The policy: This privacy policy is for this website – www.sonyasmithphotography.com – and governs the privacy of its visitors. It explains how we comply with the EU’s GDPR (General Data Protection Regulation) legislation and the DPA (Data Protection Act). This policy will explain areas of this website that may affect your privacy and personal details, how we process, collect, manage and store those details and how your rights under the GDPR and DPA are adhered to.

The DPA & GDPR May 2018

This website complies with the DPA (Data Protection Act 1998) and the GDPR (General Data Protection Regulation), effective from May 2018.

Contacting Us

This website, www.sonyasmithphotography.com, collects private user data using the following contact form –www.sonyasmithphotography.com/contact/- which generates emails sent to hello@sonyasmithphotography.com. The data from these forms is emailed to the address listed above and also stored on the website server, in most cases dating back to when each form was created. The website server is accessible by the website administrators for www.sonyasmithphotography.com at StudioSmith. StudioSmith  never accesses or shares this data other than by request from Sonya Smith. By completing the contact form you agree to Sonya Smith contacting you about Sonya Smith Photography Ltd’s photography services.

Your contact information will be recorded and retained in a customer relationship management (CRM) system and kept securely online in accordance with their privacy policy. You will not be added to any mailing lists unless you have opted in using the checkbox or otherwise given consent, and will only be contacted by Sonya Smith personally in relation to your enquiry. Your personal details will never be passed onto any third parties. They will be stored in the email generated by this contact form which will be filed in the email account for Sonya Smith Photography which is hosted by Gmail and which can only be accessed by Sonya Smith. If you wish to request for any email(s) containing your personal information to be deleted, please email hello@sonyasmithphotography.com

Email Marketing

Email marketing messages sent after a visitor has supplied their contact information and specifically requested / consented to being added to the email mailing list may contain tracking beacons / tracked clickable links or similar server technologies in order to track reader activity within email marketing messages. Where used, such marketing messages may record a range of subscriber data relating to engagement, geographic, demographics and already stored subscriber data. Our email marketing service is Mailerlite and you can read their privacy policy here: https://www.mailerlite.com/legal/privacy-policy

Client Galleries

Sonya Smith Photography creates a client gallery for each client to whom photos are delivered as part of the services contracted. Sonya Smith Photography’s client galleries are externally hosted by Pixieset. Their privacy policy can be found here: https://pixieset.com/privacy/. To visit a Sonya Smith Photography client gallery you will be required to enter your first name and email address. This personal data (email address) will be stored within Pixieset’s system, on their servers and will be used to email you only with information relevant to the client gallery you have accessed. Any such emails sent to you will only be during the period for which the gallery is live.

Only Sonya Smith will have access to your personal data (email address) stored on Pixieset’s system on behalf of Sonya Smith Photography Ltd. It will only be used as detailed above, will not be used for any other marketing purposes and will not be passed onto any third parties. Pixieset’s technical support team will have the means to access to your personal data (email address) but will never access or share this data other than by request from Sonya Smith. If you wish to request for your personal data (email address) to be deleted from Pixieset’s servers, please email hello@sonyasmithphotography.com

External Website Links & Third Parties

Although we only look to include quality, safe and relevant external links, users are advised to adopt a policy of caution before clicking any external web links mentioned throughout this website. We cannot guarantee or verify the contents of any externally linked website despite our best efforts. Users should therefore note that they click on external links at their own risk and we cannot be held liable for any damages or implications caused by visiting any external links mentioned.

Client Data Held On File

We take care over the processes around looking after personal data stored on our physical systems. Sonya Smith Photography holds the following personal data of clients:

1. Names
2. Addresses (including email addresses)
3. Phone numbers

within soft copy and sometimes hard copy contracts as well as soft copy client ‘shoot plan’ documents. Soft copy contracts and day plans are safely stored within my password protected home office iMac and backed up to two encrypted external hard drives. Hard copy contracts are filed in my secure home office. Client photos are safely stored within my password protected home office iMac and backed up to two encrypted external hard drives. An additional cloud copy of all images is stored on GDPR compliant Dropbox.

Clients Captured In Photos

Under GDPR legislation, a photograph may in some instances constitute a form of personal data where they can be processed to allow “the unique identification or authentication of a natural person”. Sonya Smith Photography will never photograph an individual as a means of unique identification or authentication unless consensually contracted to do so. Guests/attendees at events appear in photos taken by Sonya Smith Photography as a part of the visual recording of the event in photos. Guests/ attendees captured in portraits or in group photos do so as part of the event and their rights are protected by Sonya Smith Photography as detailed in this privacy policy.

In terms of explicit GDPR compliance, clients and guests/attendees are photographed within the parameters of GDPR legislation on the basis of ‘legitimate interests’. The taking of photographs of guests/attendees when viewed as a form of processing personal data is necessary for the legitimate interests of Sonya Smith Photography as a photography business unless there is a good reason to protect a given individual’s personal data which overrides those legitimate interests.

Operating within the parameters of legitimate interests as laid out in GDPR legislation, the disproportionate effort involved in providing privacy policy information to all event guests at the event and the degree to which it would distract us from performing our job renders it infeasible to do. Clients are therefore requested to direct their guests/attendees to read this privacy policy in advance of the event and to advise them to contact us in advance with any concerns around the processing of their personal data, namely being photographed.

Social Media Policy & Usage

We adopt a safe and responsible social media policy. While we may have official profiles on social media platforms, users are advised to verify the authenticity of such profiles before engaging with, or sharing information with, such profiles. We will never ask for personal details on social media platforms. Users are advised to conduct themselves appropriately when engaging with us on social media.

Display Of Images

We may display any photographs to promote Sonya Smith Photography on the Sonya Smith Photography website and blog, on social media, on 3rd party blogs, on photography related websites, in exhibitions, in advertising, brochures, magazine articles and other such material, providing that the images used are used lawfully and without damage to Sonya Smith Photography’s client(s). The rights of the people captured in these photographs are protected by Sonya Smith Photography as detailed in this privacy policy.