This policy will explain areas of this website that may affect your privacy and personal details, how we process, collect, manage and store those details and how your rights under the GDPR and DPA are adhered to.
THE DPA & GDPR MAY 2018
This website complies with the DPA (Data Protection Act 1998) and the GDPR (General Data Protection Regulation), effective from May 2018.
This website, www.thephotographyinitiative.co.uk, collects private user data using the following form: Contact Form on thephotographyinitiative.com/about/, which generates emails sent to: email@example.com. These email addresses, once the booking is confirmed, are then also kept on my mailing list MAILCHIMP and you have the option to unsubscribe at any stage.
The data from these forms is emailed to the address listed above and also stored on the website server, in most cases dating back to when each form was created. The website server is accessible by the website administrators for www.thephotographyinitiative.co.uk at SQUARESPACE. SQUARESPACE never access or share this data other than by request from Claudia Rose Carter.
Occasionally emails will be sent out with discounts or promotional offers relating to other photography shoots. Please email firstname.lastname@example.org if you do not wish to be included in this. Your personal details will never be passed on to third parties for marketing purposes.
This website tracks user activity by way of the Facebook Pixel. You can find more information about that here.
To visit a client gallery you will be required to enter personal data (namely your email address) and a password. Your personal data (email address) will be stored within Pic-Time’s system, on their servers and will be used to email you only with information relevant to the client gallery you have accessed e.g. to inform you of a discount offer on gallery purchases. You can opt out of this at the time of sign-up. Otherwise, any such emails sent to you will only be during the 12 month period for which the gallery is live. After 12 months has passed since a gallery was created it is automatically placed off-line and you will receive no further emails.
Only Claudia Rose Carter will have access to your personal data (email address) stored on Pic-Time’s system on behalf of The Photography Initiative. It will only be used as detailed above, and will not be passed onto any third parties. Pic-Time’s technical support team will have the means to access to your personal data (email address) but will never access or share this data other than by request from Claudia Rose Carter.
If you wish to request for your personal data (email address) to be deleted from Pic-Time’s servers, please email email@example.com.
EXTERNAL WEBSITE LINKS & THIRD PARTIES
Although we only look to include quality, safe and relevant external links, users are advised to adopt a policy of caution before clicking any external web links mentioned throughout this website.
We cannot guarantee or verify the contents of any externally linked website despite our best efforts. Users should therefore note that they click on external links at their own risk and we cannot be held liable for any damages or implications caused by visiting any external links mentioned.
CLIENT DATA HELD ON FILE
We take care over the processes around looking after personal data stored on our physical systems. The Photography Initiative holds the following personal data of clients:
within soft copy and soft copy contracts as well as soft copy client ‘day plan’ documents. Soft copy contracts and day plans are safely stored on my password protected home office MacBook and also kept on file on GDPR compliant Gmail servers as well as the Studio Ninja system.
Client photos are safely stored within my password protected home office MacBook and backed up to two encrypted external hard drives. An additional cloud copy of all images is stored on GDPR compliant Dropbox or iCloud.
CLIENTS AND GUESTS CAPTURED IN PHOTOS
Under GDPR legislation, a photograph may in some instances constitute a form of personal data where they can be processed to allow “the unique identification or authentication of a natural person”. The Photography Initiative will never photograph an individual as a means of unique identification or authentication unless consensually contracted to do so.
In terms of explicit GDPR compliance, clients and guests are photographed within the parameters of GDPR legislation on the basis of ‘legitimate interests’.
WITHDRAWAL OF CONSENT
Anyone photographed by The Photography Initiative, whether a client or guest, and whether past or current may withdraw consent for a photograph in which they appear to be displayed. The process for this is to email firstname.lastname@example.org specifying the photo in question. Persuant to the request, we will then remove the photo from online and printed display wheresoever it appears.
SOCIAL MEDIA POLICY & USAGE
We adopt a safe and responsible Social Media Policy. While we may have official profiles on social media platforms users are advised to verify the authenticity of such profiles before engaging with, or sharing information with such profiles. We will never ask for personal details on social media platforms. Users are advised to conduct themselves appropriately when engaging with us on social media.
DISPLAY OF IMAGES