PRIVACY POLICY

The policy: this privacy policy is for this website; www.critchlowphotography.co.uk and governs the privacy of its visitors.It explains how we comply with the EU’s GDPR (general data protection regulation) legislation and the DPA (data protection act).
This policy will explain areas of this website that may affect your privacy and personal details, how we process, collect, manage and store those details and how your rights under the GDPR and DPA are adhered to.
This website complies with the DAP (data protection act 1998) and the DDPR (general data protection regulation)

CONTACTING SARAH CRITCHLOW PHOTOGRAPHY

This website, www.critchlowphotography.co.uk, collects private user data using the contact form found on this website https://critchlowphotography.co.uk , which generates emails sent to: sarah@critchlowphotography.co.uk
The data from these forms is emailed to the address listed above and also stored on the website server, in most cases dating back to when each form was created. The website server is accessible by Sarah Critchlow and the website administrators for www.critchlowphotography.co.uk – Everybodysmile.co.uk. Everybodysmile.co.uk never access or share this data other than by request from Sarah Critchlow. You can read their Privacy Policy via Image Proofing Privacy Policy on their website – www.everybodysmile.co.uk
By completing our contact forms, you agree to Sarah Critchlow contacting you about Sarah Critchlow Photography services.
You will not be added to any mailing lists and will only be contacted by Sarah Critchlow personally in relation to your enquiry. Your personal details will be added to my studio management software – Lightbluesoftware.com who are fully compliant with GDPR and will not share any information that has been inputted by Sarah Critchlow Photography. You can read their Privacy Policy via their legal information on their website www.lightbluesoftware.com. Your details will not be used for any marketing purposes nor will they be passed onto any third parties. Your details will only be stored my studio management software and in the email generated by this contact form which will be filed in the email account for Sarah Critchlow Photography which is hosted by Go Daddy and which can only be accessed by Sarah Critchlow Photography. if you wish to request for any email(s) containing your personal information to be deleted, please email sarah@critchlowphotography.co.uk

FINANCE ACCOUNTING SOFTWARE

Once Sarah Critchlow Photography enters into a contract for an assignment, your details will be entered onto a finance software accounting package namely Xero www.xero.com to process your booking and payments. This information may be shared with our bookkeeper and our accountant who has access to my accounts and subsequently the HMI. If you require any further details please email sarah@critchlowphotography.co.uk

EMAIL MARKETING

Sarah Critchlow Photography does not engage in email marketing specific to our services. Your personal details will not be used for any such marketing purposes nor will they be passed onto any third parties.

CLIENT GALLERIES

Sarah Critchlow photography creates a client gallery for each client to whom photos are delivered as part of the services contracted. Sarah Critchlow photography’s client galleries are externally hosted by Smugmug. Their privacy policy can be found via their Smugmug Privacy Policy on their website – www.smugmug.com

To visit a Sarah Critchlow Photography client gallery you will be required to enter personal data which will be shared with yourselves direct by Sarah Critchlow and will not be given to any other person.
It will only be used as detailed above, will not be used for any other marketing purposes and will not be passed onto any third parties. Smugmug’s technical support team will have the means to access to your personal data but will never access or share this data other than by request from Sarah Critchlow Photography
If you wish to request for your personal data (log in details) to be deleted from Sarah Critchlow Photography servers, please email sarah@critchlowphotography.co.uk

EXTERNAL WEBSITE LIKS AND 3RD PARTIES

Although we only look to include quality, safe and relevant external links, users are advised to adopt a policy of caution before clicking any external web links mentioned throughout this website.
We can not guarantee or verify the contents of any externally linked website despite our best efforts. Users should therefore note that they click on external links at their own risk and we cannot be held liable for any damages or implications caused by visiting any external links mentioned.

CLIENT DATA HELD ON FILE

We take care over the processes around looking after your personal data stored on our physical systems. Sarah Critchlow photography holds the following personal data of clients:
1. names
2. addresses
3. phone numbers
4. email addresses

Within soft copy and sometimes hard copy contracts as well as soft copy wedding client ‘wedding information form’ and ‘wedding questionnaire’ documents. soft copy contracts and wedding information and questionnaire forms are safely stored within our password protected computers, iphone & ipad and backed up to external hard drives.
Client photos are safely stored within our password protected computers and backed up to external hard drives. The external hard drives are securely stored in locked cabinets.

CLIENTS AND WEDDING GUESTS CAPTURED IN PHOTOS

Under GDPR legislation, a photograph may in some instances constitute a form of personal data where they can be processed to allow “the unique identification or authentication of a natural person”. Sarah Critchlow Photography will never photograph an individual as a means of unique identification or authentication unless consensually contracted to do so. Guests at weddings appear in photos taken by Sarah Critchlow Photography as a part of the visual recording of the event in photos. Guests captured in portraits or in group photos do so as part of the event and their rights are protected by Sarah Critchlow Photography as detailed in this privacy policy.
In terms of explicit GDPR compliance, wedding clients and guests are photographed within the parameters of gdpr legislation on the basis of ‘legitimate interests’. The taking of photographs of wedding guests when viewed as a form of processing personal data is necessary for the legitimate interests of Sarah Critchlow Photography as a photography business unless there is a good reason to protect a given individual’s personal data which overrides those legitimate interests.
Operating within the parameters of legitimate interests as laid out in GDPR legislation, the disproportionate effort involved in providing privacy policy information to all wedding guests at the event and the degree to which it would distract us from performing our job renders it infeasible to do. Wedding clients are therefore requested in their contract to direct their guests to read this privacy policy in advance of the event and to advise them to contact us in advance with any concerns around the processing of their personal data, namely being photographed.

SOCIAL MEDIA POLICY AND USAGE

We adopt a safe and responsible social media policy. While we may have official profiles on social media platforms users are advised to verify the authenticity of such profiles before engaging with, or sharing information with such profiles. We will never ask for personal details on social media platforms. Users are advised to conduct themselves appropriately when engaging with us on social media.

DISPLAY OF IMAGES

We may display any photographs to promote Sarah Critchlow photography on the Sarah Critchlow Photography website and blog, on social media, on wedding blogs, on wedding photography related websites, in exhibitions, in advertising, brochures, magazine articles and other such material, providing that the images used are used lawfully and without damage to Sarah Critchlow photography’s client(s). The rights of the people captured in these photographs are protected by Sarah Critchlow photography as detailed in this privacy policy

COMMENTS

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

COOKIES

My website does not add Cookies however when you leave my site and visit the Client Galleries via Smugmug, a Cookie is loaded. Please see their Privacy Policy – www.smugmug.com.

EMBEDDED CONTENT FROM OTHER WEBSITES

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracing your interaction with the embedded content if you have an account and are logged in to that website.
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

RIGHTS TO YOUR DATA

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Visitor comments may be checked through an automated spam detection service.