PRIVACY POLICY

Jonny Barratt Photography

Last updated: May 2020

Introduction
Jonny Barratt Photography takes your privacy very seriously. This privacy policy has been prepared in line with the EU’s General Data Protection Regulation (GDPR) which takes effect on 25 May2018. The GDPR promotes fairness and transparency for all individuals in respect of their personal data. This privacy policy applies to all data we process, and by using Jonny Barratt Photography you consent to our collection and use of such data. If you would like to get in touch about anything in this policy or about your personal data then please contact us at [email protected]

 

Contents

1. Data we collect
2. What personal data do we share with third parties and who are they?
3. Why do we share data outside of the EU
4. How do we keep your personal data secure?
5. Your rights

 

1. Data we collect
As a data controller we collect a variety of data in order to deliver our services. We use a service called PORT to ensure that we collect and manage your personal data transparently, fairly and securely. We have provided further detail below about the specific types of data we collect and our reasons for doing so.

 

 

1.1. What data do we ask you to provide to us, and why?

We may collect personal information from you in the course of our business, including through your use of our website, when you contact or request information from us or when you engage our services,

The personal information that we process includes:

Basic information, such as your name (including name prefix or title), your title or position and your relationship to a person
Contact information, such as your postal address, email address and phone number(s)
Information you provide to us for the purposes of attending meetings
Identification and background information provided by you or collected as part of our business acceptance processes
Any other information relating to you which you may provide to us

1.2. What data do we collect when you visit our website, and why?
We collect cookies. Cookies are small pieces of data that websites send to a user’s computer and are stored on the user’s web browser. They are designed to enable the website to remember information, such as what a user might have put in a shopping cart for example.

2. What personal data do we share with third parties and who are they?
We share personal data with the following third parties:

WORDPRESS – Data is transferred outside of the European Economic Area to United States under the protection of EU/US Privacy Shield.

FACEBOOK – Data is transferred outside of the European Economic Area to United States under the protection of EU/US Privacy Shield.

INSTAGRAM – Data is transferred outside of the European Economic Area to United States under the protection of EU/US Privacy Shield.

PINTEREST – Data is transferred outside of the European Economic Area to United States under the protection of EU/US Privacy Shield.

There are certain situations in which we may share access to your personal data without your explicit consent; for example, if required by law, to protect the life of an individual, or to comply with any valid legal process, government request, rule or regulation.

Marketing and other emails

We operate an email mailing list program, used to inform subscribers about products, services and/or news we supply/publish. Users can subscribe through an online automated process where they have given their explicit permission. Subscriber personal details are collected, processed, managed and stored in accordance with the regulations named above. Subscribers can unsubscribe at any time through an automated online service, or if not available, other means as detailed in the footer of sent marketing messages (or unsubscribe from all ActiveCampaign lists). The type and content of marketing messages subscribers receive, and if it may contain third party content, is clearly outlined at the point of subscription.

You can view ActiveCampaign’s privacy policy here.

3. Why do we share data outside of the EU
We may transfer personal data to a country outside of the European Economic Area (EEA), for example, if a third party we share data with has servers located outside of the EEA. If this is the case we will obtain your consent or otherwise ensure that the transfer is legal and your data is secure by following the EU’s guidelines.

You can see above where we send data outside of the EEA and on what basis we do so.

4. How we protect your personal information

We use a variety of technical and organisational measures to help protect your personal information from unauthorised access, use, disclosure, alteration or destruction consistent with applicable data protection laws.

5. Your rights regarding your personal information

The European Union’s General Data Protection Regulation and other applicable data protection laws provide certain rights for data subjects.

You are entitled to request details of the information we hold about you and how we process it. You may also have a right in accordance with applicable data protection law to have it rectified or deleted, to restrict our processing of that information, to stop unauthorised transfers of your personal information to a third party and, in some circumstances, to have personal information relating to you transferred to another organisation. You may also have the right to lodge a complaint in relation to our processing of your personal information with a local supervisory authority.

If you object to the processing of your personal information, or if you have provided your consent to processing and you later choose to withdraw it, we will respect that choice in accordance with our legal obligations.

Your objection (or withdrawal of any previously given consent) could mean that we are unable to perform the actions necessary to achieve the purposes set out above (see ‘How we use your personal information’) or that you may not be able to make use of the services and products offered by us. Please note that even after you have chosen to withdraw your consent we may be able to continue to process your personal information to the extent required or otherwise permitted by law, in particular in connection with exercising and defending our legal rights or meeting our legal and regulatory obligations.