I collect your name and your email address so that I can communicate with you and your mobile number so that I can send you a text or give you a call if you’ve asked for information from me and it seems my emails have gone into the junk folder or been eaten by the internet gremlins. If you have hired me for a wedding, workshop or event, I may also use it to call you on the day in question. I collect your address so that I can post any physical photographic items to you (i.e. instant film photographs, USB drive) and also in order to specify it on any invoices I need to send you. Collecting these types of data is necessary for me to do my job.
I collect your information in two ways. 1) When you have given it to me in person when we’ve interacted i.e spoken at a wedding fair, workshop or event. Any data is then entered into a client database in a password protected Google Drive (GDPR compliant) and the original paper document shredded (if you have given me a business card, I may keep hold of this) or 2) through the contact form on my website which again arrives in my password protected email inbox. I access my emails and my drive through a password protected computer/phone. If you go ahead with booking me, I will store your data (specified in the paragraph above) in my client database. If you enquire but don’t book me, I will delete all your personal data from my client database after an appropriate period of time or immediately, if you ask me to.
I have a blog on my website where I showcase some of my musings and my photography. To be honest, no matter how many people tell me I should be blogging, I’m very bad at actually getting the posts out there! However, I would love for you to comment on them, but if you choose to, please remember that this part of the site is public and everyone can see it, so don’t go leaving all your personal information there.
If, at any point, you have questions about how your personal data is handled, you can just drop me an email and I will come back to you. You also have the right to request to see the information I hold on you. If any of this information is wrong, you have the right to correct it, and this seems like a sensible option that would be best for both of us! If you’d like me to delete all your personal data, you have the right to request it. However, as you will probably appreciate, if you have booked me to cover your event etc. and then ask me to delete all your information before the booking, this would make it difficult for me to work for you in the most effective way. I do tend to keep email addresses of my clients in my database, if however, you’d like to fully close your account with me, just let me know and I will completely wipe your information.
To summarise, I will use your email address to send you information you have asked for and possibly your phone number to let you know I’ve sent it and to look out for it and/or check you received it. If there’s something unrelated to your booking but related to something we had an actual conversation about, like a good florist/band/workshop that I think might be right up your street, I may contact you about that too. I do not give your email out to anyone else (including any assistants/second shooters) and I won’t be sending you loads of newsletters mostly because I don’t seem to ever get around to writing them up! I do sometimes give out phone numbers to second shooters so that they are also able to find/communicate with you/designated contact on the day of your event/wedding.
When booking me, I will ask you to complete a contract which asks you for details about your hire/event/wedding but again, once you have signed and sent this back to me as a scan or document photograph, it is stored on my Google Drive, inbox and/or client database via my password locked computer/phone. If you go old school and would rather sign and post it back as a letter, I will scan or digitally photograph the document, save this within the client database (Google Drive) and shred the original paper document. After your event/wedding/workshop I might produce a blog post / gallery on my website about it. You will have the option to give permission for this on the contract, model release or workshop consent form. I may also send you a questionnaire for a blog post. There is no obligation to fill this out (although it would be awesome to share the enjoyment/love!). If you choose to fill this in, what you write may be edited into content for a blog feature, so again, please don’t add personal/financial information to this.
Sometimes other quality blogs, websites or magazines may wish to feature your wedding/event/project and may ask my permission to reach out to you, but nothing can happen without your consent so we would discuss it and see whether you’d like to go ahead with being featured. Occasionally I may also submit photos to competitions but again, these would only be images that you have already given permission for me to use.
Basically, GDPR asks that we demonstrate reasonable and legitimate use when it comes to your data (this includes your image/face). If a third party does approach me asking me to buy one of your photos, I will email/get in touch with you about it. Sometimes you may want to sell it. I have had a couple sell some of their wedding photos for use by a national newspaper for example, and it netted them a little extra towards the honeymoon fund. However, it would never be without your consent or knowledge.
There are some things I do to run my business, including sharing my work on social media such as Instagram, Twitter, Facebook and my own website. If you are enquiring or have booked me, you have probably looked at these sources already to see photos of my work. I ask anyone hiring me to deliver photographic services, to opt into this in the relevant contract/consent form, but you can always decide to keep your event/wedding/workshop private.
I fully respect that some people don’t want to be seen on the internet, however, my contract is with you (the client who is hiring me) and my first priority is to you and delivering the job I am being hired for. Therefore, whilst I will always do my best to accommodate any requests from guests/members of the public to not appear in photographs, it is your responsibility to make them aware of the fact that a photographer will be present on the day. If they do not wish to appear in photographs, they are welcome to take note of the camera’s position and avoid appearing in photographs. Equally, if requested and in-line with GDPR ‘right to be forgotten’ requirements, I am happy to remove any images where it could be reasonably said that the person in question is a focus of the photograph.
I store your photos on password encrypted hard drives in my house which has appropriate locks acceptable for home insurance purposes. I also store backup drives, in my locked Little Vintage Photography office in a separate location (which has CCTV and a full alarm system in place). I share this office space with a social enterprise called www.wehearttech.com and we are the only keyholders. I am the only person who has the password to the encrypted drives in both locations.
I sometimes use an online gallery provider called Pixieset who self-certify as GDPR compliant to store and share links to your images. I will always ask you to ensure you are happy with the selection of images available before making these galleries public.
Any questions, get in touch!