The EUGDPR.org website actually specifies that photos can be personal data. The below information explains how your images are kept safe. In relation to your written personal data, I only ask for the information that is needed for a specific purpose, examples of which are also below. Please be assured that I’ll never share your information in any other circumstances, nor will I sell it on elsewhere.
INTRODUCTION
I take your privacy very seriously. This privacy policy has been prepared in line with the EU’s GDPR which promotes fairness and transparency for all individuals in respect of their personal data. This policy applies to all the data I process, and by using Sarah Brookes as your photographer; you consent to my collection and use of such data. If you’d like to get in touch about anything in this policy please email me any time.
THE DATA I COLLECT (Shoot Specific)
In order to provide and deliver my services, I collect a variety of data which I manage fairly and securely. This data may include:
- Your full name(s)
- Email address(es)
- Home address and postcode
- Addresses and postcodes of your wedding venues
- Mobile phone number(s)
- First names of key friends and family members for group photographs
I use the above data to respond to inquiries and plan your wedding photography via the use of my wedding timings form. I collect it on the basis of consent (when you enquire about my services and would like to know more) and to fulfil a contract (if you decide to book me for your big day). Some of the details are taken from the form and used on a blog but you, of course, have discretion and can request that I do not use your information and images for blogs or social media. Some of the information is shared with the second shooter (if you have one)
THE DATA I COLLECT (wedding fair specific)
You may provide me with your email address when entering a competition. I use your email to send you info about the winners of the competition as well as a link to my brochure. You are not added to a general mailing list
WHICH THIRD PARTIES I SHARE DATA WITH (AND WHY)
Your personal data is kept in a GDPR-compliant studio management software called Light Blue. This software enables me to keep track of my bookings, and if you decide not to book me your data will be erased as I periodically remove old enquiries.
Your finished set of photographs are stored on Pixieset, my online gallery software, so that you may access and browse your images through a password-protected gallery, and Dropbox, for the purposes of backing up data. Albums, prints, canvases may be ordered and so the images are shared with the manufacturer.
HOW I KEEP YOUR DATA SECURE
The two computers that I work and access your personal data on are password-protected and stored in my home behind two locked doors, as are my hard drives upon which I store photographs. My studio management software is further password-protected and only accessible by me.
In the (very) unlikely event of a criminal breach of my security, I will inform the relevant regulatory body within 72 hours and, if your personal data was involved in the breach, I will also inform you.
CHANGES TO MY PRIVACY POLICY & CONTROL
I may change this privacy policy from time to time. When I do, I will let you know by changing the date on this policy, notifying customers of only significant changes. By continuing to access or use my services after those changes become effective, you agree to be bound by the revised privacy policy.
WHAT ARE YOUR RIGHTS?
You have the following rights:
- The right to be informed about the collection and use of your personal data
- The right of access to your personal data and any supplementary information
- The right to have any errors in your personal data rectified
- The right to have your personal data erased
- The right to block or suppress the processing of your personal data
- The right to move, copy or transfer your personal data from one IT environment to another
- The right to object to processing of your personal data in certain circumstances, and rights related to automated decision-making (i.e. where no humans are involved) and profiling (i.e. where certain personal data is processed to evaluate an individual).
REQUESTING YOUR DATA OR ASKING FOR ITS ERASURE
If you’d like to see a record of all the data I have on you, please email me any time and I will be happy to help. You also have the right to ask me to delete all your personal data, but if I’m working on your upcoming wedding I’ll need this information to ensure I can do my job! Afterwards, you can always ask me to delete your information, but I’d recommend that you allow me to keep and archive your photographs in the event you lose your copy of them and you’d like a replacement copy (something I am always happy to do without hesitation).
If you have any questions at all, don’t hesitate to contact me.
Sarah xxx