By using this website you are agreeing to the terms laid out in this notice. If you do not agree with the terms in this notice, you should stop using this website and not provide us with any personal information.
Photoion Photography Ltd is the data controller when you use this website.
Who we are and how to contact us
Our sites (Our website, social media platforms, and any physical locations) are operated by Photoion Photography.
14 Lower Marsh,
How we collect your personal information
Generally, we collect your information when you choose to interact with us. This can be booking courses over the telephone, on our website or in-person, or joining our mailing list. We also observe how customers use our website so that we can offer the best possible online experience.
The types of information we collect:
We only collect information that is necessary to carry out our business and provide the services you’ve requested. We do in some cases contact you with marketing communications as part of our legitimate interest which can be reasonably expected when running our business. For example, we might use your booking history to provide you with personalised offers or send you promotions and services that might interest you. You can also unsubscribe from our emails at any time; at the bottom of any email, there is an unsubscribe link.
Here are some examples of information we collect about you when you interact with us:
-Name and Surname
-Contact phone number(s)
-Interactions with us e.g. contacting our Customer Service
-Attendance at courses
-Preferred products and brands
-Website usage information
Here are some examples of when such information may be collected:
-When you visit our website, for example, when you use our booking system to buy our services.
-When you redeem vouchers on the phone, over the email, in our studio or online.
-When you book a course or workshop with us over the email, in our studio or online.
-When you enter prize draws or competitions.
-When you choose to complete any surveys we send you.
-When you sing up to receive our newsletters.
-When you book any kind of appointment with us or book to attend an event.
-When you fill in any forms.
Ensuring your personal information is only used where lawful:
We must ensure a lawful basis for storing and using your information in order to comply with applicable data protection law General Data Protection Regulation (GDPR) (EU) 2016/679 or The Privacy and Electronic Communications Regulations (PECR). Examples of the lawful basis that we use your data include our use of your information being necessary for the purchase of goods or services, or pursuing our legitimate interest or compliance with a legal obligation.
Why we collect your personal information and how we use it:
We use information about you in various ways including providing the services you have requested, updating you on your order progress, processing refunds, answering queries and offering you a more personalised service when shopping with Photoion Photography.
The Privacy and Electronic Communications Regulations (PECR)
Where we have collected your contact information when processing a sale (or negotiations of a sale) either online, via telephone, or in person, of a product or service, Photoion Photography will have PECR compliant permission to send you email communications. We will ONLY ever email you about Photoion Photography related products, services or information you may find useful from our company or our partners. You are always free to opt out from such direct marketing emails by using a ‘Unsubscribe’ link at the bottom of each email.
We will NEVER share or sell your information to third parties for marketing purposes.
Sharing your information
In order to offer you the very best service possible Photoion Photography uses a number of tools and software solutions within our business. These range from customer relationship management (CRM) tools, emailing marketing services, customer and website analytics, order fulfilment, refunds, general IT infrastructure services, online advertising etc. In providing these services we will share your information with our service providers, who will be acting as a data processor on behalf of Photoion Photography.
We will check that any third parties that we use for these services is compliant as a data processor with the GDPR (EU) 2016/679 directives, complies with data security standards and also complies with any international data transfer restrictions.
Business Administration and Legal Compliance:
Photoion Photography retains the right to share your information with third parties when required to do so for business administration and legal compliance purposes. This will, for example, be a legal requirement if data access is requested by HMRC, Police, and Public Prosecutors and should we need to share information for a business transaction such as a business merger or acquisition by another company, we may in such events need to share your information with accountants, lawyers, insurers, or financial institutions.
How can I unsubscribe from marketing communications:
While it will be sad to see you go, we never make it difficult to unsubscribe. All of our emails contain unsubscribe links at the bottom, if you wish to be forgotten about entirely you can request we delete all of the data we hold about you by emailing a request to be forgotten to [email protected]
Photoion.co.uk uses a number of different cookies. Below we explain the cookies we use and why we use them. We take your privacy seriously and we always aim to be as transparent as possible about the data we collect and store. Photoion Photography complies with the General Data Protection Regulation (GDPR) (EU) 2016/679.
What is a cookie?
A cookie is a small text file that may be placed on your device when you visit our sites. When you next visit our sites the cookie allows us to distinguish you from other users.
There are two broad categories of cookies:
Persistent cookies: Persistent cookies remain on your device until deleted manually or automatically.
Session cookies: Session cookies remain on your device until you close your browser when they are automatically deleted.
Cookies we use and why we use them
Essential cookies: Essential cookies are technical cookies that are required for the operation of our sites. Without essential cookies, our sites can’t operate properly. Essential cookies include, for example, cookies that enable you to log into secure areas.
Performance cookies: Performance cookies allow us to recognise and count the number of visitors to our sites and to see how visitors move around them. This helps us to improve the way our sites work by enabling us to tailor our sites to the way visitors use them. The information we collect from performance cookies is aggregated which means that we cannot identify you from it.
