Privacy Policy

The Policy
This privacy policy is for this website; www.anniearmitage.com and served by iPerspectives Limited T/A Annie Armitage – Photographer and governs the privacy of its users who choose to use it. It explains how we comply with the GDPR (General Data Protection Regulation), the DPA (Data Protection Act) [pre GDPR enforcement] and the PECR (Privacy and Electronic Communications Regulations).

Contact details:-
E:-  annie@anniearmitage.com
M:- 07711 391919

This policy will explain areas of this website that may affect your privacy and personal details, how we process, collect, manage and store those details and how your rights under the GDPR, DPA & PECR are adhere to. Additionally it will explain the use of cookies or software, advertising or commercial sponsorship from third parties and the download of any documents, files or software made available to you (if any) on this website. Further explanations may be provided for specific pages or features of this website in order to help you understand how we, this website and its third parties (if any) interact with you and your computer / device in order to serve it to you. Please contact me should you have any questions at all.

The DPA & GDPR May 2018
This website complies with the DPA (Data Protection Act 1998) and already complies with the GDPR (General Data Protection Regulation) which comes into effect from May 2018. We will update this policy accordingly after the completion of the UK’s exit from the European Union.

WHAT DATA DO WE COLLECT ABOUT YOU, FOR WHAT PURPOSE AND ON WHAT GROUND WE PROCESS IT 
Personal data means any information capable of identifying an individual. It does not include anonymised data.

We may process the following categories of personal data about you:

Communication Data that includes any communication that you send to us whether that be through the contact form on our website, through email, text, social media messaging, social media posting or any other communication that you send us. We process this data for the purposes of communicating with you, for record keeping and for the establishment, pursuance or defence of legal claims. Our lawful ground for this processing is our legitimate interests which in this case are to reply to communications sent to us, to keep records and to establish, pursue or defend legal claims.

Customer Data that includes data relating to any purchases of goods and/or services such as your name, title, billing address, delivery address email address, phone number, contact details, purchase details and your card details. We process this data to supply the goods and/or services you have purchased and to keep records of such transactions. Our lawful ground for this processing is the performance of a contract between you and us and/or taking steps at your request to enter into such a contract.

User Data that includes data about how you use our website and any online services together with any data that you post for publication on our website or through other online services. We process this data to operate our website and ensure relevant content is provided to you, to ensure the security of our website, to maintain back- ups of our website and/or databases and to enable publication and administration of our website, other online services and business. Our lawful ground for this processing is our legitimate interests which in this case are to enable us to properly administer our website and our business.

Technical Data that includes data about your use of our website and online services such as your IP address, your login data, details about your browser, length of visit to pages on our website, page views and navigation paths, details about the number of times you use our website, time zone settings and other technology on the devices you use to access our website. The source of this data is from our analytics tracking system. We process this data to analyse your use of our website and other online services, to administer and protect our business and website, to deliver relevant website content and advertisements to you and to understand the effectiveness of our advertising. Our lawful ground for this processing is our legitimate interests which in this case are to enable us to properly administer our website and our business and to grow our business and to decide our marketing strategy.

Marketing Data that includes data about your preferences in receiving marketing from us and our third parties and your communication preferences. We process this data to enable you to partake in our promotions such as competitions, prize draws and free give-aways, to deliver relevant website content and advertisements to you and measure or understand the effectiveness of this advertising. Our lawful ground for this processing is our legitimate interests which in this case are to study how customers use our products/services, to develop them, to grow our business and to decide our marketing strategy.

We may use Customer Data, User Data, Technical Data and Marketing Data to deliver relevant website content and advertisements to you (including Facebook adverts or other display advertisements) and to measure or understand the effectiveness of the advertising we serve you. Our lawful ground for this processing is legitimate interests which is to grow our business. We may also use such data to send other marketing communications to you. Our lawful ground for this processing is either consent or legitimate interests (namely to grow our business).

Data Retention
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

When deciding what the correct time is to keep the data for we look at its amount, nature and sensitivity, potential risk of harm from unauthorised use or disclosure, the processing purposes, if these can be achieved by other means and legal requirements.

For tax purposes the law requires us to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for six years after they stop being customers.

In some circumstances we may anonymise your personal data for research or statistical purposes in which case we may use this information indefinitely without further notice to you.

