Privacy Policy
Privacy Policy
Updated: 6 March 2023
In very basic terms, Clare Amanda Photography totally respects your personal information and will only ask you for what information we really need from you. We will look after it in the same way we would want ours looking after, keeping it secure.
Introduction
Clare Amanda Photography takes your privacy very seriously. This privacy policy has been prepared in line with the EU’s General Data Protection Regulation (GDPR), which promotes fairness and transparency for all individuals in respect of their personal data. This privacy policy applies to all data we process and by using Clare Amanda Photography, you consent to our collection and use of such data. If you would like to get in touch about anything in this policy or about your personal data, then please contact our Data Protection Officer, Clare Shaw at clare@clareamanda.co.uk or 07753 409214.
Our website address is: https://www.clareamanda.co.uk.
What personal data we collect and why we collect it
As a data controller we collect a variety of data in order to deliver our services, and we will manage your personal data transparently, fairly and securely.
We may ask you to provide us the following data:
First Name(s)
Last Name
Child/Children's Names
Address
PostCode
Telephone Number
Email Address
Date of Birth – only recorded for persons we photograph under the age of 18 and require the parent or a legal guardian to consent to photography
Payment Details
Signature
IP Address
Social Media IDs
Images and videos of you and your child/children – being a photographic business, we also create and manage images as per our contractual agreement(s)
We use the above data to:
To deliver our service to you, including information relating to the session, contracts and releases
To deliver our online galleries, gallery access and our digital products to you
To deliver our products to you / for our professional photo laboratories or product providers to deliver our products to you
For online marketing and promotional purposes, including remarketing, portfolios, social marketing, blogs, guest blogs, webinars, videos
For physical marketing and promotional purposes, including but not limited to business stationery, flyers, posters, sample products and physical portfolios
To personalise your experience
To inform you of news, events, offers, products, and services
To process your payments
To connect with you on Social Media
We collect this information on the following lawful basis:
To give you a quote
To allow you or us to make bookings
Consent for use of images
To arrange or fulfil a contract
To arrange or fulfil a model release
To arrange or fulfil an order
To allow you access to your online gallery
To allow you access to your account
To send you any newsletters you have signed up for
To process payments for products or services
To meet a legal obligation other than a contract
For advertising our business
To send you regular emails/newsletters should you wish
To contact a child reaching the age of 18 years for their continued consent of image use
To connect with you on Social Media
Cookies
When you visit our website, we also collect Cookies. These are small pieces of data that websites send to a user’s computer and are stored on the user’s web browser. They are designed to enable the website to remember information, such as what a user might have put in a shopping cart, for example. We use cookies to:
Allow you to opt-in to saving your name, email address and website in cookies when leaving a comment. This is for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you have an account and you log into this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
Helps us anonymously analyse web traffic statistics in services such as Google Analytics.
For marketing and remarketing purposes. You may choose to opt out of this by using Google’s Ads Settings.
Determine whether you have signed up to our mailing list held with MailChimp.
A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us. You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.
Read more on our Cookies Policy
Embedded content from other websites
Articles on this site may include embedded content (e.g. client galleries, school/team galleries, videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracing your interaction with the embedded content if you have an account and are logged in to that website.
Who we share your data with
We share personal data with the following third parties:
Google (for analytics) – Data is transferred outside of the UK and European Economic Area to United States
Google Inc, Our cloud storage provider(s) – Data is transferred outside of the UK and European Economic Area to United States
Our cloud back-up provider(s) – Data is transferred outside of the UK and European Economic Area to United States
Google Inc, Our Email provider(s) – Data is transferred outside of the UK and European Economic Area to United States
Our CRM System and digital contract provider(s) - Data is/may be transferred outside of the UK and European Economic Area to United States, Australia and Ukraine. You can read Studio Ninja's privacy policy here - No longer used and data removed from service.
MailChimp, our marketing and emailing automation platform – Data is transferred outside of the UK and European Economic Area to United States. You can view MailChimp’s privacy policy here.
Our website hosting company and website storage provider(s) – Data is transferred outside of the UK and European Economic Area to United States
Our Accountant – Data is not transferred outside of the UK or European Economic Area
Our Printing Laboratories (Printed Promotional Media and Photographic Products) – Data is not transferred outside of the UK
Pixieset, our client gallery hosting company (for client galleries pre-2020) – Data is transferred outside of the UK and European Economic Area to Canada. You can view Pixieset's privacy policy here.
Shootproof, our client gallery hosting company and digital contract service - Data is transferred outside of the UK and European Economic Area to United States. You can view Shootproof's privacy policy here.
