GDPR AND PRIVACY POLICY FOR LINGS PHOTOGRAPHY

LINGS PHOTOGRAPHY are committed to safeguarding and preserving the privacy of our visitors. This privacy policy explains what happens to any personal data that you provide to us in the operation of our business, or that we collect from you whilst you visit our site. LINGS PHOTOGRAPHY is owned and operated by myself, Mike Ling out of my studio in Fritwell. I provide photographic services throughout the UK and abroad to meet a range of clients, primarily in the areas of Weddings, Studio, Portraiture, Corporate and events. I can be contacted on 07857 931270 or mike@lingsphotography.com. This privacy Policy is for the website www.lingsphotography.com and governs the privacy of its visitors as well as the business of Lings Photography. It explains how I comply with the EU's GDPR legislation and the DPA.

COLLECTING YOUR DATA LINGS PHOTOGRAPHY will only collect Data that is given to us by you or agents acting on your behalf. Lings Photography may collect your Data in a number of ways, for example: When you contact us through the Website, by telephone, post, e-mail or through any other means and when you use our services, in each case, in accordance with this privacy policy. Data collected through this website is via the Enquiry Form. The form collects name, email address, details of requirements and message. Enquires sent using the form are sent to mike@lingsphotography.com which is an email address hosted by GoDaddy. The account is secured using two factor authentication and by using the contact form you agree that LINGS PHOTOGRAPHY can contact you in relation to your enquiry. This website is hosted by SmugMug and their privacy policy can be found at https://www.smugmug.com/about/privacy/

OUR USE OF YOUR DATA Any or all of the above Data may be required by us from time to time in order to provide you with the best possible service and experience when using our Website. Specifically, Data may be used by us for the following reasons: internal record keeping, improvement of our products and services, transmission by email of marketing materials that may be of interest to you and contact for market research purposes which may be done using email, telephone, fax or mail. Such information may be used to customise or update the website, in each case, in accordance with this privacy policy. We may use your Data for the above purposes if we deem it necessary to do so for our legitimate interests. If you are not satisfied with this, you have the right to object in certain circumstances (see the section headed “Your rights” below).

BUSINESS DATA I hold the minimum of business data necessary to operate the business and care is taken to ensure that this data is treated securely. All data is stored electronically and dependant upon the type of booking may include: Emails and contact information - Emails and contacts are stored electronically across password protected devices and hosted by GoDaddy. Accounting information- invoices, estimates, and statements are secured electronically and password protected Media - All content shot in undertaking a commission is stored and catalogued by filename based on date and content, on a password protected desktop computer, laptop and external drive. Clients may at their request, receive a link to file sharing service, Dropbox, where content is required to be shared by the client. Metadata - Where required images are stored with embedded information in the form of a generic caption describing the occasion. Names of the subject are included in the metadata where relevant and in gathering such information, consent is agreed. The metadata remains within the file and travels with the image if it is passed to further locations. Consent Forms - Consent forms are provided by the commissioning agent and describe the intent for the images's use. Such forms would require name, address, age and contact details. Forms are either passed to the commissioning agent on site or digitally scanned, shared with the agents' digital controller and then shredded.

EVENTS AND LEGITIMATE INTEREST Guests at events may appear in images taken by LINGS PHOTOGRAPHY as part of the recording of the event. In such instances attendees are photographed within GDPR 'legitimate interests' guidelines. The taking of photographs when viewed as a form of processing personal data is necessary for the legitimate interest of the photography business, unless there is a good reason to protect an individual's personal data which supersedes the legitimate interest claim. Clients are requested where possible to minimise any potential risk by making clear that photography will be taking place, either verbally of visually, thereby allowing attendees the opportunity of making it known that they do not wish to be photographed.

THIRD PARTIES In the day to day operation of the business LINGS PHOTOGRAPHY may use third party services, such as those listed below, with their respective GDPR policies:

Dropbox - https://www.dropbox.com/en_GB/security/GDPR YOUR RIGHTS

The GDPR provides the following rights for individuals. The right to be informed The right of access The right to rectification The right to erasure The right to restrict processing The right to data portability The right to object Rights in relation to automated decision making and profiling. If you wish to exercise your rights you can email me at mike@lingsphotography.com

INFORMATION COMMISSIONER'S OFFICE (ICO) You have the right to lodge a complaint about our handling of your personal data with the supervisory authority, which in the UK is the Information Commissioner's Office. You can contact the ICO on 0303 1231113


Powered by SmugMug Owner Log In