Hello and welcome! If you find yourself here it’s probably because you care alot about your data privacy. Either that or you’ve taken a wrong turn! Either way you need to know about GDPR. GDPR stands for General Data Protection Regulations, and is the new regulations in place to protect you and your personal data, to make sure your data isn’t used inappropriately or sold on to those helpful folks who keep calling to let you know you have a huge PPI cheque waiting for you! You may be here to find out if faces are personal data, this has yet to be determined. For now. What we do need to do is be compliant in handling the written information you give to me. So here is Patrick Hollins Photography’s brand new GDPR compliant privacy policy:

​

Personal Data I Collect

​

I like to refer to my clients by their name so I’ll collect that, I’ll collect your email address so that we can talk, your mobile number so I can call you on the day if I can’t find you, your address if I need to post you the photographs or if the address is also the location of either a meeting or part of the event. All of this is necessary for me to do my job and provide you with great service.

​

How I Collect And Keep Your Personal Data

​

There are two simple way I collect my data. Through my contact form on my website, or through direct email. Both of these arrive in my secure email inbox which is tightly passworded and no one else has the password to. If you decide to book me your data will be stored on my spreadsheet, which is only accessible to me, through another secure password. If you enquire but decide not to book me, all your personal data will be deleted.

​

Right Of Confirmation, Access, Rectification and Erasure

​

I take your data seriously. If you ever have any questions about how it’s being handled or want to see what I have kept just drop me an email. If some of it is incorrect, you have the right to correct it, which would be really useful for me as well! If you want me to delete all your data, you can ask me to do that too, and I’ll go ahead and get rid of it all. Although preferably not before the event, otherwise I won’t know where to go! I usually keep your contact details until after you’ve had a month to download your images. After this point, by all means I can and will happily delete all your data.

​

Use Of Your Data

​

Keeping it simple, I’m not going to pass on your details to third parties. Your details are mainly going to be used for us to communicate about your booking. The only other time I might use it is to communicate to you about something we have talked about, like a great place to get your photos printed. Your email won’t be given to anyone else, even if I have a second photographer with me. I may pass on the address of the shoot and your number to a second photographer, incase we don’t travel together, again so they don’t get lost! I will ask you for a review after the event, you’re under no obligation to give me one, but I’d really be grateful if you would! This review will make its way onto my website to help more great customers to decide if they want to work with me. If you’d rather I didn’t use it then just say and consider it between just us, just like all your data.

​

Use Of Your Face Data

​

The Eu hasn’t got specific about photographs yet, other than we need to demonstrate reasonable and legitimate use. I won’t be selling your photos to be used on a data app billboard. If a third party is interested in licensing a photo, I’ll ask you first. Sometime you might want to sell it, but simply it won’t happen without your approval. There are a couple of things that I do do with your photos though, because it helps me run my business. I’ll use your photos on my website, portfolio and social media outlets. I do ask people to opt into this in my consent forms, but you can always opt to keep your photos to yourself. If you don’t mind but there is a guest that might, kindly point them out on the day and I’ll make a note to make sure any photos they feature in aren’t used. I keep your wonderful photos on an encrypted hard drive, with one encrypted backup (just in case my hard drive blows up). No one else knows how to get onto these.

​

Summary

​

In short GDPR is all about making sure I’m not going to abuse your information, which I wouldn’t do anyway because I’m a nice guy, but I have to make this totally interesting statement to set out my stall. I hope you enjoyed reading it, if you have any questions or complaints let me know!

​