1. THE DATA I COLLECT
As a data controller I collect a variety of data in order to deliver my services, and I will manage your personal data transparently, fairly and securely.
I may ask you to provide me with the following data – First and Last Name / Postal Address / Postcode / Telephone Number(s) / Email Address.
Obviously being a photographic business I also create and manage images as per our contractual agreement(s).
I use the above data to deliver my service to you / for marketing purposes / to personalise your experience / to provide account access / to contact you.
I collect this data on the following lawful basis: Consent from yourself / To arrange or fulfil a Contract / To meet a legal obligation other than a Contract.
2. THIRD PARTIES I SHARE PERSONAL DATA WITH
I share personal data with the following third parties: Google Analytics / Mailchimp / Quickbooks / MacMail / Siteground / DS Colour Labs / Folio / Dropbox / Crashplan.
There are also certain situations in which I may share access to your personal data without your explicit consent; for example, if required by law, to protect the life of an individual, or to comply with any valid legal process, government request, rule or regulation.
3. WHY I SHARE YOUR PERSONAL DATA WITH THE ABOVE
I share your data in order to deliver my service to you / for marketing purposes / personalise your experience / to keep you up to date via newsletters / to have your albums delivered directly from the supplier (Folio) / to have your prints delivered directly from the supplier (DS Colour Labs) / to back up your images / to send you invoices / for tax purposes.
I may transfer personal data to a country outside of the European Economic Area (EEA) if necessary e.g if a third party I utilise could have servers located outside of the EEA. If this is the case, I will either obtain your consent or otherwise ensure that the transfer is legal and your data is secure by following the EU's guidelines.
4. HOW I KEEP YOUR PERSONAL DATA SECURE
I keep your data secure by encrypting external hard drives / by using Secure Socket Layer (SSL) technology when information is submitted to me online / password protecting all computers and mobiles.
In the unlikely event of a criminal breach of my security I will inform the relevant regulatory body within 72 hours and, if your personal data were involved in the breach, we will also inform you.
6. YOUR RIGHTS
You have the:
- right to be informed about the collection and use of your personal data
- the right of access to your personal data and any supplementary information
- the right to have any errors in your personal data rectified
- the right to have your personal data erased
- the right to block or suppressing the processing of your personal data
- the right to move, copy or transfer your personal data from one IT environment to another
- the right to object to processing of your personal data in certain circumstances
- rights related to automated decision-making (i.e. where no humans are involved) and profiling (i.e. where certain personal data is processed to evaluate an individual).
I also give you the option to manage your data via: email, telephone, writing to me.
While I do not hold personal data any longer than we need to, the duration will depend on your relationship with me, and whether it is ongoing. I may keep some of your personal data for up to 7 years after my working contract with you has finished for Tax legislation purposes. After this time I will archive your photographs indefinitely along with your relevant details and consent forms. This is due to requests for replacement images being made several years after being taken.