Data Security
We have put in place security measures to prevent your personal data from being accidentally lost, used, altered, disclosed, or accessed without authorisation. We also allow access to your personal data only to those employees and partners who have a business need to know such data. They will only process your personal data on our instructions and they must keep it confidential.

We have procedures in place to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach if we are legally required to.

Adverts and Sponsored Links
This website may contain sponsored links and adverts. These will typically be served through our advertising partners, to whom may have detailed privacy policies relating directly to the adverts they serve.

Clicking on any such adverts will send you to the advertiser’s website through a referral program which may use cookies and will track the number of referrals sent from this website. This may include the use of cookies which may in turn be saved on your computer’s hard drive. Users should therefore note they click on sponsored external links at their own risk and we cannot be held liable for any damages or implications caused by visiting any external links mentioned.

Downloads & Media Files
Any downloadable documents, files or media made available on this website are provided to users at their own risk. While all precautions have been undertaken to ensure only genuine downloads are available users are advised to verify their authenticity using third party anti-virus software or similar applications.

We accept no responsibility for third party downloads and downloads provided by external third party websites and advise users to verify their authenticity using third party anti-virus software or similar applications.

Contact & Communication With us
Users contacting this us through this website do so at their own discretion and provide any such personal details requested at their own risk. Your personal information is kept private and stored securely until a time it is no longer required or has no use.  Usually when a person makes an equiry their contact details are kept for up to 2 years unless they have opted in to the newsletter mailing list.

Where we have clearly stated and made you aware of the fact, and where you have given your express permission, we may use your details to send you products/services information through a mailing list system. This is done in accordance with the regulations named in ‘The policy’ above.

Email Mailing List & Marketing Messages
We operate an email mailing list program, used to inform subscribers about products, services and/or news we supply/publish. Users can subscribe through an online automated process where they have given their explicit permission. Subscriber personal details are collected, processed, managed and stored in accordance with the regulations named in ‘The policy’ above. Subscribers can unsubscribe at any time through an automated unsubscribe from Mailchimp lists. The type and content of marketing messages subscribers receive, and if it may contain third party content, is clearly outlined at the point of subscription.

Email marketing messages may contain tracking beacons / tracked clickable links or similar server technologies in order to track subscriber activity within email marketing messages. Where used, such marketing messages may record a range of subscriber data relating to engagement, geographic, demographics and already stored subscriber data.
Our EMS (email marketing service) provider is: Mailchimp and you can read their privacy policy here https://mailchimp.com/legal/privacy/

External Website Links & Third Parties
Although we only look to include quality, safe and relevant external links, users are advised to adopt a policy of caution before clicking any external web links mentioned throughout this website.

We cannot guarantee or verify the contents of any externally linked website despite our best efforts. Users should therefore note they click on external links at their own risk and we cannot be held liable for any damages or implications caused by visiting any external links mentioned.

Clients’ images – their storage and retention
Clients’ images are only used on the website portfolio, social media sites and the blog with written consent. Images that are used within a supplier’s portfolio of products again would have written consent from clients.

Order Fulfilment
Every effort is made to ensure that images are kept private and are transferred via secure routes to my suppliers to fulfil client orders. For celebrity clients a NDA is signed by my suppliers and the individuals that work on the ordered product.

Image backup
Two external hard drives from my desktop which are password protected are used to store client’s shoots.  Backblaze is also used as the online backup for images on the external hard drives.

Image retention
As I have copyright over all my images this will continue for 70 years after my death and so I try to keep all images with a review after 10 years after a photography session. This is a personal choice and clients must not rely on the fact that I keep images just in case my hard drives become damaged and unusable. It is my hope that if a client does have a problem with their copies of images that I would still have a back up for them but this cannot be presumed or relied upon.

Social Media Policy & Usage
We adopt a Social Media Policy to ensure our business and our staff conduct themselves accordingly online. While we may have official profiles on social media platforms users are advised to verify authenticity of such profiles before engaging with, or sharing information with such profiles. We will never ask for user passwords or personal details on social media platforms. Users are advised to conduct themselves appropriately when engaging with us on social media.

There may be instances where our website features social sharing buttons, which help share web content directly from web pages to the respective social media platforms. You use social sharing buttons at your own discretion and accept that doing so may publish content to your social media profile feed or page. You can find further information about some social media privacy and usage policies in the resources section below.

