20 Questions Before Uploading Customer Photos

Resources

Before customer photos enter an AI tool, ask these twenty questions about consent, training, retention, access, sharing, and deletion.

Date
July 3, 2026
Author
Unexposed

A customer photo envelope paused before a checklist gate with privacy icons

Customer photos are not generic inputs. They can contain faces, homes, children, workplaces, medical clues, locations, documents, and people who never heard about your exciting AI workflow. Before uploading them, slow down.

Here are the twenty questions that catch most of the obvious mistakes.

  1. Do we have permission to use this customer photo for this AI task?
  2. Is the person uploading the image also the person pictured?
  3. Does the image include children, bystanders, employees, patients, students, or guests?
  4. Does the photo reveal a home, workplace, address, badge, screen, document, or private object?
  5. Is this a public asset, a customer asset, a client asset, or regulated material?
  6. Does the AI provider use uploads for model training or service improvement?
  7. Does “no training” cover image endpoints and edit endpoints specifically?
  8. How long are source images retained?
  9. Are generated outputs retained, hosted, or added to a gallery?
  10. Are direct links public, signed, expiring, or permanent?
  11. Are prompts stored as history or logs?
  12. Can support staff, provider staff, or human reviewers see the image?
  13. Are images sent to subprocessors or additional vendors?
  14. Is metadata stripped before upload?
  15. Are failed jobs, retries, and queue payloads deleted?
  16. Does deletion cover thumbnails, cache, backups, and derived files?
  17. Is the image needed at all, or would a synthetic stand-in work?
  18. Is the output allowed to be shared publicly?
  19. Would we be comfortable explaining this workflow to the customer in plain English?
  20. If the answer became public, would it still sound reasonable?

This list is not a legal blessing. It is a sanity filter. If your team cannot answer these questions, uploading customer photos is not “moving fast.” It is creating a future meeting with worse lighting.

Some photos will be fine to process. Some should go through a private route. Some should not be uploaded at all. The point is to sort them before the upload, not after the customer asks where their face went.

Further reading: The weird new etiquette of uploading someone else’s face, Image generation should not require surrendering your archive, and Your data.

Your prompt. Your model. Only your content.

Create private images with Credits, Access Tokens, and sealed requests. Encrypted in transit, run on ephemeral compute, deleted after delivery.