I'm committed to ensuring that your privacy is protected. I am also committed to providing you with an informative and safe website, without the worry of your personal information being used inappropriately. While you are browsing my website (www.grace-elizabeth.co.uk), some information is collected about you. This information, which is typical of most websites, helps me to know how many people visit the site and how I can best serve you. My Privacy Policy is explained below and may be updated frequently. (Last update: 20th February 2021)
I consider internet users' privacy and data protection to be really important, so let's talk about what I do (or don't do) to stay GDPR compliant. 'What's GDPR?' you ask? The General Data Protection Regulation (GDPR) comes into effect as of May 25th 2018, and effectively gives you lots of control over your personal data - in particular that of your digital personal data (i.e. anything you do online.) My website, and anything in relation to the processing of personal data supplied to me by users (that's you!) and other personal data in my possession for any reason - must be GDPR compliant. I have done my very upmost to ensure that it is, and I have put this policy in place to assure you of the ways I use your data.
It is my policy to maintain the privacy and confidentiality of any personal information, such as your name, address, email address, or telephone number - in summary, any information that you provide to me (usually via my contact form). Because your privacy is really important, I maintain this website privacy policy to protect your personal information, and I update it regularly. By using this site, you consent to the terms of this website privacy policy. I promise not to collect, use or disclose your personal information for any purpose other than those identified below, except with your consent or as required by law.
Let's talk about cookies! Sadly not the edible kind we all know and love. Cookies are small text files that are placed on your device - and are used on this website to help it work, and to provide a more efficient experience for you, the user. When you entered this site for the first time, you should have seen a banner pop up (it should be at the top) to alert you that this website uses cookies. By clicking the 'Continue' button, you agree that it is okay for them to be collected. In general, cookies are used to retain user preferences, and to provide anonymous tracking data to third party applications like Google Analytics. This website is connected to Google Analytics, Facebook Pixel, and Spydr (the digital agency who helped to build this website)'s own analytics. The information on Google Analytics is deleted after 38 months. As a rule, cookies will make your browsing experience better, but you are welcome to disable cookies on this site and on others. The most effective way to do this is to disable cookies in your browser. Here are instructions for doing so in Google Chrome, for example, and Firefox, but the same result is possible in just about any browser!
I collect personal information about you, such as your name, email address (so I can reply to your enquiry), telephone number (so I can text you briefly to let you know my reply hasn't gone awol!), date of your wedding or event (so we are on the same page about your enquiry), and I also like to know a bit more about your plans (don't worry - I won't share your soppy love story with everyone!) During the enquiry stage, this is only information that you voluntarily provide to me. For example, I may receive personal information about you when you send me an email through my website's contact form. Later, if you decide to book, further information will likely be required so that I can do my job! This is information such as your address (so I can send you your contract and lovely photo delivery!), the address/es for your event location (so I know where to photograph!), names of your friends and family (helpful for weddings - if you'd prefer, just refer to people as 'aunt and uncle' for example) and any other personal things you might like to tell me. I collect this information via an online form, which you won't have the link to unless I send it to you and I only send you this link once you've booked, so that I collect as little personal data as possible, and only when necessary. All of this information is retained for a minimum of six years and a maximum of twenty years. Why six years? The legal minimum I have to keep information (for tax return purposes) is six years - both in digital form and in paper form (but that's more relevant to me and my receipts!). Any paper-based information is stored in a folder which I lock away if I am not at home. I do not sell any personal information I receive through my website to any third party (such as Facebook, email or Instagram) nor will I add such information to any email list I may prepare.
