Hey folks! If you’ve clicked here it must mean you care a lot about your data privacy and the recent GDPR implementation. If you’re here by accident and you don’t know what GDPR is, it stands for General Data Protection Regulations (or a a genius photographer I know called it "Get Dozens of Photographers Rabid"!!)

Anyhoo, read on if you'd like to learn about how I collect and handle data and all things GDPR.

we'll be in touch x

I’ve created this policy which covers how I, Charlie Flounders Photography (or CFP) collect, use, disclose, transfer and store your data.  For this I get the everso important title of  “data controller” .... ooooh I hear you say! 

1. Introduction and General Terms
In order to provide you with my services, I sometimes need to collect information about you. This Privacy Policy relates to my use of any personal information you provide to me via forms on my website(s), by phone, SMS, email, in letters or other correspondence and in person. 

This policy explains the following:
 what information I may collect about you;
 how I might use information I collect about you;
 whether I will disclose your details to anyone else;
 your choices regarding the personal information you provide to me;
 my data security measures;
 website ‘Cookies’ and usage data.

In line with the EU General Data Protection Regulation (GDPR) and other relevant privacy and data protection legislation I am committed to safeguarding your personal information. Whenever you provide such information, I am legally obliged to use your information in line with all applicable laws concerning the protection of personal information (these laws are referred to collectively in this Privacy Policy as the “data protection laws”).

My website(s) may contain hyperlinks to websites owned and operated by third parties. These third party websites have their own privacy policies and so you should probably review them. They will govern the use of personal information you submit when visiting these websites. I do not accept any responsibility or liability for the privacy practices of such third party websites and your use of such websites is at your own risk.

2. Information not contained in this policy
More details concerning the collection or processing of Personal Data may be requested from me, the Data Controller, at any time. Please see the contact information within this document.

3. The Owner and Data controller - Who am I?
I am Charlie Flounders Photography. Because a lot of the work I do is in the field my Registered Office is my home address. Because I don’t want to splurge that all over the internet I’m not going to list it here. But anyone can request it directly from me at any time and I will not reasonably withhold this information. At this point in time by business is a Sole Trader and therefore I don’t have a company registration number to give you you.
You can contact me; the Data controller, by telephone on 07730 455 890, by email on holla@charlieflounders.com. My website is charlieflounders.com (but I guess you already know that as you’re probably reading this on there!!).

When we refer to “I” or “we” or “our” or “CFP” I am referring to Charlie Flounders Photography.

4. What information might CFP collect about me?
When you visit my website(s) and provide contact information to me via electronic forms on the website(s), or contact me by phone, SMS, email, in letters and other correspondence and in person I may receive personal information about you. The data may include some, or all of the following information: your name, email address and mobile telephone number, together with information about you, your family and other information that you may deem personal.

I will always do my very best to ensure that this information is kept safe at all times. I will keep the data about you for as long as it is believed to be accurate and up to date. I may will remind you periodically of your rights regarding your data, and to update your preferences so your changing wishes may be respected by me. You may object to your data being used by me at any time.

5. How might you use the information you collect about me and what for?
First and foremost, the reason I collect such information is so that I can undertake the creative work you’ve hired me to do. I will need to get lots of info. from you about logistics, plans and locations (especially if it’s your wedding I’m shooting), and I will also need to understand where to send your images once I’ve finished them.

After I’ve delivered your photos and our initial project has come to an end, I might use your contact details to keep in touch with you. The main purposes for using your personal information including the following:
 to provide and improve our services, activities or online content, to provide you with information about them and to deal with your requests and enquiries;
 to occasionally send you marketing communications such as newsletters, invitations to events, promotions and other updates on our services (via email and by post) that I think you’ll find useful, and that will help me provide you with a better service.

The information I hold will not be subject to any automated processing, including profiling, and my legal basis for the use of your data in this way is that you are legitimately interested in it ("Legitimate interest") and/or you have legally consented to it.


6. Will you share my personal information with anyone else?
I occasionally may use a second shooter (if your project requires this). In this case I will need to share specific information and plans, logistics and contacts for your shoot.

