Hiya! If you’re on this page it must mean you care about your data privacy, you’ve heard the crazy amount of hype around GDPR or you’re just interested to see what’s here.
So basically GDPR means that we have to take care of the information we hold about you, as if I wouldn’t do that already. With this new hype comes a lot of people panicking and a ridiculous amount of confusion. Because copyright law means I own my photos I take of you, there’s a bit of confusion about whether your face is classed as data.
Personal data I collect
I collect your name, even though I’ll probably forget it, so that I can atleast try to look professional. I collect your email address so that I can send your gallery and ensure your photos remain safe. I collect your address so that I can post any prints or packages to you. I collect your phone number so that I can call you and find you on your wedding day/session.
I take your photo because that’s what you’ve paid me to do and it’s my job.
Any data I collect from you is entirely necessary to do the job you pay me to do.
How I collect and keep your personal data
I get you to use my contact form on my website, which arrives in an email inbox that is tightly passworded and has two level authentication. If you go ahead with booking me as your photographer, I will store your email in my client database, which is only accessible on my computer and my email inbox. I’ll also note your first names in my old school diary (because I’m one of those people that still likes to have things written down.)
If you enquire but don’t book me I will delete your personal details and email. I don’t think your email gets stored on my website, but if it does my website is super secure and can only be accessed with two level verification as well.
My blog, facebook and instagram are all public. If you leave a comment on there then other people will see it.
If you message me on Facebook you’ll get an automatic reply to try to encourage you to head to my website. But if you still want to contact me via Facebook it’s secured with two level verification as well.
Right of confirmation, access, rectification and erasure
If you have any questions about how your data is stored and dealt with, then please do not hesitate to contact me and I’ll answer as honestly and openly as possible. I’m happy to show you the information I have on you, and it’ll probably be exactly the things you’ve told me because I really don’t have time to do any snooping. If any of the information is wrong, you can correct it, and I’d really rather you did because I’d hate to call your groom the wrong name.
If you’d like me to delete all your personal data, you have the right to request it, but it really will make my job almost impossible – I won’t really be able to find you or send your photos without your details. I definitely need to know stuff about you to work for you.
When you’ve got all your photos, I can totally delete you, but it’s best I keep your email for as long as your gallery is live to maximise your security.
Use of your data
Basically in a nutshell I take a lot of care to make sure I protect your privacy. I like to contact you a lot before your wedding to give you the best possible service, so I will use your email for that. If there’s something related to your wedding like a discount option or a bridal magazine or even a blog with a similar style I’ll send that to you via your email. My clients become more like friends so I might email you about something we’ve chatted about or that you might like, just because we get on, but that’s about it. I will never give your email to anyone else, not even a second shooter.
I won’t be sending you newsletters, because to be honest, I don’t have time for that and hopefully you’ll only get married once so you won’t need a wedding photographer again, and my families know where to find me if they want to book me again.
I might give your phone number to a second shooter on the day of the wedding so they can find you if we lose you.
I have a contract and booking form that asks you for details about your wedding so I can do the best job for you. Both of these don’t go anywhere bar my computer and then into a pdf on my password locked phone.
After your wedding I might send you a questionnaire or email you about a blog post, you don’t have to reply and what you write in there may be edited into content for a blog. Any info is completely voluntarily given.
Sometimes your wedding is so good that independent blogs want to feature it, YAY FOR US BOTH! but if they do, I will get in touch for your permission to share it first.
Use of your face-based data
When it comes to your photographs, there isn’t too much specific information about what that means for us photographers bar that we need to demonstrate reasonable and legitimate use.
So let me tell you that I won’t sell your photos to be used in an awful advert. If a third party does approach me asking me to buy one of your photos, I will email you about it. You might want to be on a really cool bridal/family advert so I won’t keep the option to earn some extra money from you. But it’ll never be without your consent or knowledge so you won’t see yourself on some random billboard.
There’s a couple of things I do to be able to run my business, like show my work to couples/families on good old social media, including Facebook, Twitter, Instragram, Pinterest and my own website. That’s probably how you found me because I don’t do fairs or external advertising. That’s why I do ask couples and families to opt into this in my contract, but you can always decide to keep your photos private. I respect that some people don’t want to be on the Internet.
You will never see any photos on social media or the internet before you’ve seen them yourself. You can veto any photos you don’t like and it is your responsibility to ask your guests’ permission, although I’m sure they’ll be pretty happy to get some free photos.
I store your photos on a password encrypted hard drive in my locked house, out of sight. I also keep a copy to share with you in an online gallery provider that is GDPR compliant. For a limited time I will also keep a second backup on Dropbox which is also GDPR compliant. To access your photos you need to have a password and a Download PIN that only you will be able to share.
Unless requested by you, I will remove your images from the online gallery after the agreed amount of time, but will keep them on the encrypted hard drive for a maximum of 5 years (by which point the hard drive will probably not work with modern technology anyway).
So that’s me being GDPR compliant!
So the new regulations are really just making me to tell you the stuff I already do, because I don’t want your information getting out into the world any more than you do. I also don’t want my photographs going anywhere that someone else can take credit for them, so I protect them for both our sakes.
If you have any questions, please don’t hesitate to get in touch.