In very basic terms, we respect your personal information and will only ask you for information that we really need from you. We will look after it in the same way we would want ours to be looked after, keeping it secure! We will only share it with others (such as our professional printing lab) when they need the information to deliver our product to you. Be assured that we will never share your information in any other circumstances – nor will we sell it elsewhere!
The Data we collect
1. As a data controller we collect a variety of data in order to deliver our services, and we will manage your personal data transparently, fairly, and securely. We may ask you to provide us the following data – Name, address, email address, telephone number. We may also record a date of birth for all persons we photograph under the age of 13 and require the parent or a legal guardian to consent to photography.
2. Obviously being a photographic business we also create and manage images as per our contractual agreement(s). We use the above data to deliver our service to you and to provide account access which allows you to view and choose your photos
3. Which third parties do we share Personal Data with? We share personal data with the following third parties: Paypal, Stripe, or Square for processing payments only. Zenfolio, PhotoDay, or NextGen Photo Solution - we utilize various e-commerce sites depending on the type of service needed to process your image and order. Their privacy policies are available upon request
5. Your rights -
the right to be informed about the collection and use of your personal data
the right of access to your personal data and any supplementary information
the right to have any errors in your personal data rectified
the right to have your personal data erased
the right to block or suppressing the processing of your personal data
the right to move, copy or transfer your personal data from one IT environment to another
the right to object to the processing of your personal data in certain circumstances, and
rights related to automated decision-making (i.e. where no humans are involved) and profiling (i.e. where certain personal data is processed to evaluate an individual).
In the unlikely event of a breach of our security, we will inform the relevant regulatory body within 72 hours and, if your personal data were involved in the breach, we will also inform you.