TLDR: I won't be a dick with your data.
This policy will explain areas of this website that may affect your privacy and personal details, how we process, collect, manage and store those details and how your rights under the GDPR and DPA are adhered to.
THE DPA & GDPR MAY 2018
This website complies with the DPA (Data Protection Act 1998) and the GDPR (General Data Protection Regulation), effective from May 2018.
This website, https://danwimblephotography.com/ collects private user data using the following form: Contact Form https://danwimblephotography.com/contact/ which generates emails sent to: email@example.com
The data from these forms is emailed to the address listed above and also stored on the website server, in most cases dating back to when each form was created.
By completing this contact form you agree to dan wimble photography contacting you about wedding photography services provided by dan wimble photography. You will not be added to any mailing lists and will only be contacted by dan wimble photography in relation to your enquiry. Your personal details will not be used for any marketing purposes, nor will they be passed onto any third parties. They will only be stored in the email generated by this contact form which will be filed in the email account for dan wimble photography which is hosted by google.com and which can only be accessed by dan wimble photography. All emails are kept o you wish to request for any email(s) containing your personal information to be deleted, please email firstname.lastname@example.org
To visit a dan wimble photography client gallery you will be required to enter personal data (namely your email address) and a password. Your personal data (email address) will be stored within PicTime’s system, on their servers and will be used to email you up to a maximum of four times and only with information relevant to the client gallery you have accessed e.g. to inform you of a discount offer on gallery purchases. Any such emails sent to you will only be during the 12 month period for which the gallery is live. After 12 months has passed since a gallery was created it is automatically deleted and your personal data (email address) is completely removed from PicTime’s system.
Only dan wimble photography will have access to your personal data (email address) stored on PicTime’s system on behalf of dan wimble photography. It will only be used as detailed above, will not be used for any other marketing purposes and will not be passed onto any third parties. PicTime’s technical support team will have the means to access to your personal data (email address) but will never access or share this data other than by request from dan wimble photography.
By logging into a dan wimble photography client gallery you are agreeing to opt-in to receive relevant, gallery-specific emails as described above. Emails are automated so if you do not wish to receive such emails it is advised that you do not log into any dan wimble photography client galleries.
If you wish to request for your personal data (email address) to be deleted from PicTime servers, please email email@example.com.
CLIENT DATA HELD ON FILE
We take care of the processes around looking after personal data stored on our physical systems. dan wimble photography holds the following personal data of clients:
Phone numbers + Email
dan wimble photography uses a client management system provided by Studio Ninja to store the above contact details collected at danwimblephotography.com, this data is only used in order to respond to your enquiry for dan wimble photography to provide wedding photography services, and is accessed through 1 workstation protected with 2FA.
If you decide to book the photography services of dan wimble photography, these details are held within soft copy contracts, as well as soft and hard copy wedding client ‘wedding timeline documents. Soft copy contracts and wedding timelines are safely stored within my password protected workstation, and backed up to two encrypted external hard drives.
Client photos are safely stored within my password protected workstation and backed up to two encrypted external hard drives. An additional cloud copy of all images is stored on GDPR compliant Backblaze.
CLIENTS AND WEDDING GUESTS CAPTURED IN PHOTOS
In terms of explicit GDPR compliance, Wedding clients and guests are photographed within the parameters of GDPR legislation on the basis of ‘legitimate interests’. The taking of photographs of wedding guests when viewed as a form of processing personal data is necessary for the legitimate interests of dan wimble photography as a photography business unless there is a good reason to protect a given individual’s personal data which overrides those legitimate interests.
WITHDRAWAL OF CONSENT
Anyone photographed by dan wimble photography, whether a client or wedding guest, and whether past or current may withdraw consent for a photograph in which they appear to be displayed. The process for this is to email dan wimble photography at firstname.lastname@example.org specifying the photo in question. Pursuant to the request, dan wimble photography will then remove the photo from online and printed display wheresoever it appears within 30 days of request.
DISPLAY OF IMAGES