As of June 2018, Grace Elizabeth now has a newsletter service, offered via the GDPR compliant service MailChimp, which Grace Elizabeth ran personally. As of February 2021, Spydr, the digital agency who helped to build this website, created a new MailChimp newsletter service on behalf of Grace Elizabeth. No old data was transferred across. To sign up to Grace Elizabeth's newsletter, you must enter your first name and email address, and an email will then be sent to you automatically by MailChimp to ask you to click a link to confirm that you signed up. This is known as a double opt-in and makes sure you didn't sign up accidentally. If you do not click the confirmation link in your automatic email to double opt-in, you will not be signed up. I never use your information unlawfully, and you may unsubscribe at any time (the button is at the bottom of any email you receive from me.) I will not spam you with emails, and access to my MailChimp account is via a password which only I know.
I am happy to discuss the information I have on record for you at any time, and, if at any time you request for this information to be deleted, I am happy to complete this request for you. Photographic identification (such as a passport or driving license) and proof of your current address (such as a recent utility bill) will be needed in order to confirm your identity prior to processing the removal or querying of your personal information. Please get in contact via emailing hello@photographybygrace.co.uk for more information.
The ICO is a little unclear about what we photographers can do with photos of your face (because technically it is personal data) so I will explain my current process:
I love to share the beautiful images I take of my lovely wedding and portraiture clients, but I only do so once you have signed a contract with me. I do not undertake any work without the signing of a contract which covers many clauses to set out your expectations of me, and my expectations of you. I use Shootproof (a service which is, as of June 2018, GDPR compliant) to deliver my contracts and online galleries (if you have opted for the latter), which is a password protected online service that allows me to input the data you voluntarily give me, so that I can send you a contract, or let you into your beautiful password-protected image gallery.
In signing a contract with me, there is a clause within my contract that explains how I like to use the images I take for purposes such as social media and marketing. This usually includes posting them on social media, on my website, printing them for products to take to fairs and events, sending them to wedding blogs for publication, and showing other clients who would like to see more of my work. I do not presume that you give me your consent for this, so after you have booked, you will be linked to one of my online questionnaires (specific to whether you are booking a wedding or lifestyle session) with explicit tick boxes, where you are able to select how I may or may not use your images. Each use is clearly outlined. This data is retained in relevance to your wedding or session.
If at any stage you decide you no longer wish for me to use your images or want to alter which images I can or cannot use, let me know via contacting me at hello@photographybygrace.co.uk and I will of course honour your request! For work that I do on a model call basis, or for personal projects, a contract is not required, but you absolutely must sign a model release, allowing full use of the images. If you are over 18, you may legally sign, although an adult must sign for children under 18.
I take the storage and collection of your data really seriously. I for one do not like the idea of my own data being stolen, so I have implemented various technical and organisational measures to ensure the most complete protection of your personal information, to prevent loss, misuse or alteration of this data (whether it be personal data or images - as I said, the ICO is a bit unclear about images.) However, Internet-based data transmissions surrounding third-party websites may have security gaps beyond my control, so absolute protection may not be guaranteed. For this reason, every person is welcome to transfer personal data via alternative means, e.g. by telephone. Any personal data I store about you (always digitally) is secured via unique login and password information on secured devices and online where necessary. This security information is never written down or reused elsewhere to ensure secure processing and management of your data.
From time to time, I may link to third party websites such as wedding blogs, and other cool places, but I do not take responsibility for the content of these websites. Of the ones I do use for my business (Drobpox, Shootproof and the like) these are all becoming (if not already) GDPR compliant.
By acknowledging your complete understanding of and agreement with this privacy policy via the confirmation when filling out the contact form (indicated by a tick box with which you must agree in order to submit your details on any form), you agree for me to respond to your enquiry via the contact information you decide to provide. Further correspondence (whether phone call or email) relating to the nature of your enquiry is essential to coordinate my services with you, including but not limited to wedding and lifestyle bookings. I will never send you emails asking for personal information such as passwords or payment information, nor will I send you newsletters. Should you receive such emails, please contact me immediately in a separate email so I may investigate this.
If you have any questions about my website or this Privacy Policy, please contact me by email at hello@photographybygrace.co.uk. Please ensure that your query is clear, particularly if it is a request for information about the data I hold about you!