PRIVACY POLICY
Jonny Barratt Photography
Last updated: Feb 2021
Introduction
Jonny Barratt Photography takes your privacy very seriously. This privacy policy has been prepared in line with the EU’s General Data Protection Regulation (GDPR) which takes effect on 25 May 2018. The GDPR promotes fairness and transparency for all individuals in respect of their personal data. This privacy policy applies to all data we process, and by using Jonny Barratt Photography you consent to our collection and use of such data. If you would like to get in touch about anything in this policy or about your personal data then please contact us at info@jonnybarratt.com
Contents
1. Data we collect
2. What personal data do we share with third parties and who are they?
3. Why do we share data outside of the EU
4. How do we keep your personal data secure?
5. Your rights
1. Data we collect
As a data controller we collect a variety of data in order to deliver our services. We use a service called PORT to ensure that we collect and manage your personal data transparently, fairly and securely. We have provided further detail below about the specific types of data we collect and our reasons for doing so.
1.1. What data do we ask you to provide to us, and why?
We may collect personal information from you in the course of our business, including through your use of our website, when you contact or request information from us or when you engage our services,
The personal information that we process includes:
Basic information, such as your name (including name prefix or title), your title or position and your relationship to a person
Contact information, such as your postal address, email address and phone number(s)
Information you provide to us for the purposes of attending meetings
Identification and background information provided by you or collected as part of our business acceptance processes
Any other information relating to you which you may provide to us
1.2. What data do we collect when you visit our website, and why?
We collect cookies. Cookies are small pieces of data that websites send to a user’s computer and are stored on the user’s web browser. They are designed to enable the website to remember information, such as what a user might have put in a shopping cart for example. The table below lists the cookies used by this site. Note, if you want to avoid the Google Analytics cookies, you can do so by installing the Google Opt Out module in your browser.
| Cookie | Type | Duration | Description |
|---|---|---|---|
| Active Campaign Tracking Cookie | third party | 2 days | Enables or Disables site tracking using Active Campaign |
| CloudFlare Cookie | persistent | 30 days | The __cfuid cookie helps Cloudflare detect malicious visitors to our Customers’ websites and minimizes blocking legitimate users. It may be placed on the devices of our customers' End Users to identify individual clients behind a shared IP address and apply security settings on a per-client basis. It is necessary for supporting Cloudflare's security features. |
| Facebook Ad Cookie | third party | 3 Months | Facebook can use this cookie for event tracking and remarketing purposes. |
| Google Analytics Cookie | third party | 2 years | Tracking cookie for Google Analytics. Used to distinguish users. Google Analytics cookies to track users as they navigate the website and help improve the website's usability. |
| Google Analytics Cookie | third party | 1 minute | Identification code of website for tracking visits by Google Analytics. |
| Google Analytics Cookie | third party | 24 hours | Used by Google Analytics to distinguish users. |
| HotJar Tracking Cookie | persistent | 30 mins | This cookie is used to detect the first pageview session of a user. This is a True/False flag set by the cookie |
| HotJar Tracking Cookie | session | This is set to identify a new user’s first session. It stores a true/false value, indicating whether this was the first time Hotjar saw this user. It is used by Recording filters to identify new user sessions. | |
| HotJar Tracking Cookie | persistent | 1 year | Hotjar cookie that is set when the customer first lands on a page with the Hotjar script. It is used to persist the Hotjar User ID, unique to that site on the browser. This ensures that behavior in subsequent visits to the same site will be attributed to the same user ID |
| HotJar Tracking Cookie | persistent | 30 mins | This cookie is set to let Hotjar know whether that visitor is included in the data sampling defined by your site's daily session limit |
| Micro Wedding Banner | persistent | 30 mins | Used to prevent re-display of a micro wedding banner if the user re-visits a page wihin 30 minutes |
2. What personal data do we share with third parties and who are they?
We share personal data with the following third parties:
WORDPRESS – Data is transferred outside of the European Economic Area to United States under the protection of EU/US Privacy Shield.
FACEBOOK – Data is transferred outside of the European Economic Area to United States under the protection of EU/US Privacy Shield.
INSTAGRAM – Data is transferred outside of the European Economic Area to United States under the protection of EU/US Privacy Shield.
PINTEREST – Data is transferred outside of the European Economic Area to United States under the protection of EU/US Privacy Shield.
There are certain situations in which we may share access to your personal data without your explicit consent; for example, if required by law, to protect the life of an individual, or to comply with any valid legal process, government request, rule or regulation.
Marketing and other emails
We operate an email mailing list program, used to inform subscribers about products, services and/or news we supply/publish. Users can subscribe through an online automated process where they have given their explicit permission. Subscriber personal details are collected, processed, managed and stored in accordance with the regulations named above. Subscribers can unsubscribe at any time through an automated online service, or if not available, other means as detailed in the footer of sent marketing messages (or unsubscribe from all ActiveCampaign lists). The type and content of marketing messages subscribers receive, and if it may contain third party content, is clearly outlined at the point of subscription.
You can view ActiveCampaign’s privacy policy here.
3. Why do we share data outside of the EU
We may transfer personal data to a country outside of the European Economic Area (EEA), for example, if a third party we share data with has servers located outside of the EEA. If this is the case we will obtain your consent or otherwise ensure that the transfer is legal and your data is secure by following the EU’s guidelines.
You can see above where we send data outside of the EEA and on what basis we do so.
4. How we protect your personal information
We use a variety of technical and organisational measures to help protect your personal information from unauthorised access, use, disclosure, alteration or destruction consistent with applicable data protection laws.
5. Your rights regarding your personal information
The European Union’s General Data Protection Regulation and other applicable data protection laws provide certain rights for data subjects.
You are entitled to request details of the information we hold about you and how we process it. You may also have a right in accordance with applicable data protection law to have it rectified or deleted, to restrict our processing of that information, to stop unauthorised transfers of your personal information to a third party and, in some circumstances, to have personal information relating to you transferred to another organisation. You may also have the right to lodge a complaint in relation to our processing of your personal information with a local supervisory authority.
If you object to the processing of your personal information, or if you have provided your consent to processing and you later choose to withdraw it, we will respect that choice in accordance with our legal obligations.
Your objection (or withdrawal of any previously given consent) could mean that we are unable to perform the actions necessary to achieve the purposes set out above (see ‘How we use your personal information’) or that you may not be able to make use of the services and products offered by us. Please note that even after you have chosen to withdraw your consent we may be able to continue to process your personal information to the extent required or otherwise permitted by law, in particular in connection with exercising and defending our legal rights or meeting our legal and regulatory obligations.