PRIVACY POLICY
Hello! If you’ve clicked here it must mean you care a lot about your data privacy and 2018's GDPR implementation.
If you’re here by accident and you don’t know what GDPR is, please click back to another section, to calm your soul from the dullness of this page!
For those of you interested in how I handle your data, please read on, I'll try to make it riveting!
So here is Rose Bainbridge Photography’s updated GDPR compliant privacy policy:
​​​
Personal data I collect
I collect your name so I don’t have to call you Sir/Madam, your email address so I can communicate with you, your mobile number so I can call you to find you when we have a shoot in the middle of nowhere and its raining, your address so I can post your photos to you and take your photographs because that’s what you’ve paid and asked me to do. All of this is necessary for me to do my job.
​
How I collect and store your personal data
If you used my contact form on my website, your information arrives in an email inbox that is tightly passworded with something that doesn’t contain my birthday or my first pets name. If you go ahead with booking me as your photographer, I will store your email in my client database software called Shootproof (a GDPR compliant company), which only I have the password for (again, not a birthday / pets name). If you enquire but don’t book me (pffft as if that’ll happen!), I will not add your personal data to my client database. I use WIX to host my website, who are also GDPR compliant, and will not use your data for any purpose other than to contact me (Yay! Look how compliant we all are!).
​
Social Media / Blog commenting
I use social media for my business where I showcase my fun and beautiful photography. If you comment on it, it’s super public so everyone can see it, so don’t write down your personal credit card details there, you can just send that directly to me (if any auditors are reading this, this is called humour...people don't actual do that kinda thing, right? RIGHT?).
​
Right of confirmation, access, rectification and erasure
In all seriousness, if you have questions about how your personal data is handled, you can just drop me an email and I will quickly write something up. I’m happy to show you the information I have on you, and unsurprisingly it’ll probably be exactly the things you’ve told me because sadly as of yet I am neither a spy nor a mind reader. If some of the information is wrong, you have the right to correct it, and I would definitely recommend this because neither of us want me turning up 500 miles south of the church on your wedding day!
If you’d like me to delete all your personal data, you have the right to request it, but I wouldn’t recommend asking for that before your shoot, otherwise my journey to you will become a saga akin to The Lord of the Rings. And I do not have the elves on my side. I definitely need to know stuff about you to work for you. When you’re done with me you can totally dump and delete. I do tend to keep email addresses of my clients in the database for the duration that I provide your online galleries- if you’d like to fully close your account with me in a manner of speaking, just let me know and I can totally wipe you.
​
Use of your data
The summary of this is that I’m not a weird creep. I will 100% definitely use your email to email you about any photos of you / your family / your dog / your business. If there’s something related to your shoot like a discount coupon for prints, I’ll possibly email you that too, if I like you.
If there’s something unrelated to your photos but related to something we had a human conversation about, like a really awesome band we both like, I may well email you about that too. I wouldn’t give your email out to anyone else! I also won’t be sending you lots of newsletters mostly because frankly, I can't be bothered to write them. I do sometimes give out phone numbers to second shooters, not because they’re cute, but because similar to the clause above, it’s best for all involved if they are able to find you on the day of your shoot.
I have a questionnaire that asks you for details about what sort of thing your after, that doesn’t go anywhere bar my computer and then into a pdf on my password locked phone. Any and all information I request from you is entirely voluntary.
Sometimes your photos looks really pretty to a blogger / magazine, and they may ask my permission to show these. Again, nothing can happen without your consent so I wouldn’t stress about that. Sometimes I submit photos to competitions because it’s how I validate myself after spending 16 hours editing, and eating nothing but pretzels all day. I tend to only use photos you’ve already given permission for on my own website.
​
Use of your face-based data
When it comes to your photographs, the EU (or the UK, I can't keep up) hasn’t gotten too specific about what that means for working photographers bar that we need to demonstrate reasonable and legitimate use. I can tell you that I won’t sell your wedding photos to be used in a haemorrhoid commercial. If a third party does approach me asking me to buy one of your photos, I will email you about it before anything else happens!
Sometimes you may want to sell it. But in short it’ll never be without your consent or knowledge.
There’s a couple of things I do to run my business, like show my work on facebook, instagram and my own website. If you have booked me you probably looked at photos of my real clients. I do ask people to opt into this in my contract that every one signs when they book, but you can always decide to keep your shoot private. You can veto any photos you deem too sloppy, and it is your responsibility to ask your guests’ permission during event photographs, such as weddings and birthdays, although we both know Aunt Emma isn’t shy.
I store photos of your lovely faces on password encrypted hard drives in my house that is behind a double locked door. I also own a baseball bat, which I could probably figure out how to use if anyone did try to take them off me. I also keep a copy of your photos with two online gallery providers that are GDPR compliant.
​
In Summary!
The EU regulations require me to just do stuff that’s fairly within the realms of my job role, I guess all you really need to know is that I’m a nice human being who wants to be able to do my job, I have nothing to gain from selling / mining / misusing your data, I am not a big evil corporation, and never will be.
You guys are why I do what I do, I want to keep you happy, so your data is and always will be, safe with me!
Now where did I hide that baseball bat?!