Nick Church Photography Privacy Policy - GDPR Compliant

You and your images are everything to me, and this extends into the professional and responsible way I use your data.

My Privacy Policy should answer any questions you may have, but if not, please get in touch.
— Nick Church

 

When you first get in touch with me, it’s usually via Facebook Messenger, the contact form on my website, by email or mobile phone. I collect your names, company, email address, phone number and if it’s an event like a wedding then I’ll also collect the wedding data and venue.

During subsequent meeting I will take further information. For weddings this will include names of other guests and family members.

All this information is required for me to contact you, and my own planning to deliver my service.

If I collected your email address from a wedding fayre then I will probably send a couple of emails due to verbal permission being given at the time. If this turns into a booking then your data will be stored as described below. If it doesn’t then the information is deleted soon after.

Your personal data I collect

Regardless of how we got in contact, once I start taking the details above, they will be added into my Bookings Management System. This is called Light Blue Software and is GDPR Compliant, allowing access only by me through a secure password.

During our discussions we may use Facebook Messenger, or email (my provider is Microsoft 365) or occasionally by sms text message through the Vodafone network. All these suppliers are also GDPR compliant and therefore protect your data to the same level I do.

During your engagement with Nick Church Photography, I may share a minimal amount of personal data with key individuals required to run my business. This may be other photographers or film-makers that shoot for Nick Church Photography, my P.A. or administrator or my accountant. This information is kept to a minimum and is only shared to allow the my service to be delivered correctly. They share any details no further and hold information only as long as required (or when requested as per the process below).

If after some discussion you either do not proceed to booking my services, or I do not receive contact after a few retries, then I will delete your details from all systems so that your data is no longer stored. On some occasions there may be ongoing discussions around your booking, and in this case I may keep your details beyond this point until such point I have confidence they are no longer important for my business or your booking.

You can contact me at any time ahead of this point if you would like your details removed and I will do so immediately. Please be aware that doing this may impact my ability to properly manage any ongoing discussions or engagements.

My website has a blog which is open to the public to comment on, if you make a comment, you can choose what personal data is shown. You can also choose to delete the comment.

Payments to me are generally made through Bank Transfer which will show in my business account in the usual way and none of this data is otherwise recorded or re-purposed.

If payments are received by PayPal or Stripe then I do not see your payment details, only the amount, your name and your reference. Both these organisations are GDPR compliant.

Collection, storage and management of personal data

You have the right to confirmation, access, rectification and erasure of all the data that I hold on you.

Right of confirmation, access, rectification and erasure

Use of your data

As photography is my work you can expect me to ‘collect’ photographs on your wedding day. These photographs are stored on memory cards during the day and backed up on two password-encrypted disk drives and one online cloud based drive called CrashPlan.

I typically store your wedding photographs for 1-2 years before removing them. Your finished wedding photographs are stored on an online gallery provider called Pixieset and protected by a pin which you are given when you receive the photographs. You can choose who has access to your gallery by sharing the URL.

Occasionally suppliers from your wedding, for example your florist, venue or hair stylist ask me for photographs for their own use, in this instance they are given access to the online gallery. As well as getting my permission to use images, they also have to receive permission from you too. If you grant permission for this then you have to refer to their own privacy policy as to how they handle the photographs once in their hands. Note: if you have a request from a supplier directly, you are not able to provide access to images, please forward them to me and I will handle giving them access. This is outside of GDPR and detailed in your contract, mentioned here for clarity.

In order to run my business I share online, predominantly on Facebook, Instagram, Twitter, in my Google listing, and on my website. I sometimes use photographs on my business cards, banners and brochures when attending wedding fayres. I often share weddings I shot many years ago, so if you have had a wedding shot by me in the past and no longer want me to share them for any reason, you can simply get in touch to withdraw your permission. When signing my usual contract you will be agreeing to opt-in to all of this. However, if you want to withdraw your consent to this you can simply do so via email, this email will be stored and adhered to.

Cookies

Cookies are small text files that are placed on your computer’s hard drive through your web browser when you visit any web site. They are widely used to make web sites work, or work more efficiently, as well as to provide information to the owners of the site.

Our site uses cookies to distinguish you from other users of our site and to distinguish which webpages are being used. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us. we only use information collected from cookies for statistical analysis purposes and then the data is removed from the system.

Overall, cookies help us to provide you with a better site by enabling us to monitor which webpages you find useful and which you do not. This helps us to provide you with a good experience when you browse our site and also allows us to improve our site.

Our site uses:

  • functionality cookies. These cookies are used to recognise you when you return to our site. This enables us to personalise our content for you, greet you by name and remember your preferences.

  • strictly necessary cookies. These are cookies that are required for the operation of our site. They include, for example, cookies that enable you to log into secure areas of our site, use a shopping cart or make use of e-billing services. 

  • Google Analytics / performance cookies. These allow us to recognise and count the number of visitors, to see how visitors move around our website when they are using it, provides us with information about the type of browser they are using, device and remembers if users have closed our pop-up information. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.

  • Facebook analytics and advertising cookies. These allow us to recognise and count the number of visitors, to see how visitors move around our website when they are using it, and to use targeted adverts on Facebook (and other platforms owned by Facebook, e.g. Instagram).

You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer.

If you have any questions, concerns or would like to exercise any of your rights around your personal data, please get in touch.