THIS WEBSITE COMPLIES WITH THE DPA (DATA PROTECTION ACT 1998) AND THE GDPR (GENERAL DATA PROTECTION REGULATION), EFFECTIVE FROM MAY 2018.
1.1 We are committed to safeguarding the privacy of our website visitors and clients. In this policy, "we", "us" and "our" refer to Jonny Donovan Photography and the website www.jonnydonovan.com.
1.2 This policy applies where we are acting as a data controller with respect to the personal data of website visitors and clients; in other words, where we determine the purposes and means of the processing of that personal data.
1.3 We use cookies on our website. Insofar as those cookies are not strictly necessary for the provision of website visitors and clients, we will ask you to consent to our use of cookies when you first visit our website.
1.4 Jonny Donovan Photography does not engage in email marketing specific to our services. Your personal details will not be used for any such marketing purpose nor will they be passed onto to any third parties.
1.5 This website https://www.jonnydonovan.com collects private data using the forms found on all pages of the website https://wwwjonnydonovan.com, which generate emails sent to jonny@jonnydonovan.com. This data is only accessible to Jonny Donovan and his office and is visible to the host https://www.squarespace.com, who will never share data with third parties.
1.6 When you sign a contract with Jonny Donovan Photography we will store your contact data on password protected hard drives in the office, a backup copy in the cloud, and another copy on a hard drive within the office. This information is kept solely for the purposes of our professional records and for project management. Data will never be shared with a third party.
1.7 Images within our Client Galleries are backed up on password protected computers and hard drives in the office. Copies are also hosted by www.theimagefile.com, which hosts some of the data on GDPR compliant, encrypted servers based within the United States.
1.8 Although we only look to include quality, safe and relevant external website links & third parties, users are advised to adopt a policy of caution before clicking any external web links mentioned throughout this website. We cannot guarantee or verify the contents of any externally linked website despite our best efforts. users should therefore note that they click on external links at their own risk and we cannot be held liable for any damages or implications caused by visiting any external links mentioned.
1.9 We may process data about your use of our website and services as "usage data". The usage data may include your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths, as well as information about the timing, frequency and pattern of your service use. The source of the usage data is Google Analytics and Squarespace.com. This usage data may be processed for the purposes of analysing the use of the website and services. The legal basis for this processing is our legitimate interests, namely monitoring and improving our website and services.
2.0 We may process information relating to our customer relationships, including customer contact information as "customer relationship data”. The customer relationship data may include your name, your employer, your job title or role, your contact details, and information contained in communications between us and you or your employer. The source of the customer relationship data is you or your employer. The customer relationship data may be processed for the purposes of managing our relationships with customers, communicating with customers, keeping records of those communications and promoting our products and services to customers. The legal basis for this processing is for our legitimate interests, namely the proper management of our customer relationships.
2.1 We adopt a Social Media Policy to ensure our business and our staff conducts themselves accordingly online. While we may have official profiles on social media platforms users are advised to verify authenticity of such profiles before engaging with, or sharing information with such profiles. We will never ask for user passwords or personal details on social media platforms. Users are advised to conduct themselves appropriately when engaging with us on social media.
2.2 Under GDPR legislation, a photograph may in some instances constitute a form of personal data where they can be processed to allow “the unique identification or authentication of a natural person”. We will never photograph an individual as a means of unique identification or authentication unless consensually contracted to do so. Guests at weddings appear in photos taken by us as a part of the visual recording of the event in photos. Guests captured in portraits or in group photos do so as part of the event and their rights are protected by us as detailed in this privacy policy.
2.3 In terms of explicit GDPR compliance, Wedding clients and guests are photographed within the parameters of GDPR legislation on the basis of ‘legitimate interests’. The taking of photographs of wedding guests when viewed as a form of processing personal data is necessary for the legitimate interests of us as a photography business unless there is a good reason to protect a given individual’s personal data which overrides those legitimate interests.
2.4 Operating within the parameters of legitimate interests as laid out in GDPR legislation, the disproportionate effort involved in providing privacy policy information to all wedding guests at the event and the degree to which it would distract us from performing our job renders it infeasible to do. Wedding clients are therefore requested in their contract to direct their guests to read this privacy policy in advance of the event and to advise them to contact us in advance with any concerns around the processing of their personal data, namely being photographed.
2.5 Please do not supply any other person's personal data to us, unless we prompt you to do so.
2.6 Personal data that we process for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.
2.7 Notwithstanding the other provisions of this Section, we may retain your personal data where such retention is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.
2.8 We may update this policy from time to time by publishing a new version on our website.
2.9 You should check this page occasionally to ensure you are happy with any changes to this policy.
3.0 This website is owned and operated by Jonny Donovan Photography.
3.1 You can contact us:
(a) using our website contact form
(b) by telephone, on the contact number published on our website
(c) by email, using the email address published on our website
