Privacy statement

Who we are

At Fern Photography, we are committed to maintaining the trust and confidence we build with our clients. We’ve created this privacy policy so that you can be sure that we care about your privacy and the safety of your data. We’ve provided lots of information on when and why we collect your personal information, how we use it, the limited conditions under which we may disclose it to others and how we keep it secure. Sit back and enjoy it, it’s a great read!

Types of data we collect

We may collect personal identification information from you in a variety of ways, including, but not limited to, when you visit our website, fill out a form, and in connection with other activities, services, features or resources we make available on our website. We collect personal data in a fair, lawful and transparent manner. 

Personal Information

When you enquire about our services we collect personal information. We use that information for a couple of reasons: to tell you about stuff you’ve asked us about; to contact you if we need to obtain or provide additional information; to check our records are right and to check every now and then that you’re happy and satisfied. We don’t rent or trade email lists with other organisations and businesses.

When you enquire about or purchase a service from us we store your information in our customer relationship management software, Tavé. This is so that we can make sure that we have all the details we need to plan and execute services at the high quality that you deserve.

This is the information we may collect for an enquiry:

  • Name
  • Email
  • Phone numbers 
  • Home address
  • Event date
  • Birth date

This is the information we may collect for offering refunds for a service:

  • PayPal address 
  • Bank account details

You may submit personal information to payment gateways while using our service. The personal information is sent directly from your browser to the payment gateway, bypassing our service.

We may ask for any people you have supplying services or products at your event so we can share your incredible photos with them.

You can always refuse to supply personal identification information, except that it may prevent us from providing our service to them.

We may collect non-personal identification information about you whenever you interact with our website. The non-personal identification information may include the browser, device information, operating system, time, location, and I.P. address of logins, the internet service providers utilised, account creation date, order history and other similar information.

Website cookies

Our websites use cookies to collect information. This includes information about browsing and purchasing behaviour by people who access our websites. This also includes information about pages viewed, products purchased and the customer journey around our websites. The data is anonymised so we don’t know who is doing what, just that people are using our websites and hopefully, enjoying it too!

Google Analytics and other web analysis services

When someone visits fernphotography.co.uk we use three third party services; Google Analytics, HotJar and Pic-time to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site, how they use the site and if there are any problems with the site. You may choose to set your web browser to refuse cookies or to alert you when cookies are being sent. If you do so, some parts of the website may not function properly.

This information is only processed in a way which does not identify anyone. We do not make, and do not allow any of these companies to make, any attempt to find out the identities of those visiting our website. We do not collect sensitive data such as religious or philosophical beliefs, ethnicity or biometric data. We have limited the amount of information and data we request and collect to what is relevant and necessary for our processing.

Using personal data

Overall we collect and use personal information for the following purposes:

To improve our website

  • We continually make improvements to our website based on the information and feedback we receive from you.

To improve customer service

  • Your information helps us effectively respond to customer service requests and needs.

To administer content, promotions, surveys or other website features

To send you information you agreed to receive about topics we think will be of interest to them

To send periodic emails updates

To analyse trends

To provide your account

Tailoring your experience on our site

Supplying our products and services to you

Communicating with you

With your permission and/or where permitted by law, We may also use your personal data for marketing purposes, which may include contacting you by email and/or telephone with information, news, and offers on our products and/or services.

Data storage

We use appropriate data collection, storage and processing practices and security measures to protect against unauthorised access, alteration, disclosure or destruction of your personal information, username, password, transaction information and data stored on our systems. We guarantee that the personal data is held in a manner that is deemed secure. All data kept on our clients is kept in the cloud (in the USA and EU countries), our phones and our computers. Our phones have up to date fingerprint and face recognition protection. Our computers have finger print recognition and strong passwords. Our cloud storage has very strong unique passwords. Our equipment is stored inside our homes our doors have five-lever mortice locks and our windows also have locks. All computers and phones are always kept as up to date as possible.

Mailing lists

We occasionally use a third-party provider, MailChimp, to deliver our emails. We gather statistics around email opening and clicks using industry standard technologies to help us monitor and improve our e-newsletter. You can unsubscribe to general mailings at any time by clicking the unsubscribe link at the bottom of any of our newsletter emails.

Your rights

The right to be informed

  • You will be informed before personal data is gathered. You will opt-in and the reasons for gathering personal data are provided.

The right of access

  • You have the right to request access to your personal data and for information on how your information is used and how it has been gathered.

The right to rectification

  • You can have your personal data corrected if it’s incomplete, incorrect or out of date.

The right to be forgotten

  • If you are no longer a customer or you withdraw your consent to use your personal data, you retain the right to have your personal data deleted.

The right to data portability

  • You have the right to request that we transfer your personal data to another business in a commonly used and readable format.

The right to object to processing and direct marketing

  • You can request your personal data is not used for processing. Your personal data can remain in place but not used.

The right to be notified 

  • You have the right to be informed of a breach of your data within 72 hours of its discovery.

Rights in relation to automated decision making and profiling

  • You have the right to object to automated decision making and profiling.

The right to complain

  • You have the right to complain to the Information Commissioners Office if you think there is a problem with the way we are handling your data.

The grounds that we process this data on are because you have given us consent to do so. It is necessary for us to process your data so we can fulfil our services. Also, processing is necessary for the purposes of legitimate interests such as contacting you about future offers that relate to your original purchase.

Only the company directors have access to all your data. Data processors will be given access to necessary parts of your data in order for us to complete your jobs. Our data processors are listed below. Our subcontractors who are directly related to completing your job will also be given access to all necessary data. The only data we give to third parties are photos of your event that relate to that third party. We do NOT sell, trade, or rent your personal identification information to others.

We ensure that the personal data we gather is kept no longer than necessary. We keep your data until you tell us you want your account deleted unless the information is required to comply with our legal obligations. We store your photos on our computers for as long as is necessary for completing our service and online for up to one year, except when used for marketing purposes. We will continue to contact you up to five years after collecting your details. 

You may find links on our website that link to third party sites and services. We do not control the content or links that appear on these sites and we are not responsible for the practices employed by websites linked to or from our website.

We have the discretion to update this privacy policy at any time. We encourage you to frequently check this page for any changes to stay informed about how we are helping to protect the personal information we collect. You acknowledge and agree that it is your responsibility to review this privacy policy periodically and become aware of modifications.

By using this website, you signify your acceptance of this policy. If you do not agree to this policy, please do not use our website. Your continued use of this website following the posting of changes to this policy will be deemed your acceptance of those changes.

If you have any questions about this privacy policy, the practices of this site, or your dealings with this site, please contact us at: [email protected]

Systems

All data subject requests will be dealt with within the allocated 30 days and will not be charged for. One of the directors will read this email within one week then start going through all systems to find all traces of the client. Systems and data processors include: Acuity Scheduling, Apple, Bank of Scotland, Dropbox, Facebook, Fern Photography, Graphistudio, Google, HotJar, Instagram, iZettle, Loxley Colour, MailChimp, PayPal, Pic-Time, Quickfile, Stripe, Tave, Zenfolio. If you wish us to view, amend, purge or anonymise all of your data, please email us at: [email protected] and we will send a confirmation email when completed within three weeks.

After we have been notified about a data breach one of the directors will immediately notify the ICO and all individuals affected. Individuals details are stored in the above mentioned systems.

Changes to this Privacy Notice

We will review this privacy notice each January to ensure that it is accurate and up to date.