PRIVACY NOTICE
This is a very long page of information so here is quick summary of the important things to remember … (the full policy details are below, edited 14/11/2023)
Regarding access to your own information : At any time you may review or update personally identifiable information that we hold about you, by sending a request to info@gillmaheu.com
Regarding removal of your information : If you wish us to remove personally identifiable information from our website, you may contact us at info@gillmaheu.com (important please add DELETE to the subject line of your message). This may limit the service we can provide to you.
Regarding verification of your information : When we receive any request to access, edit or delete personal identifiable information we shall first take reasonable steps to verify your identity before granting you access or otherwise taking any action. This is important to safeguard your information.
How you can complain : If you are not happy with our privacy policy or if have any complaint, then you should tell us by email. Our address is info@gillmaheu.com. (please add COMPLAINT in the subject line)
If a dispute is not settled, then we hope you will agree to attempt to resolve it by engaging in good faith with us in a process of mediation or arbitration. If you are in any way dissatisfied about how we process your personal information, you have a right to lodge a complaint with the authorities.
Review of this privacy policy
We may update this privacy notice from time to time as necessary. If we make changes, we will change the date at the top of this Policy, and if the changes are significant, we may provide you with additional notice such as adding a statement to the homepage of www.gillmaheu.com. Please check this Policy regularly to see details about our information practices and the different ways you can help protect your privacy. We advise you to print a copy for your records.
If you have any question regarding our privacy policy, please contact us at info@gillmaheu.com
(written 24/05/2018, edited for new information 14/11/2023)
PRIVACY POLICY for GILL MAHEU PHOTOGRAPHY
As of 25 May 2018 the new General Data Protection Regulation (GDPR) comes into force across the European Union – the aim of the text is to give people much more control over how their personal data is stored and used.
The law requires us to tell you about your rights and our obligations to you in regards to the processing and control of your personal data, and whilst we have done our very best to be as transparent and concise as possible explaining how it affects you and your personal data when working with Gill Maheu Photography & www.gillmaheu.com we STRONGLY advise you to read the full official text here : https://gdpr-info.eu/
1: INTRODUCTION
As a basic summary the General Data Protection Regulations gives people more power to protect their personal data with several rights regarding their personal data including:
The right of access by the data subject – the citizen has the right to know what data is being collected about them, why it’s being collected and how it’s being used.
The right to rectification: the citizen has the right to have data modified or updated.
The right to erasure (the right to be forgotten) : the citizen has the right to have their private data removed completely.
The right to restriction of processing: The citizen has the right to restriction of processing for example if the accuracy of the personal data is contested or the processing is unlawful
The right to data portability: the citizen has the right to receive a copy of the personal data concerning him or her
The right to object
The Right to withdraw data protection consent – the citizen has the right to withdraw his or her consent to processing of his or her personal data at any time.
This Privacy Policy will explain how your data is collected and used at Gill Maheu Photography. If you have any questions please feel free to contact us at info@gillmaheu.com.
2: ABOUT US
This site is run by Gill Maheu for Gill Maheu Photography – in this document “we”, “our” or “us” refers to Gill Maheu Photography. Our business address is Gill Maheu Photography, Combachenex, 74150 Massingy, France.
3: LEGAL BASIS FOR PROCESSING YOUR PERSONAL INFORMATION
The General Data Protection Regulation requires us to have a “legal basis” for processing (using) your personal data. The legal basis we rely on are:
– Where we have your specific consent to use your personal information for a specific purpose (for example, where we contact you by email).
– Where we process your personal information for our legitimate interests which includes the interests of Gill Maheu Photography to conduct and manage our services to allow us to give you the best possible service and most secure experience. Of course we will consider you and your rights and the impact upon them before processing your personal information. Where the processing of personal information is necessary to perform a contract with you (for example, where you have purchased a product from us).
– Where the processing of personal information is necessary to comply with a legal or regulatory obligation that applies to us (for example, in some instances, we may be required to share your information with law enforcement agencies or other regulators).
4: OUT SOURCED SERVICES
Our website is hosted in the United Kingdom and we may also use outsourced services in countries outside the European Union from time to time in other aspects of our business, but they are all GDPR compliant.
