General Data Protection Regulation Policy (GDPR)
General Data Protection Regulation (GDPR) that is in force on 25 May 2018. We therefore wanted to take this opportunity to explain the basis on which we collect such data and make it available to you.
Who we are?
What personal data we collect and why we collect it
We collect a variety of data in order to deliver our services and we will manage your personal data transparently, fairly and securely.
We only store or process data which you have given directly to us and which we need to run our business.
We may ask you to provide us the following data –
First and last names, contact numbers, email and postal addresses.
We also create and collect images as part of your personal data. These are necessary as the service we provide is photography based.
Sharing your data
We do not share your data with any third party. On the extremely rare occasion where we work with an external photobooth company for your booking, we will seek written consent to share your booking details with the new supplier and this information will only be shared when the approval has been expressed.
We do not share any data to any other companies for marketing purposes.
There are also certain situations in which we may share access to your personal data without your explicit consent; for example, if required by law, to protect the life of an individual, or to comply with any valid legal process, government request, rule or regulation.
How do we keep your personal data secure?
We keep your data secure and only accessible by trained members of our team.
In the unlikely event of a criminal breach of our security we will inform the relevant regulatory body within 72 hours and, if your personal data were involved in the breach, we will also inform you.
You have the following rights
The right to be informed about the collection and use of your personal data, the right of access to your personal data and any supplementary information, the right to have any errors in your personal data rectified, the right to have your personal data erased, the right to block or suppressing the processing of your personal data, the right to move, copy or transfer your personal data from one IT environment to another, the right to object to processing of your personal data in certain circumstances, and, rights related to automated decision-making (i.e. where no humans are involved) and profiling (i.e. where certain personal data is processed to evaluate an individual).
While we do not hold personal data any longer than we need to. The duration will depend on your relationship with us, and whether it is ongoing. We may keep some of your personal data for up to seven years from the date of your event.