Privacy Policy

My website address is: www.nickbrightman.com

Here at NICK BRIGHTMAN PHOTOGRAPHY I take your pri­va­cy very seri­ous­ly. This pri­va­cy pol­i­cy has been pre­pared in line with the Gen­er­al Data Pro­tec­tion Reg­u­la­tion (GDPR), which pro­motes fair­ness and trans­paren­cy for all indi­vid­u­als in respect of their per­son­al data. This pri­va­cy pol­i­cy applies to all data I process, and by using NICK BRIGHTMAN PHOTOGRAPHY you con­sent to the col­lec­tion and use of such data

1. The Data I Collect

As a data con­troller I col­lect a vari­ety of data in order to deliv­er my ser­vices, and I will man­age your per­son­al data trans­par­ent­ly, fair­ly and securely.

Active Data Collection

I may ask you to pro­vide me with the fol­low­ing data –

  • Iden­ti­ty Data may include your first name, last name, title and gender
  • Con­tact Data may include your home address, deliv­ery address, email address and tele­phone numbers
  • Finan­cial Data may include your bank account  details.
  • Trans­ac­tion Data may include records of pay­ments made by you and details of pur­chas­es made.
  • Tech­ni­cal Data may include your IP address­es, brows­er type, time zone and loca­tion, oper­at­ing sys­tem and plat­form and oth­er tech­nol­o­gy on the devices you use to access our site.
  • Usage Data may include infor­ma­tion about how you use our web­site, prod­ucts and services.
  • Mar­ket­ing and Com­mu­ni­ca­tions Data may include your pref­er­ences in receiv­ing mar­ket­ing com­mu­ni­ca­tions from us and our third par­ties and your com­mu­ni­ca­tion preferences.
  • Obvi­ous­ly being a pho­to­graph­ic busi­ness I also cre­ate and man­age images as per our con­trac­tu­al agreement(s)

I use the above date to deliv­er my ser­vice to you, for mar­ket­ing pur­pos­es, to per­son­al­ize your expe­ri­ence and to pro­vide account access

I col­lect the above data on the fol­low­ing law­ful basis, to arrange or ful­fill a con­tract and to meet my legal oblig­a­tion under said contract

Pas­sive Data Collection

​As you nav­i­gate through a Web site, cer­tain infor­ma­tion can be pas­sive­ly col­lect­ed (that is, gath­ered with­out your active­ly pro­vid­ing the infor­ma­tion) using var­i­ous tech­nolo­gies and means, such as Inter­net Pro­to­col address­es, cook­ies, Inter­net tags, and nav­i­ga­tion­al data collection.

This site may use Inter­net Pro­to­col (IP) address­es. An IP Address is a num­ber assigned to your com­put­er by your Inter­net ser­vice provider so you can access the Inter­net and is gen­er­al­ly con­sid­ered to be non-per­son­al­ly iden­ti­fi­able infor­ma­tion, because in most cas­es an IP address is dynam­ic (chang­ing each time you con­nect to the Inter­net), rather than sta­t­ic (unique to a par­tic­u­lar user’s com­put­er). I use your IP address to diag­nose prob­lems with my serv­er, report aggre­gate infor­ma­tion, deter­mine the fastest route for your com­put­er to use in con­nect­ing to my site, and admin­is­ter and improve the site.

A “cook­ie” is a bit of infor­ma­tion that a Web site sends to your Web brows­er that helps the site remem­ber infor­ma­tion about you and your pref­er­ences. This site uses cookies.

“Ses­sion” cook­ies are tem­po­rary bits of infor­ma­tion that are erased once you exit your Web brows­er win­dow or oth­er­wise turn your com­put­er off. Ses­sion cook­ies are used to improve nav­i­ga­tion on Web sites and to col­lect aggre­gate sta­tis­ti­cal infor­ma­tion. This site uses ses­sion cookies.

“Per­sis­tent” cook­ies are more per­ma­nent bits of infor­ma­tion that are placed on the hard dri­ve of your com­put­er and stay there unless you delete the cook­ie. Per­sis­tent cook­ies store infor­ma­tion on your com­put­er for a num­ber of pur­pos­es, such as retriev­ing cer­tain infor­ma­tion you have pre­vi­ous­ly pro­vid­ed (e.g., pass­words), help­ing to deter­mine what areas of the Web site vis­i­tors find most valu­able, and cus­tomiz­ing the Web site based on your pref­er­ences. This site uses per­sis­tent cookies.

