Who we are
Mantle is a photo and keepsake platform for experience operators — attractions, seasonal events and hospitality businesses. When you attend one of those experiences, Mantle provides the technology that captures your photos, delivers your private gallery, and fulfils any order you place.
The experience operator you visited and Mantle each have defined responsibilities for your data, set out in a written agreement between us. For the photo gallery, ordering and fulfilment service, Mantle is the data controller. If you have a question about how the operator uses data for their own purposes, they can also help.
Mantle is an Irish company. Our registered company details are published in the site footer.
What we collect
We keep what we collect to what the service actually needs:
- Photographs taken at the experience, including photographs of children, captured at the operator's venue.
- Contact details you provide — name, and an email address and/or WhatsApp number — so we can send your gallery and order updates.
- Order and payment records when you buy. Card payments are processed by our payment provider; we do not store your full card details.
- Marketing consent choices — whether you opted in, when, and the exact wording you agreed to.
- Basic technical information needed to deliver galleries securely and keep the service working.
Why we use it, and our lawful basis
Every use of your data has a specific lawful basis under the GDPR:
- To provide the service — taking and storing your photos, delivering your gallery, and fulfilling your order. Basis: performance of a contract and our legitimate interest in providing the service you came for.
- To send marketing — reminders, updates and next-season offers. Basis: your consent, which is always separate and optional (see below).
- To deliver photos to someone you name — for example, sending your gallery to a relative. Basis: a personal or household share that you initiate.
- To keep order and financial records. Basis: our legal obligations under tax and accounting law.
Photographs of children
We treat children's photographs with particular care. In practice that means:
- Galleries are never publicly listed or searchable, and links are unguessable.
- Full-resolution images are only available after purchase; we never expose direct file links.
- Internal access to family galleries is tightly limited to what running the service requires.
- Every gallery has a built-in expiry, after which photos are removed.
Marketing and consent
We will only send you marketing if you have opted in yourself. Specifically:
- You receive your photos whether or not you opt into marketing. Opting in is never a condition of viewing or buying.
- Consent is never pre-ticked. It is a clear, deliberate choice you make.
- If someone shares a gallery with you, that does not sign you up for marketing. You would only receive marketing if you opt in yourself.
- You can withdraw consent at any time, as easily as you gave it.
Who we share data with
We do not sell your data. We use a small number of carefully chosen service providers ("processors") to run the platform — for example, secure hosting and storage, payment processing, message delivery and printing. Each handles data only on our instructions and under a data-processing agreement. Where a print provider fulfils an order, they receive only what's needed to produce and ship it.
How long we keep things
- Photos and galleries — kept for a defined window tied to gallery expiry, then deleted.
- Contact details given only to receive a shared gallery — kept for a short period and then removed, unless that person opts in themselves.
- Order and financial records — kept for as long as tax and accounting law requires.
- Marketing contacts — kept while your consent stands, and removed when you withdraw it.
Your rights
Under the GDPR you can ask us to:
- Give you access to the data we hold about you;
- Correct anything that's wrong;
- Delete your data ("right to be forgotten");
- Withdraw your consent to marketing; and
- Object to particular uses of your data.
We will action these requests, including removing photos and contact details across our systems. You also have the right to complain to the Irish Data Protection Commission (dataprotection.ie).
Security
We protect your data with encryption in transit and at rest, strict access controls, secure unguessable gallery links, and payment verification. We never place personal data in public web addresses, and full-resolution photos sit behind purchase.
For any privacy question or to exercise your rights, contact us at hello@mantle.ie.