The website is hosted by 34SP – here is their GDPR compliant Privacy Policy https://www.34sp.com/securityandprivacy
Our Client Management software company is LightBlue Software – here is their GDPR compliant Privacy policy – https://www.lightbluesoftware.com/legal/privacy_notice.php . We use Lightblue management software in order to organise and work with all our clients. Your information will be transferred to LightBlue Software Limited. Only Gill Maheu Photography will have access to your personal data stored on LightBlue’s system on behalf of Gill Maheu Photography. It will not be used for any other marketing purposes and will not be passed onto any third parties. LightBlue’s technical support team will have the means to access to your personal data but will never access or share this data other than by request from Gill Maheu Photography.
The client picture galleries are hosted by Pixieset – here is their GDPR compliant Privacy policy – https://pixieset.com/privacy/ (see part 19)
Our Album design service is provided by StompSoftware who are also GDPR compliant see here – http://www.stompsoftware.com/privacy-policy/
5: INFORMATION WE COLLECT WHEN YOU VISIT OUR SITE
We take seriously the protection of your privacy and confidentiality. We understand that all visitors to our website are entitled to know that their personal data will not be used for any purpose unintended by them, and will not accidentally fall into the hands of a third party other than stated above.
We undertake to preserve the confidentiality of all information you provide to us, and hope that you reciprocate.
We will collect personal information that you provide to us when you choose to get in contact with Gill Maheu Photography via the contact form (https://gillmaheu.com/contact/ ). to enquire about Gill Maheu Photography’s wedding or other photography services. By completing this contact form you agree to Gill Maheu contacting you about Gill Maheu Photography’s wedding or other photography services. You will not be added to any mailing lists and will only be contacted by Gill Maheu personally in relation to your enquiry.
The data from the contact form is emailed to info@gillmaheu.com via our studio management company (LightBlue Software) and also stored on the website server. The website server is accessible by the website administrators for www.gillmaheu.com.
Your personal details are added to our studio management software, BUT will not be used for any marketing purposes nor will they be passed onto any third parties.
At any time you may review or update personally identifiable information that we hold about you, by sending a request to info@gillmaheu.com
If you wish to request for any email(s) containing your personal information to be deleted, please email info@gillmaheu.com (important please add DELETE to the subject line of your message.
6: CLIENT DATA HELD ON FILE
We take care over the processes around looking after personal data stored on our physical systems Gill Maheu Photography holds the following personal data of clients: i) names ii) addresses iii) phone numbers iv) contracts v) timelines and other information pertinent to the service being provided within our password protected Client Management software on our password protected home office PC. Hard copy contracts are filed in our secure home office.
Client photos are safely stored within our password protected home office PC and backed up to external hard drives stored in locked cabinets.
7: SENDING A MESSAGE TO OUR TEAM
When you contact us, whether by telephone, through our website or by e-mail, we collect the data you have given to us in order to reply with the information you need. We record your request and our reply in order to increase the efficiency of our business.
We keep personally identifiable information associated with your message, such as your name and email address so as to be able to track our communications with you to provide a high quality service
8: INFORMATION WE OBTAIN FROM THIRD PARTIES
Although we do not disclose your personal information to any third party (except as set out in this notice), we sometimes receive data that is indirectly made up from your personal information from third parties whose services we use.
We use Google Analytics which provides us with information regarding how many people visit our site, the pages they visit and their general location. This information is used solely for the purpose of ensuring our Website and our services are directed towards what our clients wish to see and what they would like to receive from us. No such information is personally identifiable to you.
9: RETENTION PERIOD FOR PERSONAL DATA
Except as otherwise mentioned in this privacy notice, we keep your personal information only for as long as required by us:
– to provide you with the services you have requested;
– to comply with other law, including for the period demanded by our tax authorities (10years);
– to support a claim or defence in court.
10: COOKIES
We will also collect certain information automatically when you visit our Site when you access our Site, we use “cookies” to make it easier for you to use our Site. These cookies record data about the pages you browse and the activities you carried out during your visit. Further details about our use of cookies is set out in our Cookie Policy here;
11: E MAILING LISTS
At the present time we do not use email lists – should we change this in the future you would of course be notified before being added to the list and given the option to opt out.
12: ENCRYPTION OF DATA
Please note the small green padlock in your browser. That means this website is secured using SSL (Secure Sockets Layer) technology. This ensures the website is safe, protected from hackers and information is encrypted for extra security.
