1.1 We are committed to safeguarding the privacy of our website visitors and service users.
1.2 This policy applies where we are acting as a data controller with respect to the personal data of our website visitors and service users; in other words, where we determine the purposes and means of the processing of that personal data.
1.4 In this policy, “we”, “us” and “our” refer to Photography Unfolded. For more information about us, see Section 8.
2. Data Use
2.1 We may process data about your use of our website and services (“usage data”). The usage data may include your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths, as well as information about the timing, frequency and pattern of your service use. The source of the usage data is our analytics tracking system. This usage data may be processed for the purposes of analysing the use of the website and services.
2.2 We may process your personal information (“personal data”). The personal data may include your name, address, telephone number, email address, gender, date of birth, mailing address. The personal data may be processed for the purposes of operating our website, providing our services, ensuring the security of our website and services, maintaining back-ups of our databases and communicating with you
2.4 We may process information that you provide to us when subscribing to our email notifications and/or newsletters (“notification data”). The notification data may be processed for the purposes of sending you the relevant notifications and/or newsletters.
2.5 We may process any of your personal data identified in this policy where necessary for the establishment, exercise or defense of legal claims, whether in court proceedings or in an administrative or out-of-court procedure. The legal basis for this processing is our legitimate interests, namely the protection and assertion of our legal rights, your legal rights and the legal rights of others.
2.6 We may process any of your personal data identified in this policy where necessary for the purposes of obtaining or maintaining insurance coverage, managing risks or obtaining professional advice. The legal basis for this processing is our legitimate interests, namely the proper protection of our business against risks.
3. Data Sharing
3.1 We may disclose your personal data to any member of our group of companies insofar as reasonably necessary for the purposes, and on the legal bases, set out in this policy. Information about our group of companies can be found in section 8.
3.2 We may disclose your personal data to third-party Service Providers to perform services on our behalf or to provide analysis on our services.
(a) Analytics relating to the usage our website and services are handled by our Analytics Service Provider, Google Analytics. We will share personal data with our Analytics Service Provider only to the extent necessary for the purposes of analyzing the usage of our website and services. You can find information about the Analytics Service Provider privacy policies and practices at https://policies.google.com/privacy.
(b) Advertising relating to our website and services are handled by our Advertising Service Provider, Facebook. We will share personal data with our Advertising Service Provider only to the extent necessary for the purposes of publishing interest-based advertisements. You can find information about the Advertising Service Provider privacy policies and practices at https://www.facebook.com/full_data_use_policy.
(c) Newsletters and email notifications relating to our website and services are handled by our Newsletter Service Provider, Mailchimp. We will share personal data with our Newsletter Service Provider only to the extent necessary for the purposes of sending newsletter and email notifications. You can find information about the Newsletter Service Provider privacy policies and practices at https://mailchimp.com/legal/privacy/.
(d) Event management relating to our website and services are handled by our Event Service Provider, Eventbrite. We will share personal data with our Event Service Provider only to the extent necessary for the purposes of managing events. You can find information about the Event Service Provider privacy policies and practices at https://www.eventbrite.com/privacypolicy/.
(e) Financial transactions relating to our website and services are handled by our Payment Service Provider, Paypal. We will share transaction data with our Payment Service Provider only to the extent necessary for the purposes of processing your payments, refunding such payments and dealing with complaints and queries relating to such payments and refunds. You can find information about the Payment Service Provider privacy policies and practices at https://www.paypal.com/ca/webapps/mpp/ua/privacy-full/.
3.3 We may disclose your personal data to our insurers and/or professional advisers insofar as reasonably necessary for the purposes of obtaining or maintaining insurance coverage, managing risks, obtaining professional advice, or the establishment, exercise or defense of legal claims, whether in court proceedings or in an administrative or out-of-court procedure.
4. Personal Data Transfers
In this Section 4, we provide information about the circumstances in which your personal data may be transferred to countries outside the European Economic Area (EEA).
4.1 We and our other group companies have offices in Canada and the United States. The European Commission has made an “adequacy decision” with respect to the data protection laws of each of these countries. Transfers to each of these countries will be protected by appropriate safeguards.
4.2 The hosting facilities for our website are situated in the United States. The European Commission has made an “adequacy decision” with respect to the data protection laws of each of these countries. Transfers to each of these countries will be protected by appropriate safeguards.
5. Data Retention and Deletion
This Section 5 sets out our data retention policies and procedure, which are designed to help ensure that we comply with our legal obligations in relation to the retention and deletion of personal data.
5.1 Personal data that we process for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.
5.2 We may retain your personal data where such retention is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.
6. Your rights
In this Section 6, we have summarized the rights that you have under data protection law. Some of the rights are complex, and not all of the details have been included in our summaries. Accordingly, you should read the relevant laws and guidance from the regulatory authorities for a full explanation of these rights.
6.1 Your principal rights under data protection law are:
(a) the right to access;
(b) the right to rectification;
(c) the right to erasure;
(d) the right to restrict processing;
(e) the right to object to processing;
(f) the right to data portability;
(g) the right to complain to a supervisory authority; and
(h) the right to withdraw consent.
6.2 To the extent that the legal basis for our processing of your personal data is:
(a) consent; or
(b) that the processing is necessary for the performance of a contract to which you are party or in order to take steps at your request prior to entering into a contract, and such processing is carried out by automated means, you have the right to receive your personal data from us in a structured, commonly used and machine-readable format. However, this right does not apply where it would adversely affect the rights and freedoms of others.
6.3 You may exercise any of your rights in relation to your personal data by written notice to us.
7. Cookies Policy
7.1 A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.
7.2 Cookies may be either “persistent” cookies or “session” cookies: a persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.
7.5 Most browsers allow you to refuse to accept cookies and to delete cookies. The methods for doing so vary from browser to browser, and from version to version. You can however obtain up-to-date information about blocking and deleting cookies via these links:
(a) https://support.google.com/chrome/answer/95647?hl=en (Chrome);
(d) https://support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage-cookies (Internet Explorer);
(e) https://support.apple.com/kb/PH21411 (Safari); and
8. About Photography Unfolded
8.1 Photography Unfolded and all associated properties are owned and operated by Angie McMonigal Photography LLC, registered in the United States.
8.2 You can contact us through our Contact Page at https://photographyunfolded.com/contact/.
8.3 When needed to operate our Services, Photography Unfolded uses the services of and shares data with Michael Muraz Photography, registered in Canada.
This document was created using a template from SEQ Legal (https://seqlegal.com).