Who we are
David Batten Photography (PhotoMeGorgeous) has always prioritised data and system security as part of its obligation to provide secure and a well-managed system. Adhering to best practice guidelines such as The Data Protection Act as given by the Information Commissioner’s Office (ICO) and the new GDPR Law from 25th May 2018.
Our website address is: http://www.photomegorgeous.com
What personal data we collect and why we collect it
- Firstly David Batten Photography (PhotoMeGorgeous) can confirm and assure you, that an image alone is NOT DATA. It only becomes data when a name or any other personal information is linked which then identifies the image.
- DB Photography (PMG) is booked to take, either individual, group, corporate, wedding and website photographs and the client will have given consent that they are happy to be photographed.
- All information received for photo processing is stored on our encrypted computer system. All images from May 2018 will be held for a maximum period of 18 months, if storage space is needed, which we deem to be an acceptable period for orders to be placed.
- All printed information containing data about the client is kept securely.
- All software systems on our website are kept up-to-date, along industry standard best practice guidelines.
- Access to our system is protected by a sophisticated Firewall configuration.
- We do not currently use any images or information received for any e-mail marketing.
- Similarly, all images are stored on a dedicated encrypted hard drive, whereby David Batten (the Data Processor) is the only member of our staff with access. No passwords are stored.
- All staff who, assist with photographs have signed confidentiality contractual agreements.
- As part of our existing PCI DSS accreditation we do not store any credit card information for David Batten Photography (PhotoMeGorgeous).
- Access to individual images via our online service is limited to a unique Access Code, these are non-sequential and unique to each booking.
- Personal details received for us to produce orders through our online system will be kept securely. The information received by us when ordering will only be used should there be a query regarding the order.
- Digital image purchases made via our online ordering system are delivered via download from within the client’s secure area under https encryption.
- All online ordering will now only be available for 18 months and images will be permanently deleted from the system.
- Please note we must keep a record of order data as it is a mandatory requirement for HMRC, but this will be kept on our designated encrypted system.
- We do not share or sell your personal information with any third parties that are unrelated to DB Photography or PMG.
If you have an account and log in to our site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for a few days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for longer. If you log out of your account, the login cookies will be removed.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Finally, if you have read this far, well done. Don’t hesitate to contact us if you would like to know any more about our GDPR policies.
David Batten (Photomegorgeous) 2018