly take security precautions, check our application for improvement possibilities and implement them. In the security settings of each gallery we inform you that Plain Links are not as secure as the "secure links" and can be "guessed". Until now, we have relied more on your personal responsibility in deciding which link you choose and let all photographers decide for themselves what type of link you want to use for your galleries. In the future, we want to support you even more and hope that users will use this function much more consciously than before.
How can I still send pretty, more readable links?
Yes, the time of automatically generated links Plain Links is over - unless you consciously decide to keep using them. In this case you can now edit the address of the link by clicking into the address field and name it individually. This is a new option with a similar result: a readable text link. So you can still create nice URLs for galleries that should be public, for example. But now you are no longer locked into automatically using the name of the gallery as the link! This way you can make sure that a link you sent to your clients in the last days remains available after the change on December 15th.
I have a lot of plain links that need to remain accessible. What now?
Of course, we know that in some cases there are a lot of plain links that need to continue working under their old address. In cases where the number of links is too large to check the settings yourself, or where you do not have an exact overview, we are happy to help. Please contact us at firstname.lastname@example.org so that we can work with you to convert your old plain link galleries to the new custom links. We are happy to help you!
The upcoming changes in a nutshell
You are using only secure links for your galleries? Everything stays as it is and there is nothing for you to do!
You have been using Plain Links for your galleries? As of December 15th your galleries will no longer be accessible via the Plain Link.
What do I have to do now? The easiest way is to send your clients the new randomly generated link to the gallery. Alternatively you can edit this link in the security settings of each gallery (and thus make the old link usable again). It's best to set a password for the gallery at the same time, if it doesn't have one yet.
I still have questions.
No problem! Write us at email@example.com and we will be happy to answer all your questions.Link to this entry
Can I rely on you and are you making backups?
Our servers are connected to the rest of the world several times, backed up and monitored around the
clock, so that we can guarantee a network availability of at least 95%.
Your data is backed up daily.
In case of failures, you can be sure, it is in our own interest to get picdrop back up and running as soon as possible.
Note: Your data is safe with us. Nevertheless, we do not see picdrop as a backup solution for you, but as a tool for communicating with your clients.
Solid backups are a completely different subject, and as a photographer, you should always keep in mind delimited backups and a solid data architecture. Your images & vidoes are your most valuable asset.
By the way, the American photographer Chase Jarvis has a detiled blog post about this topic.Link to this entry
Is there anything else I need to know about GDPR as a photographer?
Yes, as of May 25 photographers also became obligated to comply with the GDPR. Although you have already been obliged to do many things within the framework of strict German laws, from May 25 data processing that does not comply with the GDPR may result in harsh penalties.
We would be happy to advise you here, but unfortunately, we are not lawyers. Therefore, we ask you to contact your lawyer or a professional consultant for the necessary updates of your website, contract templates, etc. A first step for the rough understanding of GDPR can be found on the Podcast "Uncle Bobcast" by wedding photographers by Nils Hasenau and Manuel Gutjahr. They spoke with an attorney on the topic of GDPR. (German)Link to this entry