I want you to feel comfortable in how your personal data is stored and used. That’s why I’ve created
this policy for you. First a few legal bits. The relationship you have is with my company, Glyn Dewis Photography Ltd (“I” and “my” below), who is the data controller for and processes personal data according to this policy.

How do I use your personal data?

Your personal data is being used in a few different cases:

1. You sign up for my newsletter.
2. You purchase something from my store.
3. You sign on as a client.

You can read more below on exactly what data is collected for each case and why.

What data do I gather from you and why?
As you saw above, there are three cases where I would store your personal data.

Newsletter
When you sign up to receive my newsletter I need your e-mail address and your name. This in order to deliver the newsletter to your inbox.

If you at any time no longer want to receive the newsletter you may opt-out by clicking on the unsubscribe link in any of the emails.

Your data is stored for as long as you are a subscriber. Once you unsubscribe, we will need to store your data in order to know that you do not want to receive any more emails. See below for how your data can be completely removed. The legal ground for this processing is consent.

Store
When you purchase an item from my online store, some personal data is required for the purchase. Some of the data is legally required and others I need to fulfil contractual obligations. That is, deliver
the order to you. Personal data stored in connection with purchases are your name, e-mail address, address, phone number,IP-address and your VAT number (the latter only in the case you are a sole proprietor). If you enter any personal data in the order notes, those  are processed too.

If you pay via credit card, your personal data will be sent to my secure payments partner, Stripe. If you pay via PayPal, their privacy policy applies. The data is stored up to seven years after the ending of the fiscal year where your order was placed according to UK law.

The legal ground for this processing is contractual necessity and legal obligations.

Clients
As a client, I need to process certain personal data in order to fulfil any contractual obligations. This applies if you contact me and are interested in becoming a client too. The personal data that I store for clients are: Company name (if it contains your name), company registration number (if you are a sole proprietor), name, e-mail address, phone number, address and your VAT number (in the case you are a sole proprietor and it makes you personally identifiable). The data is stored up to seven years after the ending of the fiscal year where your order was placed according to UK law. When you are no longer a client, I will anonymise any personal data that I am not legally obliged to keep.

The legal ground for this processing is contractual necessity and legal obligations.

Automatic Processing of Data
When you use my website or services, data is saved and processed on how you use them.
In some cases I share some information with chosen third party vendors (see below) of tolls for marketing or analysis. I do this to be able to offer you a better site, better products and a better service. This can happen by the use of cookies. Read my cookie policy below.

Storage of Personal Data with Third Parties
I use a series of systems, services and software from different suppliers both within and outside the EU. I do this so that I can run my business efficiently. I demand of all my suppliers that they fulfil the same requirements of the GDPR. The following companies have services that I use, where your personal data may be processed:

Google (USA)
I run my e-mail, calendar and contacts on Gmail. This means that when you e-mail me, the contents
of your email will be stored with Google.

Sage (United Kingdom)

Sage is my accounting system where all relevant data for accounting purposes are processed such as
your billing details.

Bernskiold Media (Sweden)
My web agency is Bernskiold Media and they have access to the website where personal data is stored. This is to support me and help with the development of the website.

What rights do I have?
You are always entitled to receive the information that I have stored on you. You may request one free export of data per calendar year. You may also at any time request that I correct information about you that isn’t correct. You also have the right to ask me to remove information that I have stored about you, what is known as the right to be forgotten. Due to legal obligations there may be cases where I need to store information even after your request to be forgotten.

Send your request to glyn@glyndewis.com

I normally handle this within 30 days. If I should notice
that it for some reason will take longer than this, I shall inform you of this and if there are any obstacles. When you request a copy of your personal data, corrections or removal of data, I need to validate your identity. Do to this, I will ask you to send me a picture of a valid photo ID. This image will be erased as soon as your request has been processed.

Changes
I want to continuously ensure not only that your data is safe, but also that I communicate this in the
best way possible to you. This means that I may need to update this policy at any time. If I make larger changes with greater impact, I will inform you of them.

Cookies

About cookies

A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.

Cookies may be either “persistent” cookies or “session” cookies: a persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.

Cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies.

Cookies can be used by web servers to identity and track users as they navigate different pages on a website and identify users returning to a website.

Our cookies

We use only session cookies on our website.

The names of the cookies that we use on our website, and the purposes for which they are used, are set out below:

(a)     we use cookies on our website to enable the use of a shopping cart on the website, analyse the use of the website / administer the website / prevent fraud and improve the security of the website.

Analytics cookies

We use Google Analytics to analyse the use of our website.

Our analytics service provider generates statistical and other information about website use by means of cookies.

The information generated relating to our website is used to create reports about the use of our website.

Our analytics service provider’s privacy policy is available at: [http://www.google.com/policies/privacy/].

Blocking cookies

Most browsers allow you to refuse to accept cookies; for example:

(a)     in Internet Explorer (version 10) you can block cookies using the cookie handling override settings available by clicking “Tools”, “Internet Options”, “Privacy” and then “Advanced”;

(b)     in Firefox (version 24) you can block all cookies by clicking “Tools”, “Options”, “Privacy”, selecting “Use custom settings for history” from the drop-down menu, and unticking “Accept cookies from sites”; and

(c)     in Chrome (version 29), you can block all cookies by accessing the “Customise and control” menu, and clicking “Settings”, “Show advanced settings” and “Content settings”, and then selecting “Block sites from setting any data” under the “Cookies” heading.

Blocking all cookies will have a negative impact upon the usability of many websites.

If you block cookies, you will not be able to use all the features on our website.

Deleting cookies

You can delete cookies already stored on your computer; for example:

(a)     in Internet Explorer (version 10), you must manually delete cookie files (you can find instructions for doing so at http://support.microsoft.com/kb/278835);

(b)     in Firefox (version 24), you can delete cookies by clicking “Tools”, “Options” and “Privacy”, then selecting “Use custom settings for history”, clicking “Show Cookies”, and then clicking “Remove All Cookies”; and

(c)     in Chrome (version 29), you can delete all cookies by accessing the “Customise and control” menu, and clicking “Settings”, “Show advanced settings” and “Clear browsing data”, and then selecting “Delete cookies and other site and plug-in data” before clicking “Clear browsing data”.

Deleting cookies will have a negative impact on the usability of many websites.

Data protection registration

We are registered as a data controller with the UK Information Commissioner’s Office.

Our data protection registration number is ZA115692

 

Questions and Contact Details
If you have any questions about the processing of your data, you may contact me at glyn@glyndewis.com.

Glyn Dewis Photography Ltd is registered in England and Wales under registration number
06590204, and its registered office is at Glyn Dewis Photography Ltd, Suite 18, Enterprise House,
Telford Road, Bicester, Oxfordshire. OX26 4LD.

Latest updated: May 22, 2018

Comments

  1. Pingback: life insurance lawyer

Leave a Comment