Experience cookies: Experience cookies allow our sites to remember the choices you make. Our sites use experience cookies to provide you with enhanced and personalised features. For example, we use information collected through what is known as “web-analytics” cookies to compare the choices you make to those of our other customers so that we can learn from those choices. Information collected by experience cookies cannot track your browsing activity when you leave our sites to browse other sites.
Marketing cookies: Marketing cookies record your visits to our sites, the pages you have visited and the links you have followed. We use this information to make our sites and the advertising displayed on them more relevant to your interests. For example, sometimes we use marketing cookies to limit the number of times that you see an advert. Sometimes we share information about your browsing activity, (which we have collected from cookies), with our advertising partners. They may use this information to advertise products, which may interest you, on other sites.
Third Party Links and Services
Transfers to a third country
From time to time, we will need to share your personal information with various third parties and suppliers from outside of the European Economic Area (EEA), such as the USA.
An example of one such third party service is Mailchimp, whom we use for marketing communications.
If we transfer your data to a third party outside the EEA, we have procedures in place to ensure your data receives the same protection as if it was being protected within the EEA. For more information about these protections, please email us at [email protected].
Additionally, any third party service which had customers within the EEA must also conform to the new GDPR rules and protect your data to the same standards.
How long do we keep your personal information for?
We keep your personal information in line with our company’s data retention policies; we will only retain user information for as long as it is required. Should you wish to have your data removed please send a request to be forgotten to [email protected]
Confidentiality and security of your personal information
Photoion Photography believes in the fundamental human right to privacy, and while we realise you may agree to us collecting your personal information in order to provide our services, we do take securing that data very seriously. We will take all reasonable precautions to ensure the security of your personal information from loss, misuse or alteration. All of our employees who have access to and are associated with the processing of your information are legally obliged to respect the confidentiality of the personal information we hold.
We secure access to all transactional areas of our websites using ‘https’ technology and access to your personal data is password-protected.
We use third party services for credit card payments such as Paypal or iZettle and hence do not collect your payment card information. We ensure that any third parties that we use for these services is compliant as a data processor with the GDPR (EU) 2016/679 directives, complies with data security standards and also complies with any international data transfer restrictions.
How to access your information and your other rights
You have the following rights in relation to the personal information we hold about you.
Your right of access: If you ask us, we’ll confirm whether we’re processing your personal information and, if so, provide you with a copy of that personal information. If you require additional copies, we may need to charge a reasonable fee.
Your right to correct information: If the personal information we hold about you is inaccurate or incomplete, you’re entitled to have it corrected. If we’ve shared your personal information with others, we’ll let them know about the changes where possible. If you ask us, where possible and lawful to do so, we’ll also tell you who we’ve shared your personal information with so that you can contact them directly.
Your right to delete information: You can ask us to delete or remove your personal information in some circumstances such as where we no longer need it or if you withdraw your consent (where applicable). If we’ve shared your personal information with others, we’ll let them know about the erasure where possible. If you ask us, where it is possible and lawful for us to do so, we’ll also tell you who we’ve shared your personal information with so that you can contact them directly.
Your right to restrict information: You can ask us to ‘block’ or suppress the processing of your personal information in certain circumstances such as where you contest the accuracy of that personal information or you object to us processing it. It won’t stop us from storing your personal information though. We’ll tell you before we lift any restriction. If we’ve shared your personal information with others, we’ll let them know about the restriction where it is possible for us to do so. If you ask us, where it is possible and lawful for us to do so, we’ll also tell you who we’ve shared your personal information with so that you can contact them directly.
Your right to data portability: With effect from 25 May 2018, you have the right, in certain circumstances, to obtain personal information you’ve provided us with (in a structured, commonly used and machine-readable format) and to reuse it elsewhere or to ask us to transfer this to a third party of your choice.
Your right to object: You can ask us to stop processing your personal information, and we will do so, if we are relying on our own or someone else’s legitimate interests to process your personal information, except if we can demonstrate compelling legal grounds for the processing.
Your rights in relation to automated decision making and profiling: You have the right not to be subject to a decision when it’s based on automatic processing, including profiling, if it produces a legal effect or similarly significantly affects you, unless such profiling is necessary for entering into, or the performance of, a contract between you and us.
Your right to withdraw consent: If we rely on your consent (or explicit consent) as our legal basis for processing your personal information, you have the right to withdraw that consent at any time.
Your right to lodge a complaint with the supervisory authority: If you have a concern about any aspect of our privacy practices, including the way we’ve handled your personal information, you can report it to the UK Information Commissioner’s Office (ICO). You can find details about how to do this on the ICO website at https://ico.org.uk/concerns/ or by calling their helpline on 0303 123 1113.
Last Updated: May 2018