 “Nav­i­ga­tion­al data” (“log files”, “serv­er logs”, and “click­stream” data) are used for sys­tem man­age­ment, to improve the con­tent of the site, mar­ket research pur­pos­es, and to com­mu­ni­cate infor­ma­tion to vis­i­tors. The infor­ma­tion col­lect­ed for these pur­pos­es is the IP address that request­ed the web page. This site uses nav­i­ga­tion­al data.

2. Which third par­ties do I share Per­son­al Data with?

I may share per­son­al data with the fol­low­ing third parties:

Google Ana­lyt­ics and Google Calendar

Zoho Email system

Mailchimp email mar­ket­ing system

Tave client man­age­ment system

Pix­ieset image host­ing galleries

Album man­u­fac­tur­er

Print lab

Site­ground — web­site host

Back­blaze — Data back­up provider

I require all third par­ties to whom I trans­fer your data to respect the secu­ri­ty of your per­son­al data and to treat it in accor­dance with the law. I only allow such third par­ties to process your per­son­al data for spec­i­fied pur­pos­es and in accor­dance with my instructions

I may trans­fer per­son­al data to a coun­try out­side of the Euro­pean Eco­nom­ic Area (EEA) if nec­es­sary eg if a third par­ty I utilise could have servers locat­ed out­side of the EEA. If this is the case, I will either obtain your con­sent or oth­er­wise ensure that the trans­fer is legal and your data is secure by fol­low­ing the EU’s guidelines.

3. Why do I share your Per­son­al Data with the above?

I share your date in order to deliv­er my ser­vice to you, for mar­ket­ing pur­pos­es, to per­son­al­ize your expe­ri­ence and to pro­vide account access

4. How do I keep your per­son­al data secure?

I keep your date secure by fol­low­ing inter­nal poli­cies of best prac­tice, encryp­tion and pass­words and by using secure sock­et lay­er (SSL) tech­nol­o­gy when infor­ma­tion is sub­mit­ted to me online

In the unlike­ly event of a crim­i­nal breach of my secu­ri­ty I will inform the rel­e­vant reg­u­la­to­ry body with­in 72 hours and, if your per­son­al data were involved in the breach, I will also inform you.

5. Changes to my pri­va­cy pol­i­cy and control

I may change this pri­va­cy pol­i­cy from time to time. When I do, I will let you know by chang­ing the date on this pol­i­cy, noti­fy­ing cus­tomers of only sig­nif­i­cant changes. By con­tin­u­ing to access or use my ser­vices after those changes become effec­tive, you agree to be bound by the revised pri­va­cy policy.

6. You have the fol­low­ing rights -

  • the right to be informed about the col­lec­tion and use of your per­son­al data
  • the right of access to your per­son­al data and any sup­ple­men­tary information
  • the right to have any errors in your per­son­al data rectified
  • the right to have your per­son­al data erased
  • the right to block or sup­press­ing the pro­cess­ing of your per­son­al data
  • the right to move, copy or trans­fer your per­son­al data from one IT envi­ron­ment to another
  • the right to object to pro­cess­ing of your per­son­al data in cer­tain circumstances
  • rights relat­ed to auto­mat­ed deci­sion-mak­ing (i.e. where no humans are involved) and pro­fil­ing (i.e. where cer­tain per­son­al data is processed to eval­u­ate an individual)
  • ​I also give you the option to man­age your data via email 

While I do not hold per­son­al data any longer than I need to, the dura­tion will depend on your rela­tion­ship with me, and whether it is ongo­ing. I may keep some of your per­son­al date for up to 7 years after my work­ing con­tract with you has fin­ished for tax leg­is­la­tion pur­pos­es. After this time I will archive your pho­tographs indef­i­nite­ly along with your rel­e­vant details and con­sent forms. This is due to requests for replace­ment images being made sev­er­al years after being taken

7. Your accep­tance of these terms

By using my web­site and ser­vices, you sig­ni­fy your accep­tance of this pol­i­cy. If you do not agree to this pol­i­cy, please do not use my ser­vices. Your con­tin­ued use of my site fol­low­ing the post­ing of changes to this pol­i­cy will be deemed your accep­tance of those changes.