GotPhoto, our client gallery / school gallery hosting company - Data is transferred outside of the UK to the European Economic Area view GotPhoto’s privacy policy here: https://www.gotphoto.co.uk/data-privacy-policy/
Our image storage provider(s) – Data is transferred outside of the UK and European Economic Area to United States
Our bank(s) – Data is not transferred outside of UK
PayPal/Braintree PayPal – Data is transferred outside of the UK to the European Economic Area
iZettle – Data is transferred outside of the UK to the European Economic Area
Shopify International Ltd. - Data is transferred outside of the UK to the European Economic Area. You can view Shopify’s privacy policy here: https://www.shopify.com/legal/privacy
Guild of Photographers - Data is transferred out of the UK to the USA (portfolio use only)
For Plug-ins, Links, Social Media Connections (such as shares, likes, re-posts, follows) and Social Marketing use (including shares, likes, re-posts, follows):
Google Maps Google My Business - Data is transferred out of the UK and the European Economic Area to the USA
WhatsApp Ireland Limited - Data is transferred out of the UK to the European Economic Area. https://www.whatsapp.com/legal/?l=de#terms-of-service)
Facebook / Instagram / Meta Companies - Data is transferred out of the UK to Ireland may be transferred out of the European Economic Area to the USAhttps://help.instagram.com/155833707900388
LinkedIn - Data is transferred out of the UK and the European Economic Area to the USA https://www.linkedin.com/legal/privacy-policy
There are also certain situations in which we may share access to your personal data without your explicit consent; for example, if required by law, to protect the life of an individual, or to comply with any valid legal process, government request, rule or regulation.
Why we share your Personal Data with the above
We share your data for the following purposes:
To deliver our service to you
To produce and deliver product orders to you (whether digital or physical)
For marketing and remarketing purposes
To personalise your online experience
To personalise your experience with us and to offer an efficient service
To send you newsletters and direct marketing if you have opted into this
To manage contracts, forms, releases and bookings
To process payments
To provide account access
To provide online gallery access
To ensure we securely maintain and back up our files, records and images of you
To store a record of your communication and custom with us to deliver a more personalised service
To maintain an up to date and informative online and in print presence (where permissions from you have been agreed)
Visitor comments on our website may be checked through an automated spam detection service.
We may transfer personal data to a country outside of the UK and/or European Economic Area (EEA) if necessary for example, some third parties we utilise have servers located outside of the EEA. If this is the case, we will either obtain your consent or otherwise ensure that the transfer is legal and your data is secure by following the EU’s guidelines. You can see above where we send data outside of the UK and/or EEA and on what basis we do so.
How we keep your personal data secure
We keep your data secure by:
Following internal policies of best practice and staff training, including lockable file storage, password protection on devices and systems
Encryption (including TTPS and Transport Layer Security) for our cloud file storage and backups
By using Transport Layer Security (TLS) where data is transferred to us via our website
In the unlikely event of a criminal breach of our security, we will inform the relevant regulatory body within 72 hours and, if your personal data were involved in the breach, we will also inform you.
What rights you have over your data
You also have the following rights:
The right to be informed about the collection and use of your personal data
The right of access to your personal data and any supplementary information
The right to have any errors in your personal data rectified
The right to have your personal data erased
The right to block or suppress the processing of your personal data
The right to move, copy or transfer your personal data from one IT environment to another
The right to object to processing of your personal data in certain circumstances, and
Rights related to automated decision-making (i.e. where no humans are involved) and profiling (i.e. where certain personal data is processed to evaluate an individual.
This does not include any data we are obliged to keep for administrative, legal, or security purposes.
How long we retain your data
While we do not hold personal data any longer than we need to, the duration will depend on your relationship with us and whether it is ongoing. We may keep some of your personal data for up to 7 years after our working contract with you or your subsequent purchases have finished for Tax legislation purposes. After this time, we will archive your photographs indefinitely along with your relevant details and consent forms. This is due to requests for replacement images being made several years after being taken.
For video products or photograph and video linked products, we will keep your photos, videos and any necessary personal information related to them for as long as we are able to make this service available to you.
For mailing lists, we will keep your data on file until you unsubscribe. We may periodically ask you whether you wish to remain subscribed.
If you leave a comment on our website, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
Our contact information
We give you the option manage your data via:
Email: clare@clareamanda.co.uk
Telephone: 07753 409214
Writing to us: using the address on your contract or agreement with us
Changes to our privacy policy and control
We may change this privacy policy from time to time. When we do, we will let you know by changing the date on this policy, notifying customers of only significant changes that affect them directly. By continuing to access or use our services after those changes become effective, you agree to be bound by the revised privacy policy.