WEBSITE PRIVACY STATEMENT
This Privacy Statement sets out how we, Dasha Caffrey Photography obtain, store and use your personal information when you use or interact with our website, https://www.dashacaffrey.com, or where we otherwise obtain or collect your personal information. This Privacy Statement is effective from May 2018.
It explains how we comply with the EU's GDPR (General Data Protection Regulation) legislation and the DPA (Data Protection Act). This policy will explain areas of this website that may affect your privacy and personal details, how we process, collect, manage and store those details and how your rights under the GDPR and DPA are
adhered to. Please, read this Privacy Statement.
Personal Data – any information relating to an identified or identifiable natural person.
Processing – any operation or set of operations which is performed on Personal Data or on sets of Personal Data.
Data subject – a natural person whose Personal Data is being Processed.
We/us (data controller) – Dasha Caffrey Photography (E-mail: email@example.com; Phone: +353851586855)
WE USE YOUR PERSONAL INFORMATION YOU VOLUNTEER TO:
- Communicate with you, including by sending you e-mails about a relevant photography service, by sending a message on social media, or by calling your phone number when provided by you
- Provide a photography related service
- Improving our services, including get in touch with you for feedback and reviews
- Complying with law. Comply with applicable legal requirements, such as tax and other government regulations and industry standards, contracts and law enforcement requests.
WE PROCESS YOUR PERSONAL INFORMATION FOR THE ABOVE PURPOSES WHEN:
- You have consented to the use of your personal information in a particular way. When you consent, you can change your mind at any time.
- We need your personal information to provide you with services and products requested by you, or to respond to your enquiries. In other words, so we can perform our contract with you or take steps at your request before entering into one. For example, we need your email address and phone number so we can send you information about our services and pricing.
- Legitimate interests. We have a legitimate interest in using your personal information. In particular, we have a legitimate interest to operate Dasha Caffrey Photography business and provide you with tailored service and communications, as well as to develop and promote our business.
The website server for https://www.dashacaffrey.com is accessible by the website host Squarespace. Squarespace does not have access to the data voluntarily submitted by the Data Subject via the contact form.
By completing the contact form you agree to Dasha Caffrey contacting you about Dasha Caffrey Photography's photography services. You will not be added to any mailing lists and will only be contacted by Dasha Caffrey personally in relation to your enquiry. We may share personal information with our service providers that perform services on our behalf. For example, we use third parties to help us provide customer support, manage our advertisements on other sites, manage contracts and invoices, host our Clients’ online galleries and other communications on our behalf or assist with data storage.
We do not use an e-mail marketing service and you will not be entered into any subscriptions without your explicit consent.
EXTERNAL WEBSITE LINKS & THIRD PARTIES
Although we only look to include quality, safe and relevant external links, users are advised to adopt a policy of caution before clicking any external web links mentioned throughout this website. We cannot guarantee or verify the contents of any externally linked website despite our best efforts. Users should therefore note that they click on external links at their own risk and we cannot be held liable for any damages or implications caused by visiting any external links mentioned.
CLIENT DATA HELD ON FILE
We take care over the processes around looking after personal data stored on our physical systems. Dasha Caffrey Photography holds the following personal data of clients:
ii) Addresses (including email addresses)
iii) Phone numbers
within soft copy and sometimes hard copy notes, as well as soft and hard copy client ‘Wedding Questionnaire’ documents. Soft copy contracts and wedding day plans and questionnaires are safely stored within our password protected home office PC and backed up to an external hard drive as well as a cloud back up/storage service provided by Backblaze (https://www.backblaze.com/). Client photos are safely stored within my password protected home office PC and backed up to two external hard drives.
How long we retain your personal information: for no longer than necessary, taking into account any legal obligations we have (e.g. to maintain records for tax purposes) and any other legal basis we have for using your personal information e.g. your consent, performance of a contract with you or our legitimate interests as a business.
We do our best to keep your Personal Data safe. We use safe protocols for communication and transferring data (such as HTTPS). We use anonymising and pseudonymising where suitable. We monitor our systems for possible vulnerabilities and attacks.
Even though we try our best we cannot guarantee the security of information. However, we promise to notify suitable authorities of data breaches. We will also notify you if there is a threat to your rights or interests. We will do everything we reasonably can to prevent security breaches and to assist authorities should any breaches occur.
Where applicable law requires (and subject to any relevant exceptions under law), you may have the right to access, update, change or delete personal information.
You can access, update, change or delete personal information by contacting us at firstname.lastname@example.org to request the required changes.
If you ask us to delete your information we shall comply within 40 calendar days of the receipt of such a request. We also will retain personal Information in order to comply with the law, protect our and others’ rights, resolve disputes or enforce our legal terms or policies, to the extent permitted under applicable law.
You may have the right to restrict or object to the processing of your personal information or to exercise a right to data portability under applicable law. You also may have the right to lodge a complaint with a competent supervisory authority, subject to applicable law. If you are subject to EU data protection laws, we suggest you lodge any such complaints with our lead supervisory authority:
Irish Data Protection Commissioner
Office of the Data Protection Commissioner
Canal House, Station Road, Portarlington, Co. Laois, R32 AP23, Ireland
Phone +353 57 868 4757
Fax: +353 57 868 4757
Additionally, if we rely on consent for the processing of your personal information, you have the right to withdraw it at any time and free of charge. When you do so, this will not affect the lawfulness of the processing before your consent withdrawal.
Cookies are data files that are sent between web servers and web browsers, processor memory or hard drives (clients) to recognise a particular user’s device when the user accesses a website. They are used for a range of different purposes, such as customising a website for a particular user, helping a user navigate a website, improving that user’s website experience, and storing that user’s preferences and login information.
Cookies can be classified as either ‘session’ or ‘persistent’ cookies. Session cookies are placed on your browser when you access a website and last for as long as you keep your browser open. They expire when you close your browser.
Persistent cookies are placed on your computer when you access a website and expire at a fixed point in time or if you manually delete them from your browser, whichever occurs first.
Cookies will be set either by our website domain or by third party domains on our behalf (for example by Google Analytics).
Cookies set by us on our website domain are referred to as ‘first party’ cookies. Cookies set by third party domains, or set on or via our domain on behalf of third parties, are referred to as ‘third party’ cookies.
Cookies do not usually contain personal information. Cookies may, however, be used in combination with other information to identify you.
Dasha Caffrey Photography will make no attempt to identify individual visitors, or to associate the technical details listed above with any individual. We do not disclose such technical information in respect of individual website visitors to any third party (apart from our internet service provider, which records such data on our behalf and which is bound by confidentiality provisions in this regard), unless obliged to disclose such information by law. The technical information will be used only by Dasha Caffrey Photography, and only for statistical and other administrative purposes. You should note that technical details, which we cannot associate with any identifiable individual, do not constitute “personal data” for the purposes of the Data Protection Acts, 1988 – 2003.