Short version: We make sure that your data is handled in a way which complies with the EU General Data Protection Regulation (GDPR), the Data Protection Act 1998, and any other relevant legislation.
Long Version: In this document, ‘we’ refers to Heartfelt and Cherished Photography and its representatives. ‘You’ refers to visitors to our website and our customers.
Who is responsible for your data?Our data protection officer and company owner is Joanne McGloine. The data protection officer is responsible for making sure that your data is stored and processed safely. You can contact them at firstname.lastname@example.org
Why do we process and store your data? We need to store and process your data if you make an enquiry or place an order with us, to allow us to provide our services as a photography company. This includes your name, contact details, and IP address. We also need to store your details for tax and insurance reasons.
We only store or process data which you have given directly to us and which we need to run our business.
How long will we keep your data? We may need to keep your personal details until up to 3 years after you were a customer of ours, for tax and insurance purposes. After this date your data will be anonymised, unless you have ‘opted in’ to receive ongoing communications from us.
Who has access to your data? Our data protection officer is responsible for managing access to the personal data we store. Generally speaking, only the data protection officer and authorised members of staff will access your data.
Some of the services we use will also store a copy of your data. For example, our website provider WordPress.com, our email provider Yellow Satsuma, and any providers they use to provide their services. If you send your details over a social media platform, that platform may keep a copy of your messages.
We do not sell or give your data to any third parties for their marketing purposes.
Who else might your data be shared with? We reserve the right to share your personal data with other third parties if required for legal reasons. For example, in the case of an insurance claim, a tax audit, or to prevent fraud.
How can you see what data we store about you? You have the right to request details on any data we store about you. We can send a copy of your data to the email address you entered when using our services.
Your right to deletion If you were previously a customer of ours, we might need to hold onto some of your data for tax or insurance reasons. Otherwise we will happily comply with your request as best we can.
How can you opt in or out of our marketing messages? You can manage your marketing preferences at any time by clicking the link at the bottom of the emails we send, or by getting in touch with us through any other means.
Third parties might also set cookies on your browser. We use Google Analytics to monitor the performance of our website, for example. Third parties have their own cookie policies.
How do you make a complaint about our use of your data? The Information Commissioners’ Office (ICO). is the authority for data protection in the UK. If you have an unresolvable problem with us and our use of your data, they are who you should contact.