Who we are
Types of data we collect
We may collect personal identification information from you in a variety of ways, including, but not limited to, when you visit our website, fill out a form, and in connection with other activities, services, features or resources we make available on our website. We collect personal data in a fair, lawful and transparent manner.
When you enquire about our services we collect personal information. We use that information for a couple of reasons: to tell you about stuff you’ve asked us about; to contact you if we need to obtain or provide additional information; to check our records are right and to check every now and then that you’re happy and satisfied. We don’t rent or trade email lists with other organisations and businesses.
When you enquire about or purchase a service from us we store your information in our customer relationship management software, Tavé. This is so that we can make sure that we have all the details we need to plan and execute services at the high quality that you deserve.
This is the information we may collect for an enquiry:
- Phone numbers
- Home address
- Event date
- Birth date
This is the information we may collect for offering refunds for a service:
- PayPal address
- Bank account details
You may submit personal information to payment gateways while using our service. The personal information is sent directly from your browser to the payment gateway, bypassing our service.
We may ask for any people you have supplying services or products at your event so we can share your incredible photos with them.
You can always refuse to supply personal identification information, except that it may prevent us from providing our service to them.
We may collect non-personal identification information about you whenever you interact with our website. The non-personal identification information may include the browser, device information, operating system, time, location, and I.P. address of logins, the internet service providers utilised, account creation date, order history and other similar information.
Google Analytics and other web analysis services
This information is only processed in a way which does not identify anyone. We do not make, and do not allow any of these companies to make, any attempt to find out the identities of those visiting our website. We do not collect sensitive data such as religious or philosophical beliefs, ethnicity or biometric data. We have limited the amount of information and data we request and collect to what is relevant and necessary for our processing.
Using personal data
Overall we collect and use personal information for the following purposes:
To improve our website
- We continually make improvements to our website based on the information and feedback we receive from you.
To improve customer service
- Your information helps us effectively respond to customer service requests and needs.
To administer content, promotions, surveys or other website features
To send you information you agreed to receive about topics we think will be of interest to them
To send periodic emails updates
To analyse trends
To provide your account
Tailoring your experience on our site
Supplying our products and services to you
Communicating with you
With your permission and/or where permitted by law, We may also use your personal data for marketing purposes, which may include contacting you by email and/or telephone with information, news, and offers on our products and/or services.
We use appropriate data collection, storage and processing practices and security measures to protect against unauthorised access, alteration, disclosure or destruction of your personal information, username, password, transaction information and data stored on our systems. We guarantee that the personal data is held in a manner that is deemed secure. All data kept on our clients is kept in the cloud (in the USA and EU countries), our phones and our computers. Our phones have up to date fingerprint and face recognition protection. Our computers have finger print recognition and strong passwords. Our cloud storage has very strong unique passwords. Our equipment is stored inside our homes our doors have five-lever mortice locks and our windows also have locks. All computers and phones are always kept as up to date as possible.
We occasionally use a third-party provider, MailChimp, to deliver our emails. We gather statistics around email opening and clicks using industry standard technologies to help us monitor and improve our e-newsletter. You can unsubscribe to general mailings at any time by clicking the unsubscribe link at the bottom of any of our newsletter emails.
The right to be informed
- You will be informed before personal data is gathered. You will opt-in and the reasons for gathering personal data are provided.
The right of access
- You have the right to request access to your personal data and for information on how your information is used and how it has been gathered.
The right to rectification
- You can have your personal data corrected if it’s incomplete, incorrect or out of date.
The right to be forgotten
- If you are no longer a customer or you withdraw your consent to use your personal data, you retain the right to have your personal data deleted.
The right to data portability
- You have the right to request that we transfer your personal data to another business in a commonly used and readable format.
The right to object to processing and direct marketing
- You can request your personal data is not used for processing. Your personal data can remain in place but not used.
The right to be notified
- You have the right to be informed of a breach of your data within 72 hours of its discovery.
Rights in relation to automated decision making and profiling
- You have the right to object to automated decision making and profiling.
The right to complain
- You have the right to complain to the Information Commissioners Office if you think there is a problem with the way we are handling your data.
The grounds that we process this data on are because you have given us consent to do so. It is necessary for us to process your data so we can fulfil our services. Also, processing is necessary for the purposes of legitimate interests such as contacting you about future offers that relate to your original purchase.
Only the company directors have access to all your data. Data processors will be given access to necessary parts of your data in order for us to complete your jobs. Our data processors are listed below. Our subcontractors who are directly related to completing your job will also be given access to all necessary data. The only data we give to third parties are photos of your event that relate to that third party. We do NOT sell, trade, or rent your personal identification information to others.
We ensure that the personal data we gather is kept no longer than necessary. We keep your data until you tell us you want your account deleted unless the information is required to comply with our legal obligations. We store your photos on our computers for as long as is necessary for completing our service and online for up to one year, except when used for marketing purposes. We will continue to contact you up to five years after collecting your details.
You may find links on our website that link to third party sites and services. We do not control the content or links that appear on these sites and we are not responsible for the practices employed by websites linked to or from our website.
By using this website, you signify your acceptance of this policy. If you do not agree to this policy, please do not use our website. Your continued use of this website following the posting of changes to this policy will be deemed your acceptance of those changes.
All data subject requests will be dealt with within the allocated 30 days and will not be charged for. One of the directors will read this email within one week then start going through all systems to find all traces of the client. Systems and data processors include: Acuity Scheduling, Apple, Bank of Scotland, Dropbox, Facebook, Fern Photography, Graphistudio, Google, HotJar, Instagram, iZettle, Loxley Colour, MailChimp, PayPal, Pic-Time, Quickfile, Stripe, Tave, Zenfolio. If you wish us to view, amend, purge or anonymise all of your data, please email us at: firstname.lastname@example.org and we will send a confirmation email when completed within three weeks.
After we have been notified about a data breach one of the directors will immediately notify the ICO and all individuals affected. Individuals details are stored in the above mentioned systems.
Changes to this Privacy Notice
We will review this privacy notice each January to ensure that it is accurate and up to date.