“This is the boring legal stuff”
I’ll try to keep this simple and in plain English.
Here’s the executive summary: I care about your data and your privacy, and, no, I’m not spying on you or building up a dossier about you! (Did you really think I was?)
Data collection and privacy
I collect information about people and I process it. This is nothing to be scared about, every business does it. It is necessary in order to run a business.
I want to be open and transparent about what is collected, how it is used. But most importantly I want to reassure you that I take your privacy seriously and that I look after the data I collect.
What information do I collect?
The data I collect falls into two categories.
- An email mailing list
- Data necessary to provide the services you are paying for
Let’s look at each of these in turn.
The email mailing list
The mailing list is a list of email address of people who wish to receive regular photography related emails from me. I hold the names of the people on the list too – just so I can be friendly when emailing.
Other information I hold and how I use it
I also hold how people signed up, specifically if it was at an event I was speaking at or on a cruise, I was lecturing on. I use this information so that I can send copies of notes and some offers to those who were at a particular event.
Some people have specified their general geographic location – occasionally I email about events I am running in particular areas this means if I know a person is outside that area I can exclude them from that mailing.
Some people have specified their photography interests, again when dealing only with a specific topic I can restrict my emails to just those people to whom it is of interest.
I record whether a person is an Academy Member or not – this is so that I can send out regular emails to Academy Members – this is part of the service that Academy Members are paying for.
If person has purchased or opted into an online training product this is recorded in the mailing list so that I can provide them with the service/training they have purchased or opted into.
Who do I share this information with?
I use MailChimp to administer my mailing list. MailChimp is the only third party I share the information with. MailChimp is the world’s leading marketing platform for small business and is annually certified by the EU. In short, they keep your data safe and they don’t share it with anyone.
Everyone who is on my mailing list is there because they have chosen to subscribe. Under GDPR this is known as “Data subjects’ consent”
Leaving the mailing list
Every email I send out to the mailing list clearly provides options for subscribers to update their mailing preferences and/or to unsubscribe completely.
Data necessary to provide the services you are paying for
- Persons who have booked for events/courses/workshops
- Persons who are members of Ian’s Studio Photo Academy or other online training resources
- Persons who have booked to hire the studio
- Persons who have hired me to provide photographic services
Data for events/courses/workshops
I use software to administer training events that I run. This software runs on my website within a WordPress framework.
The software is used to send out reminders to attendees for events they have booked on to. It enables me to control numbers of people attending each event. The software retains details of how much a person paid (so that I can then transfer that information to my accounts) but that information is not made public. No financial information such card details are stored by the software.
I retain the data of which people attended each event so that when training materials for a particular event are updated I can provide, on request, those updated materials to those who have previously attended a particular training event.
Data for Ian’s Studio Photo Academy
Again we use industry-standard software for managing the membership of the Academy. This runs on my website within WordPress.
I retain a record of the membership level a person subscribed to and when that membership is due to expire. The software retains a record of how much a person has paid. No financial information such card details are stored by the software.
If membership is cancelled I retain a record that you are a former member.
Your membership status is passed to MailChimp so that we can send you the regular updates which are part of your membership.
Studio Hire Data
When a person hires the studio an entry is manually created in the studio calendar. The name of the hirer is not explicitly given. Typically code is used so that I can identify who hired the studio when.
Clients for whom I have provided photographic services
An entry may be made in the Studio Calendar to indicate that the studio is in use. The name of the client is not explicitly given.
Images from a client shoot are imported into Lightroom and are tagged with the name of client/subject of the shoot. This is so that images can be located in the future.
Images from shoots may also be uploaded to online galleries from which clients can order prints or downloads. These galleries may be password protected or public depending on the requirements and wishes of the client.
All online financial transactions are handled by established payment processors. Namely PayPal and Stripe. I never have access to any card details, that is held by the payment processor who simply informs the software I use whether the transaction has been successful or not.
Transaction information (date, amount and payer) is manually entered in my accounting package for accounting and tax purposes. This includes both on-line and off-line transactions. This data is never shared with a third party but could be viewed by the Inland Revenue if they choose to audit my account. I reserve the right to share the information with a professional accountant if necessary to prepare my account.
The data I hold for providing business services is necessary in order to provide the said service. Under GPDR this is known as “Contractual performance”
Viewing and deleting data
A person has the right to view all the data I hold on them. If you wish to exercise that right please contact me and I will provide details.
A person has the right to request the data held about them be deleted. To exercise this right please contact me. Please note: for legal reasons some data cannot be deleted (ie where it is required for tax purposes or where it is required to be able to provide a service the person is paying for). In such circumstances, we will work with you to anonymise the data and/or if necessary terminate the services we are providing.
All about cookies
I am sure you know this already, but cookies are small text files stored on your computer or mobile device that store small amounts of information which are used to improve the visitor experience. They can also be used to track user activity.
No explicit tracking cookies have been set up. However, certain features of the site may use them to remember bits of information, for example, whether or not you are logged into the website. This is important otherwise you would have to re-login on every page you visited.
In short, some cookies are used, no I’m not using them to gather data about any individual, yes some general trends are being anonymously analysed to make your experience better
Ian M Butterfield
Last revised: 24 May 2018