Thank you for your interest in my website and data protection policy. You can use my website without the need to provide any personal data should you wish to. If you want to purchase photographic services, the processing of personal data will become necessary.
This policy sets out how and why I collect any of your personal information, how it is processed and how it is kept secure. By using this website or engaging with me to provide any photographic services, you are agreeing to be bound by this policy.
Any and all personal data captured will be in line with the GDPR and any UK data protection regulations.
Data collection and processing
Lee Dann Photography is the controller of data that passes through this website or via email. This data is kept private between myself and a few other carefully selected data processors.
Data which I retain
In order to provide photographic services to you, I take and store photographs from your event. These photographs are stored for as long as the hard disks are functional in order to provide copies should you lose your photographs. This service is provided as a legitimate interest.
Should you wish me to remove your photographs from my hard disks and backups after I have delivered your photographs, I will do so if you provide me with an email confirming your request.
I also collect personal details from yourselves, your wedding party and the other wedding suppliers at your wedding. The details I may ask for are:
- Phone numbers
- Email addresses
- Social media links
I may also post photos from your wedding in a variety of places, listed below. This is done via legitimate interest. Should any member of your wedding party not wish to be included in this, please let me know by email. In addition to this, I also provide you with the ability to opt out of posting photographs from your wedding in the various places.
- On my website
- In wedding blogs and other websites
- On social media
- To your other wedding suppliers
I also capture website visitor names, phone numbers and email addresses when visitors make contact via my website to enquire about my services at your event.
I never capture credit or debit card numbers.
External data processors
In addition to my own data, I also use a variety of data processors. They are listed below.
Hiveage is a tool for providing invoices. I use it to provide you with invoices for services which you purchase from me. They self-certify as being compliant with Privacy Shield, so are compliant with GDPR. They hold names and email addresses. I retain 7 years of data in order to be compliant with legal obligations.
Stripe is a tool for providing credit and debit card payment. I use it, to handle payment for prints and framing products. They self-certify as being compliant with Privacy Shield, so are compliant with GDPR. They take your card details and other information required to make a card transaction. I retain 7 years of data in order to be compliant with legal obligations.
Dropbox is a service to provide online hosting of data. I store data and photos on Dropbox. They self-certify as being compliant with Privacy Shield, so are compliant with GDPR. I also store wedding photographs which I use on social media or to deliver photographs to other companies.
Google Suite is a tool for providing services which are available over the internet. I use Calendar, Email and Drive in order to store information relating to your wedding. Google are fully GDPR compliant. I retain 7 years of data in order to be compliant with legal obligations, except in the case of email which is retained indefinitely.
Adobe Document cloud
Adobe is an organisation that supplies tools for photographers. They are best known for their editing software, which i use to edit your photos. I also use Adobe Docusign for contract signing and management. Adobe are fully GDPR compliant. I retain 7 years of data in order to be compliant with legal obligations.
Pixiset is an online photo delivery tool which I use to send your photos to you in high resolution when processing has been completed. They self-certify as GDPR complaint. Data is retained for a maximum of 2 years for legitimate interest.
Google Analytics is a service which provides information about how visitors use a website. I use the information that I gain to provide you with a more effective website. Google is fully GDPR compliant. I have nominated a 24 month period for retaining personal information for legitimate interest.
Like many other websites, Lee Dann Photography uses website cookies. These store information on your computer and allow me to improve my website in a variety of ways, through the use of aggregated data.
It is possible to switch off cookies by setting your browser preferences. In some cases, turning cookies off may result in a loss of functionality when using my website.
Your security is very important to me. I take all reasonable steps to ensure that data is held and processed securely. This includes ensuring my site and those other services I use SSL (secure internet connections) and data is encrypted where possible.
This Policy & access to your information
The Policy was last updated in May 2018 and I will keep this Policy under regular review. If you are concerned about any information I hold about you, you can phone, write or email. I will comply with any legal and ethical request.
Post: Lee Dann Photography, 23 Withington Court, Abingdon, OX143QA
Phone: 07878 101957