13: EXTERNAL LINKS
Although this website only looks to include quality, safe and relevant external links, users are advised adopt a policy of caution before clicking any external web links mentioned throughout this website. (External links are clickable text / banner / image links to other websites.)
The owners of this website cannot guarantee or verify the contents of any externally linked website despite their best efforts. Users should therefore note they click on external links at their own risk and this website and its owners cannot be held liable for any damages or implications caused by visiting any external links mentioned.
14: SOCIAL MEDIA PLATFORMS
Communication, engagement and actions taken through external social media platforms that this website and its owners participate on are custom to the terms and conditions as well as the privacy policies held with each social media platform respectively.
Users are advised to use social media platforms wisely and communicate / engage upon them with due care and caution in regard to their own privacy and personal details. This website nor its owners will ever ask for personal or sensitive information through social media platforms and encourage users wishing to discuss sensitive details to contact them through primary communication channels such as by telephone or email.
This website may use social sharing buttons which help share web content directly from web pages to the social media platform in question. Users are advised before using such social sharing buttons that they do so at their own discretion and note that the social media platform may track and save your request to share a web page respectively through your social media platform account.
15: SHORTENED LINKS IN SOCIAL MEDIA
This website and its owners through their social media platform accounts may share web links to relevant web pages. By default, some social media platforms shorten lengthy URLs [web addresses] (this is an example: http://goo.gl/fbsS).
Users are advised to take caution and good judgement before clicking any shortened URLs published on social media platforms by this website and its owners. Despite the best efforts to ensure only genuine URLs are published many social media platforms are prone to spam and hacking and therefore this website and its owners cannot be held liable for any damages or implications caused by visiting any shortened links.
16: THIRD PARTY MARKETING
We do not sell on your information to any third parties for marketing or other purposes.
17: THIRD PARTY ADVERTISING ON OUR WEBSITE
Third parties may not advertise on our website.
18: FACIAL RECOGNITION SOFTWARE
When the images are processed in Lightroom and Photoshop no facial recognition data is added to the image. Please check whether you have disabled the Facial recognition option in Facebook etc to avoid it being activated there.
19: CLIENTS AND WEDDING GUESTS CAPTURED IN PHOTOS
Under GDPR legislation, a photograph may in some instances constitute a form of personal data where they can be processed to allow “the unique identification or authentication of a natural person”. Gill Maheu Photography will never photograph an individual as a means of unique identification or authentication unless consensually contracted to do so. Guests at weddings appear in photos taken by Gill Maheu Photography as a part of the visual recording of the event in photos. Guests captured in portraits or in group photos do so as part of the event and their rights are protected by Gill Maheu Photography as detailed in this privacy policy.
In terms of explicit GDPR compliance, Wedding clients and guests are photographed within the parameters of GDPR legislation on the basis of ‘legitimate interests’. The taking of photographs of wedding guests when viewed as a form of processing personal data is necessary for the legitimate interests of Gill Maheu Photography as a photography business unless there is a good reason to protect a given individual’s personal data which overrides those legitimate interests.
Operating within the parameters of legitimate interests as laid out in GDPR legislation, the disproportionate effort involved in providing privacy policy information to all wedding guests at the event and the degree to which it would distract us from performing our job renders it infeasible to do. Wedding clients are therefore requested in their contract to direct their guests to read this privacy policy in advance of the event and to advise them to contact us in advance with any concerns around the processing of their personal data, namely being photographed.
20: USE OF THE IDENTIFIABLE IMAGE
In accordance with GDPR regulations, clients have several options where it comes to image display. While it definitely benefits Gill Maheu Photography as a business to be able to show new, regular and exemplary work via this site or corresponding social media channels, and/or to share these images with co-suppliers e.g. wedding venues, it is recognised that certain clients may wish to place limitations on this sharing.
Therefore clients have the right to request any of the following:
– anonymised accompanying text;
– use of initials only;
– online photograph samples showing unidentifiable images only;
– online photograph samples showing non-people images (details only);
or to fully request no online images to be shared.
In addition, clients may request in writing that identifiable and commissioned images be erased from online sources (website, blog, Facebook page, Instagram page) at any future point in time by contacting info@gillmaheu.com (important please add DELETE to the subject line of your message).
Any image data will be used appropriately and with consent (your contract).
For any other questions or concerns, please contact me I will be more than happy to answer your questions.
