email: firstname.lastname@example.org T: 07930 645 345 Based in Gravesend, Kent
Under the new GDPR regulations as a business that processes data I am required to have a clear, written document confirming
> The different types of data I collect from you
> How I store the data I collect
> What I use your data for
As the data controller for ‘Photography by Kirsty’ if this policy does not answer all your questions or your concerns feel free to drop me an email email@example.com or write to me at;
Kirsty Airey, Photography by Kirsty, Room 6, Hollywood House, 76 Hollywood Lane, Wainscott, Kent ME3 8AR.
I need to collect personal data to enable me to carryout the services you have booked me for. I need to collect details such as names, email addresses and contact numbers so that I can arrange your photography session/wedding.
I also may need to contact you via phone if there any problems on the day. I would never contact you via phone unless necessary and about your session – no spamming marketing calls ever. That’s not how I operate.
I equally need your home address to post your USB of beautiful images to, if you prefer you are welcome to collect in person from my studio. All post is sent via Royal Mail.
Without collecting these details, I would not be able to carry out my job. These details are normally collected via a questionnaire which sits in my online GPDR compliant password protected database.
How I collect and store your personal data
My email inbox is password protected, so from initial contact your data is secure. If you decide to book with me I add your details to my secure password protected cloud storage database called 17hats which is a GDPR compliant company. My account is only accessible from 2 computers.
Often before the session/wedding I will send out a questionnaire via my online database so I can prepare for the session.
I keep everything on my storage database. I love to be organised and this helps me achieve that and operate as much as a paperless business as I can.
If you do not book a session, your email message is archived in my inbox and deleted after 6 months. The only information I will have is that enclosed in the email enquiry you sent to me.
My website galleries are cloud storage based through Smugmug which is also a GDPR compliant company.
If you purchase prints via my website, this is through my website providers - Smugmug who are GPDR compliant company.
Right of confirmation, access, rectification and erasure
If you have questions about how your personal data is handled, you can just drop me an email and I can hopefully answer your questions. The information I hold on you will only be that provided by yourself.
If you would like me to delete all your personal data, you have the right to ask me to do this, but I recommend this is after your wedding or session and once you have received your USB of images. This deletion would include your password protected online gallery.
I store your images on a password protected GPDR compliant online gallery for 5 years. This is for both our purposes and we know they are always there even if you cant find your USB and equally if my hard drive of your images was to corrupt.
Pre school pictures remain online for the time specified in your access letter.
I would hate for your precious images to be lost forever.
How will I use your data?
Email address and contact numbers – I will use these if I need to. I will want to email you before your wedding or prior to your photography session. The contact will be related to your booking. I do not send marketing emails so these will never be sent.
I do not give your contact details to anyone else – except if you have booked a second photographer and it would be useful for them to have contact numbers in case they are stuck in traffic etc. This is the only information they have.
I always love to add images with permission to my website and social media but before I post a picture I always have your permission (asked on my questionnaire) and ensure you would have seen it first. I would hate to be tagged in my wedding pictures that everyone else had viewed before me so this would never happen.
Just as you have found me through my work it is lovely to be able to show my future couples some of your pictures online or offline. However if you respect your privacy that is also fine.
For weddings and events it is your responsibility to make sure your guests are happy for images to be stored and shared.
All galleries and files are also stored on 2 password protected encrypted hard drives by a system identifier only and kept secure in my home and studio. So if one is taken, password hacked and encryption overwritten it is highly unlikely that you could be traced.