THIS WEBSITE COMPLIES WITH THE DPA (DATA PROTECTION ACT 1998) AND THE GDPR (GENERAL DATA PROTECTION REGULATION), EFFECTIVE FROM MAY 2018.
1.1 We are committed to safeguarding the privacy of our website visitors and clients. In this policy, "we", "us" and "our" refer to Jonathan Donovan Photography and the website www.jonathandonovan.co.uk.
1.2 This policy applies where we are acting as a data controller with respect to the personal data of website visitors and clients; in other words, where we determine the purposes and means of the processing of that personal data.
1.4 Jonathan Donovan Photography does not engage in email marketing specific to our services. Your personal details will not be used for any such marketing purpose nor will they be passed onto to any third parties.
1.5 This website www.jonathandonovan.co.uk collects private data using the forms found on all pages of the website www.jonathandonovan.co.uk, which generate emails sent to firstname.lastname@example.org. This data is only accessible to Jonathan Donovan and his office and is visible to the host https://www.squarespace.com, who will never share data with third parties.
1.6 When you sign a contract with Jonathan Donovan Photography we will store your contact data on password protected hard drives in the office, a backup copy in the cloud, and another copy on a hard drive within the office. This information is kept solely for the purposes of our professional records and for project management. Data will never be shared with a third party.
1.7 Images within our Client Galleries are backed up on password protected computers and hard drives in the office. Copies are also hosted by www.theimagefile.com, which hosts some of the data on GDPR compliant, encrypted servers based within the United States.
1.8 Although we only look to include quality, safe and relevant external website links & third parties, users are advised to adopt a policy of caution before clicking any external web links mentioned throughout this website. We cannot guarantee or verify the contents of any externally linked website despite our best efforts. users should therefore note that they click on external links at their own risk and we cannot be held liable for any damages or implications caused by visiting any external links mentioned.
1.9 We may process data about your use of our website and services as "usage data". The usage data may include your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths, as well as information about the timing, frequency and pattern of your service use. The source of the usage data is Google Analytics and Squarespace.com. This usage data may be processed for the purposes of analysing the use of the website and services. The legal basis for this processing is our legitimate interests, namely monitoring and improving our website and services.
2.0 We may process information relating to our customer relationships, including customer contact information as "customer relationship data”. The customer relationship data may include your name, your employer, your job title or role, your contact details, and information contained in communications between us and you or your employer. The source of the customer relationship data is you or your employer. The customer relationship data may be processed for the purposes of managing our relationships with customers, communicating with customers, keeping records of those communications and promoting our products and services to customers. The legal basis for this processing is for our legitimate interests, namely the proper management of our customer relationships.
2.1 We adopt a Social Media Policy to ensure our business and our staff conducts themselves accordingly online. While we may have official profiles on social media platforms users are advised to verify authenticity of such profiles before engaging with, or sharing information with such profiles. We will never ask for user passwords or personal details on social media platforms. Users are advised to conduct themselves appropriately when engaging with us on social media.
2.3 In terms of explicit GDPR compliance, Subjects are photographed within the parameters of GDPR legislation on the basis of ‘legitimate interests’. The taking of photographs of an event or shoot when viewed as a form of processing personal data is necessary for the legitimate interests of us as a photography business unless there is a good reason to protect a given individual’s personal data which overrides those legitimate interests.
2.4 Please do not supply any other person's personal data to us, unless we prompt you to do so.
2.5 Personal data that we process for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.
2.6 Notwithstanding the other provisions of this Section, we may retain your personal data where such retention is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.
2.7 We may update this policy from time to time by publishing a new version on our website.
2.8 You should check this page occasionally to ensure you are happy with any changes to this policy.
2.9 This website is owned and operated by Jonathan Donovan Photography.
3.0 You can contact us:
(a) using our website contact form
(b) by telephone, on the contact number published on our website
(c) by email, using the email address published on our website