21: CLIENT GALLERIES
Gill Maheu Photography creates a client gallery for each client to whom photos are delivered as part of the services contracted. The client galleries are externally hosted currently by PixieSet. The link to their privacy policy can be found above.
To access client gallery, you will be asked to enter personal data (email address and a password). The personal data (email address) is stored within Pixieset, and on their servers and will be used to email you to let you know that your Gallery is available to view. Once you have accessed their gallery with the PIN number and made your selection for the album choices you can request for the gallery to be removed. Any such emails sent to you will only be during the year for which the gallery is live. After a year the gallery will be automatically deleted and your personal data (email address) is removed from Pixieset.
Only Gill Maheu will have access to your email address on Pixieset. It will only be used as detailed above, will not be used for any other marketing purposes and will not be passed onto any third parties. PixieSet’s technical support team will have the means to access to your personal data (email address) but will never access or share this data other than by request from Gill Maheu.
If you do not wish for your email to be in Pixieset we suggest that you do not log into any Gill Maheu Photography client galleries. You can arrange to come to the office for an In Person sales session.
We cannot guarantee or verify the contents of any externally linked website despite our best efforts. Users should therefore note that they click on external links at their own risk and we cannot be held liable for any damages or implications caused by visiting any external links mentioned
22: INFORMATION RELATING TO YOUR METHOD OF PAYMENT
Your payment information is never taken by us or transferred to us either through our website or otherwise. We provide you with our banking details or should you choose it the address to which a cheque should be sent. We do not, at this time, provide a means for Direct Debit set up or payment.
23: SENSITIVE DATA.
We will never ask for this sort of personal data from you. What is sensitive data? The definition of sensitive data is data consisting of your ethnic or racial origins, your political opinions, religious or philosophical beliefs, if you have trade union membership, about your genetic or biometric data, data concerning your health or data concerning a natural person’s sex life or sexual orientation.
Wow you’ve got this far well done ! It carries on below …. (yes I know it’s really really long !)
In case you are wondering what we actually do with your info when we work together the following is a (relatively) brief explanation of how why and when we use your information.
When you contact Gill Maheu Photography we will reply to your enquiry. The information you supply via the contact form or that is left on a voicemail etc will be entered into the Client Management software so that we can keep track of our exchanges. After that there are two scenarios :
If having received our reply you decide that you don’t want to work with Gill Maheu Photography we will keep your details on file for 24 months in case you get back in contact referring to our previous offer. It will then be deleted. In no case will your details ever be given or sold to a third party.
OR
If you decide you would like to work with Gill Maheu photography – we will keep all our exchanges (emails or on the Client Management software) so that we can refer back to them if the needs arise. When we have everything agreed upon we will send you a contract (hard copy), one copy for you and one for us. This will be filed away in a secure filing cabinet.
After the shoot (wedding, lifestyle, portrait, etc, …) we will work on your photos on the password protected PC and then upload the final selection of images to our online gallery provider Pixieset (who are GDPR compliant). You will be sent a link and a password to log in with and you have to give them an email address – that is all the information that they hold about you. The gallery will be live for 12 months after you have made your choices in case you want to reorder photos etc, then it will be deleted. Important – if you do not want to use this gallery system we can arrange for you to come to the office to see your images in person. In no case will print proofs or digital copies be sent out to you for approval.
In the case of an album: once your photo choices have been made we will design the album and then upload the proofs to the fabulous virtual album software Album Exposure (GDPR compliant) so that you can see the different versions of your album and approve or make any changes necessary. You will be sent a link and a password to connect to your album. Your album versions are deleted 6 months after your approval.
When the approval is given I then make the finishing touches to the album and upload it to the album manufacturers – they have no information about you.
With other products : you may be sent versions for proofing via email.
Your information will be kept on file for up to 10 years, this is because of legal requirements for tax etc. Your information will not be given or sold to third parties.
As we own the intellectual property rights in the images we will be storing the files in our database for our future reference, use and inspiration.
USE OF YOUR IMAGES – We will talk about this in more detail when we meet (or you can get in contact now) but as a quick reminder:
BLOG /WEBSITE
With your permission we will use some of the images from our photo session on our site & blog. Photos are the only way of showing what we do and so are incredibly important to us. There is a good chance that you found us through looking at our photos on our site and deciding that it was a style you liked and that you could picture yourself in similar images in the future. One thing we can promise is that you will not be identified by name on our blog or site, we only use initials.