Otherwise no, I will not share your personal information with anyone else. This data will not be transferred to others and will not be transferred or stored outside the UK unless it is part of my secure database system or cloud storage for my documents. Any suppliers that I use for cloud data storage or database systems have an equally tight privacy policy, and I have checked out that all of them share my same ethics and are legally compliant when it comes to keeping your data safe.

Your privacy is of the highest importance to me, and we will never release or transfer your personal details to any outside my company for their mailing or marketing purposes without your prior and direct written consent.

7. Your choices and right regarding the personal information you provide to me
Your privacy is very important to me which is why I make sure you’re always in control of what I do with your personal information. You will always have the right to withdraw your consent to me holding this data and using it to communicate with you. My keep-in-touch emails will always include an ‘unsubscribe’ link that once clicked will instantly remove your email address from any marketing mailing lists I have. You can contact me by email (using the contact details set out in this policy) to inform me that you wish to withdraw your consent and I will erase your personal information from my database.

You have the right to rectify inaccuracies in the data, to request restriction of processing through suppression from supplied data, to object to processing, to request an electronic copy of the data I hold about you (which we will supply in electronic form) to enable portability, and to request erasure.

You also have the right to lodge a complaint with the supervisory authority who is the Information Commissioner’s Office www.ico.org.uk. But hopefully you’ll never ever need to!

8. Data security
I take data security very seriously and all such information is held on secure servers. I’ll always comply with the relevant legislation, and I’ll treat all your personal information as fully confidential. In order to protect your privacy, I take appropriate security measures in the storage and disclosure of personal information so as to prevent unauthorised access by third parties. In some cases, your Data may be accessible to certain types of persons in charge, involved with the operation of our business (administration, sales, marketing, legal, system administration) or external parties (such as third-party technical service providers, mail carriers, hosting providers, IT companies, communications agencies) appointed, if necessary, as Data Processors by me. I will only choose to work with third party data processors that we are confident share the same approach to data security, privacy and GDPR. I will do everything we reasonably can to ensure your data remains safe with them. An updated list of these parties may be requested from me, the Data Controller, at any time.

However, do remember the Internet is not a totally secure medium and you acknowledge and agree that I shall not be responsible for any unauthorised use, distribution, damage or destruction of personal data, except to the extent I am required to accept such responsibility by data protection laws.

9. Website ‘Cookies’
Cookies are small files that a site or its service provider transfers to your computer’s hard drive through your web browser that enables sites or service providers to recognise your browser and to capture and remember certain information.

This website uses Google Analytics to help analyse how users use the site. Google Analytics uses ‘cookies’ to collect standard Internet log information and visitor behaviour information in an anonymous form.  The information generated by the cookie about your use of the website (including your IP address if you have not opted out) is transmitted to Google. This information is then used to evaluate visitors’ use of the website and to compile statistical reports on website activity for our internal use.

I will never use the statistical analytics tool to track or to collect any Personally Identifiable Information of visitors to our site. Google will not associate your IP address with any other data held by Google. Neither we nor Google will link, or seek to link, an IP address with the identity of a computer user. You can read the Google Analytics Terms of Service here. Place of data processing: United States

My website uses a Content Management System which anonymously tracks the user’s movement around the site to allow us to improve the overall user experience. No personal information is stored. Showit is a web design and hosting service provided by Showit Inc, they host this website on Amazon Web Services. Amazon servers are fully secure and ready to beat GDPR requirements. You can read their Terms of Service here. Place of data processing: United States.

My website is also designed using WordPress. They are also fully secure and ready to beat GDPR requirements. You can read their Terms of Service here. Place of data processing: United States.

To find out more about managing and disabling cookies click here.

10. Changes to this privacy policy
I reserve the right to make changes to this privacy policy at any time by giving notice to my users on this page. I recommend you check this page periodically, referring to the date of the last modification listed at the bottom. If you object to any of the changes to the Policy, it is your responsibility to cease using this Application and can request that we (the data controller) remove the Personal Data. Unless stated otherwise, the then-current privacy policy applies to all Personal Data we have about our Users.

11. Contacting me about this Privacy Policy
If you any questions or comments about this Privacy Policy please contact Charlie Flounders:

Tel:     07730 455890
Email: holla@charlieflounders.com



Date of the last modification 20/05/2018
© Copyright Charlie Flounders Photography.