 

What are your rights?
Under data protection laws you have rights in relation to your personal data that include the right to request access, correction, erasure, restriction, transfer, to object to processing, to portability of data and (where the lawful ground of processing is consent) to withdraw consent.

You can see more about these rights at:
https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/

If you wish to exercise any of the rights set out above, please email us at annie@anniearmitage.com

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive or refuse to comply with your request in these circumstances.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you.

If you are not happy with any aspect of how we collect and use your data, you have the right to complain to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We should be grateful if you would contact us first if you do have a complaint so that we can try to resolve it for you.

Client Area – the galleries and shopping cart

The client area of this website is where clients can view their images within password protected galleries and can purchase prints and images via this part of the website. The gallery website is run by www.theimagefile.com and here is the privacy policy concerning any viewing or purchases that are made through the client area.

What we need
This website will be what is known as the “Controller” of the personal data you provide to us, which may include name, address, email and so on.

Why we need it
Your data is collected primarily for fulfilment of your orders and relaying of messages you send through this website.

What we do with it
Your data provided to this website is relayed to the website owner, and is archived by the website service provider Theimagefile.com. The service provider data archive exists primarily in Ireland with backups in the United States.

How long we keep it
Your online order data is stored for a number of years as required by tax law. Some aspects of your online order data can be anonymised at your request and to the extent allowable by law. Your other non-order data (i.e. marketing or messaging data) can be deleted or anonymised at your request, as per requirements of General Data Protection Regulation (GDPR). You may also unsubscribe from marketing communications at any time.

 

COOKIE POLICY

Cookies are small pieces of data, stored in text files, that are stored on your computer or other device when websites are loaded in a browser. They are widely used to “remember” you and your preferences, either for a single visit (through a “session cookie”) or for multiple repeat visits (using a “persistent cookie”). They ensure a consistent and efficient experience for visitors, and perform essential functions such as allowing users to register and remain logged in. Cookies may be set by the site that you are visiting (known as “first party cookies”), or by other websites who serve up content on that site (“third party cookies”).

Cookies on this website
This website uses cookies for a variety of different purposes. These include those that are “strictly necessary” for technical reasons; those that enable a personalized experience for visitors and registered users; and those that interact with selected third party networks. Some of these cookies may be set when a page is loaded, or when a visitor takes a particular action, such as clicking a “like” button. Below is a description of each category of cookies that are in use, along with specific examples.

Strictly Necessary
These are the cookies that are essential for websites to perform their basic functions. These include those required to allow registered users to authenticate and perform account related functions, as well as to save the contents of virtual “carts” on sites that have an e-commerce functionality:
sid – temporary session cookie identifier, used for login sessions and shopping cart
tif_cem – temporary session cookie for current email, used for secure albums requiring email login
tx1_EGS – temporary session cookie storing search term for album searches
tx1_fmm – temporary session cookie allowing viewing desktop site from mobile & vice versa

Unless otherwise noted below, we do not use persistent cookies, nor cookies for optional functionality, AB testing, performance, advertising and so on.

Third Party/Embedded Content
This website may make use of different third party applications and services to enhance the experience of website visitors. These include social media platforms such as Facebook and Twitter (through the use of sharing buttons), or embedded content from YouTube and Vimeo, or tracking services such as Google Analytics. As a result, cookies may be set by these third parties, and used by them to track your online activity. We have no direct control over the information that is collected by these cookies.

Controlling cookies
Visitors may wish to restrict the use of cookies, or completely prevent them from being set. Most browsers provide for ways to control cookie behaviour such as the length of time they are stored – either through built-in functionality or by utilizing third party plugins.
To find out more on how to manage and delete cookies, visit aboutcookies.org. For more details on advertising cookies, and how to manage them, visit youronlinechoices.eu (EU based) or aboutads.info (US based).
It’s important to note that restricting or disabling the use of cookies can limit the functionality of sites, or prevent them from working correctly at all.

Web beacons and other tracking technologies
Both websites and HTML e-mails may also contain other tracking technologies such as “web beacons”. These are typically small transparent images that provide us with statistics, for similar purposes as cookies. They are often used in conjunction with cookies, though they are not stored on your computer in the same way but will not store, save or collect personal information. As a result, if you disable cookies, the web beacons may still load, but their functionality will be restricted. but will not store, save or collect personal information.