Also another important point is that we do not activate facial recognition software in our processing and we strongly advise that you turn it off as an option in Facebook etc as we can’t be responsible for images being tagged from your software.
We totally understand if you do not wish to be featured on the blog with identifiable images but we would be incredibly grateful if you would allow us to use unidentifiable images of you (hands, shoes, looking away, in the distance etc) as, especially in the case of weddings, this allows us to show that we are working and also link to the fabulous venue that you have chosen so that when future clients do an image search on the venue our photos come up in the search. There are examples of this on the blog which we can show you on request.
We can talk about all this in much greater detail and of course should you change your mind about a photo or even photos let us know and we will remove them for you as soon as possible.
FACEBOOK & INSTAGRAM
Gill Maheu Photography does use some images on Facebook and Instagram for promotion but names are never used and you are not tagged unless previously agreed upon (for example models).
However if you would like to be tagged let us know and we will happily tag you in the images. If you don’t want Gill Maheu Photography to use photos of you on Facebook or Instagram please let us know.
MARKETING
We are very proud of the images that we create here at Gill Maheu Photography and of course we may want to use the beautiful images from our photo session in our marketing (brochures, PDFs, stickers, trifolds, business cards etc) to showcase our work. Your names and other information will not appear on the marketing material. However if you do not want me to use images of you please let us know and of course they will be removed.
EMAIL LISTS
Gill Maheu Photography doesn’t have any email lists at the time of writing. We may contact you with information if for example you tell us you are expecting a new arrival we may send you information about family lifestyle photography sessions but you will not be added to any lists.
If we ever decide to set up a list, you may be contacted about it and if so of course given the possibility to subscribe or unsubscribe from it.
We definitely do not give or sell your information to any third parties – promise !
If we have any recommendations for you, for example other wedding suppliers in the run up to your wedding, we will give YOU the company’s details so that you can contact them if their services are of interest, NOT the other way round.
ADMINISTRATION
Administration being what it is we are legally obliged to keep certain details for a given amount of time, contracts, invoices, etc
As we own the intellectual property rights in the images we will be storing the image files in our database for our future reference, use and inspiration.
LEGAL
The only reason for passing information on to third parties is if we are legally obliged to.
HARD COPIES – All hard copy information is stored in locked filing cabinets in our offices.
DIGITAL FILES
Client details are kept under password protection on our Client Management software on (further) password protected machines (office PC and iphone).
Files are kept on our password protected PC.
Further copies are kept on external hard drives kept under lock and key.
Because of the broadband strength we do not use cloud based storage facilities.
WEBSITE – As you can see from the little green padlock top left of your browser https://www.gillmaheu.com is SSL protected
If you have any question regarding our privacy policy, please contact us at info@gillmaheu.com
Directrice de la publication et responsable de la rédaction:
Gill Maheu
59 route du Tilleul, 74150 Massingy, France
Tél : 06 73 15 95 27
Siret: 512 560 574 00018 Code APE: 7420Z
TVA non applicable – Art.293B du Code Général des Impôts
Propriété intellectuelle : Gill Maheu . Tous droits reservés. Toute représentation ou reproduction, intégrale ou partielle du contenu de ce site faite sans le consentement de l’auteur Gill Maheu est illicite selon le code de la propriété intellectuelle (Art. L. 122-4) et constitue une contrefaçon réprimée par le Code Pénal
Vous pouvez me contacter via mon formulaire de contact
Créateur du site: Gill Maheu, Gill Maheu Photography
Hébergeur : 34SP.com – 34SP.com Ltd, 4th Floor, 37 Turner Street, Manchester, M4 1DW Tél : +(44) 161 987 3434
Vos données personnelles peuvent être collectées si vous nous laissez votre adresse mail. Ces données sont conservées par notre équipe, mais ne feront pas l’objet de cession à des partenaires commerciaux à des fins de prospection commerciale.
Conformément à la loi Informatique et Libertés du 6 août 2004 (art. 34 et s.) vous disposez d’un droit d’accès, de rectification, de modification et de suppression sur l’ensemble des données qui vous concernent. Pour exercer ce droit, vous pouvez me contacter via mon formulaire de contact
