I totally respect your personal information and will only ask you for what information I really need from you.
I will look after it in the same way I would want ours looking after, keeping it secure! I will only share it with other where I need their help us deliver our service to you (such as our professional printing laboratory who may need your name and address to post your purchases). Be assured that I will never share your information in any other circumstance without your prior consent – nor will I sell it on. Here are more details: –
I am registered with the Information Commissioners office and if you would like to get in touch about anything in this policy or about your personal data then please contact Abby Wilkes, our controller and processor at firstname.lastname@example.org or 104 Tanworth Lane, Shirley, Solihull B90 4DF, Telephone 07966867306
- The Data we collect
As a data controller we collect a variety of data in order to deliver our services and we will manage your personal data transparently, fairly and securely.
We may ask you to provide us with the following data: –
Telephone number (landline and mobile phone)
We will also recored a date of birth for all persons we photgraph under the age of 13 and require a parent or a legal guardian to consent to photography.
Being a photographic business we also create and manage images as per our contractual agreement.
We use the above data to
- deliver our service to you
- for marketing purposes
- personalise your experience
We collect this data on the following lawful basis
Model release/consent agreement
to arrange or fulfill a contract
to meet a legal obligation other than a contract
When you visit our website we also collect Cookies. These are small pieces of data that websites send to a user’s computer and are stored on the user’s web browser. They ae designed to enable the website to remember information, such as webpage traffic and improve our website in order to tailor it to your needs. For example a cookie is used to help us provide you with a better website by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.
2. Which third parties do we share personal data with?
We share personal data with the following third parties:
Newsletter software provider
Back up providers
Data is transferred outside the European Economic Area to United States under the protection of EU/US Privacy Shield, for services provided by retouching organisation
There are also certain situations in which we may share access to your personal data without your explicit consent; for example, if required by law, to protect the life of an individual, or to comply with any valid legal process, government request,rule or regulation.
3. Why do we share your personal data with the above?
We share your date in order to deliver our service to you and personalise your experience.
We may transfer personal data to a country outside of the European Economic Area (EEA) if necessary e.g. if a third party we utilise could have servers located outside of the EEA. If this is the case, we will ensure that the transfer is legal and your data is secure by following the EU’s guidelines. You can see above where we send data outside of the EEA and on what basis we do so.
Links to other websites
Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should not that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
4. Name and address of the controller
Controller of the purposes of the General Data Protection Regulation (GDPR), other data protection laws applicable in Member states of the European Union and other provisions related to data protection is:
5. How do we keep your personal data secure
We keep your data secure by following internal policies, e.g. password protected computers, laptops, mobile phones, CRM, Secure Socket Layer (SSL) technology when information is submitted to us online. Image back-up providers, Dropbox, Backblaze, Crashplan
We use a SSL technology when information is submitted online.
Our image back-up providers are fully GDPR Compliant.
In the unlikely event of a criminal breach of our security, we will inform the relevant regulatory body within 72 hours and, if your personal data were involved in the breach, we will also inform you.
You have the following rights –
- the right to be informed about the collection and use of your personal data
- the right of access to your personal data and any supplementary information
- the right to have any errors in your personal data rectified
- the right to have your personal data erased
- the right to block or suppressing the processing of your personal data
- the right to move, copy or transfer your personal data from one IT environment to another
- the right to object to processing of your personal data in certain circumstances, and
- rights related to automated decision-making (i.e. where no humans are involved) and profiling (i.e. where certain personal data is processed to evaluate an individual)
We also give you the option to manage your data via
Writing to us
While we do not hold personal data any longer than we need to, the duration will depend on your relationship with us, and whether it’s ongoing. We may keep some of your personal data for up to 7 years after our working contract with you has finished for Tax legislation purposes.
Furthermore, we intend to archive your images for 5 years. After this time we will archive your photographs indefinitely along with your relevant details and consent forms. This is due to requests for replacement images being made several years after being taken.