PRIVACY POLICY & GDPR

Welcome to our Privacy Policy and GDPR Compliance page. If you’re still here then that must mean you care a lot about your data privacy and the 2018 GDPR implementation and, guess what, so do we! We are nice folks and your safety and privacy is very important to us. 

If you don’t know what GDPR is, it’s the reason your email inboxes would have been full to bursting in the run up to 25th May 2018 with endless requests to ‘read our new privacy policy’ and ‘opt in’ to keep receiving all those wonderful marketing messages.

In short, we need to be compliant in handling your data - which as responsible biz owners we already are, but we need to make things super transparent to keep those GDPR bods happy.

In a nutshell, you can use this website without the need to provide any personal data, should you wish to, but If you want to purchase goods or services from Twigs Branch Photography then some data transfer (such as Zoom calls, filling out forms etc) will become necessary.

This policy sets out how and why we collect any of your personal information, how it is processed and how it is kept secure. By using this website, or engaging with us to enquire about or purchase any of our goods or services, you are agreeing to be bound by this policy.

Any and all personal data captured will be in line with the GDPR and any UK data protection regulations.

HOW DO YOU COLLECT DATA?

We collect data in a variety of ways including, but not limited to, the contact form on this website, via email, social media or phone. When we enter into a contract with you we will collect data that way and we may also collect data via cookies (more on this later).

WHAT INFORMATION DO WE COLLECT?

We only collect data that is necessary for us to do our jobs (which you probably want us to do since you’re paying us to do it).

We collect your name, so we don’t have to call you Sir or Madam (unless you want us to), and your contact details so we can communicate with you.

In order to provide photographic services to you, we take and store photographs from your event. Your photographs are stored for as long as the hard disks are functional in order to provide copies should you lose your photographs. This service is provided as a legitimate interest (see the ICO website for further information on this if you really want to).

Should you wish us to remove your photographs from our hard disks and backups after we’ve delivered your photos, we will do so if you provide confirmation in writing.

We never, ever capture credit or debit card numbers. Where card payments are permitted, these shall all be handled via a card processing service.

HOW WILL YOU USE MY DATA?

This is pretty straightforward, we will use your information to contact you about the job you have enquired about or booked with us.

We may also use your data in the general running of our business. For example, we may post photos from your wedding in a variety of places (this is permitted via legitimate interest referenced earlier. As a photography company, we need to be able to use images for promotional purposes as it’s what we do - this is permitted under the ICO’s regulations). 

Should any member of your wedding party not wish to be included in shared images, please let us know in writing (via email is fine). In addition, you may also opt out of our use of identifying images of you as part of your contract (this applies to the named client/s only - when you employ us to capture your day, you give permission for us to photograph your wedding party, guests and anyone else associated with the event).

Images captured under Trade for Print (TFP) arrangements are exempt from this consent.

Places we may post/submit images include;

  • This website

  • In blogs and on other websites

  • Print media & marketing materials (including brochures, business cards, posters, magazines and newspapers)

  • On social media

  • To other suppliers (for example your wedding makeup artist or florist may wish to have images for their own portfolios)

HOW, WHERE AND FOR HOW LONG DO YOU STORE MY PERSONAL DATA? 

Your personal data is stored for a minimum of 7 years (to comply with our legal obligations). Electronic files are kept on password protected devices. Any paper copies are filed in a secure premises to which only Twigs Branch Photography staff have keys. 

DO YOU SHARE MY PERSONAL DATA?

With the exception of photographs, personal data held by us is used only to fulfil contractual obligations, respond to communications, and for legal purposes such as filing tax returns. When it comes to your photographs, the EU hasn’t gotten too specific about what that means for working photographers, bar that we need to ‘demonstrate reasonable and legitimate use.’ What we can tell you is that we won’t sell your wedding photos to be used in a haemorrhoid commercial, or any such like, and we will always ask you to confirm whether or not you are happy for your images to be shared.

EXTERNAL DATA PROCESSORS

In addition to collecting data ourselves, we also use a variety of data processors. These are listed below.

  • Shootproof/Pictime - these are gallery services providing an online hosting of data, including images. Shootproof/Pictime self-certify as being compliant with Privacy Shield, so are compliant with GDPR.

  • Mailchimp - provides email mailing lists. We may use Mailchimp to send you details of news, special offers and promotions. Mailchimp holds names and email addresses. They self-certify as being compliant with Privacy Shield, so are compliant with GDPR. We retain data via legitimate interest.

  • iZettle - a tool for accepting credit and debit card payment. iZettle is PCI-DSS Level 1 certified aid and therefore compliant with GDPR. We retain 7 years of data in order to be compliant with legal obligations.

  • Google Analytics - a service which provides information about how visitors use a website. We use the information to add bells and whistles to our site. Google is fully GDPR compliant.

USE OF COOKIES

Like many other websites, Twigs Branch Photography uses website cookies. These store information on your computer and allow us to improve our website in a variety of ways through the use of aggregated data. It is possible to switch off cookies by setting your browser preferences. In some cases, turning cookies off may result in a loss of functionality when using certain parts of our site.

SECURITY PRECAUTIONS

Your security is very important to us. As we said way back in the beginning (anyone remember that long ago?!) we are nice people. We take all reasonable steps to ensure that data is held and processed securely. This includes ensuring our site is SSL certified. Basically this means you can tell our site is secure by the web prefix https (if a site is not secure it will display http only). 

THIS POLICY & ACCESS TO YOUR INFORMATION

This Privacy Policy was last updated in February 2024. We will keep this Policy under regular review so if you’ve enjoyed this rather long foray into the world of data compliance then don’t forget to check back often for updates. 

If you are concerned about any information we hold about you please email us at twigsplace@gmail.com or write to us at; Twigs Branch Photography, 29 Corbett Close, Telford, TF4 3JQ  and mark your correspondence ‘GDPR.’

GDPR COMPLIANCY ACHIEVED

Congratulations - we all made it to the end of this document in one piece! Ultimately, these EU regulations require us to just do stuff that’s already fairly within the realms of our job roles - so we guess all you really need to know is that we are nice human beings who want to be able to do our jobs, but who won’t take the proverbial.