Tony Murphy Photography
In order to comply with the new GDPR legislation (May 2018) Tony Murphy Photography wish to assure our clients and customers that we have reviewed our data protection procedures and that any personal information held by us is done so in a secure manner. We will collect personal information by lawful and fair means and always with the knowledge or consent of the individual concerned. This statement describes how your personal information is collected, used, and shared when you commission our photography or framing services.
Tony Murphy Photography fully respects your right to privacy, and will not collect or publish any personal information about you through this website without your clear permission. Any personal information which you volunteer will be treated with the highest standards of security and confidentiality.
PERSONAL INFORMATION WE COLLECT
Our studio on The Crescent in Boyle is our face to the world and primary point of contact. When you visit, phone or email to avail of our services we may collect certain information from you; your name, phone number, billing address or email. We will collect and use personal information solely for fulfilling those purposes specified by us. We will protect personal information by using security safeguards against loss or theft, as well as unauthorised access, disclosure, copying or modification.
We refer to this information as “Order Information” and deem it essential to identifying customers and processing their work.
As is the nature of our business, we also take photographs of individuals. These are taken directly at the request of our customers. We are regularly invited and contracted to photograph at public and private events. In these instances, we display notification warnings to the effect that being present is taken as consent to being photographed. Children are not photographed without parental/guardian consent. Individuals or groups that make themselves known to us to withdraw consent, are not photographed.
We also provide School Photography services. When ordering photographs, we require; the name of the school, class, parent/guardians name and contact phone number. We deem this information essential to the effective processing of your order, to notify you of your order status and assist you if there is a problem with your order. This information is presented to us by the school in paper form. This data is temporarily, securely stored and returned with fulfilled orders directly to the school. The data is never shared, transferred, copied or used to provide you with targeted advertisements or marketing communications.
When you visit our website, we automatically collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of our website. We collect this information in a way which does not identify individuals. We do not make any attempt to find out the identities of those visiting our website. We will not associate any data gathered from our website with any personally identifying information from any source.
We refer to this automatically-collected information as “Device Information”.
We collect Device Information using the following technologies:
“Cookies” - these are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site. Cookies are necessary to enable you to log into secure areas of our website. Cookies often include an anonymous unique identifier. You can set your browser preferences to reject all cookies but this will prevent you from using most customised services. For more information about cookies, and how to disable cookies, visit http://www.allaboutcookies.org.
“Log files” track actions occurring on our website, and collect data including your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps.
“Web beacons”, “tags”, and “pixels” are electronic files used to record information about how you browse our website.
HOW DO WE USE YOUR PERSONAL INFORMATION?
We use the Order Information that we collect to process and fulfill any orders placed at our studio or through our website (including processing your payment information, arranging for shipping, and providing you with invoices and/or order confirmations). Additionally, we use this Order Information to:
Communicate with you
Notify you if there is an issue with fulfilling the order
Notify you when the order is ready for collection, posting or electronic transfer
We use the Device Information that we collect to help us screen for potential risk and fraud (in particular, your IP address), and more generally to improve and optimise our website (for example, by generating analytics about how our customers browse and interact with our website, and to assess the success of our marketing and advertising campaigns).
SHARING YOUR PERSONAL INFORMATION
We use Shopify to record and process customer orders and provide sales receipts. We do not use credit or debit card scanning devices. We accept cash, cheque or credit transfer as payment for services. On Shopify, we only record customers name and contact phone number. Access to Shopify in-store is password protected.
Our website is hosted on the Wix.com platform. Wix.com provides us with the online platform that allows us to present client photo galleries and sell our products and services to you. Your data may be stored through Wix.com’s data storage, databases and the general Wix.com applications. They store your data on secure servers behind a firewall.
We use Google Analytics to help us understand how our customers use our website (you can read more about how Google uses your Personal Information here: https://www.google.com/intl/en/policies/privacy).
You can also opt-out of Google Analytics here: https://tools.google.com/dlpage/gaoptout.
We DO NOT share personal information with ANY OTHER third parties! When purchasing directly from our studio, orders are identified and processed using name and phone number only. Once the order is fulfilled, personal information is retained as evidence of purchase for our records on Shopify’s database. As a processor of data, Shopify fulfils its own legal obligations under the GDPR.
As part of our business, we regularly share our photography services on our website in the form of client/customer galleries. We may require specific information relating to an event to be posted along side images of the event. The details we share will be agreed with you before publication to a private, password protected gallery. We DO NOT share customer or client photography or personal information on social media platforms without written consent. At any time, you may request for the images to be removed, but please understand that in the case of social media, we cannot be responsible for re-posts/shares.
In the case of School Photography, we DO NOT share images in galleries on our website. We may occasionally ask parents/guardians for consent to use specific images to promote our business. In this case a written contract of acceptable use will be negotiated and agreed.
We DO NOT use your Personal Information to provide you with targeted advertisements or marketing communications!
For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s (“NAI”) educational page at http://www.networkadvertising.org/understanding-online-advertising/how-does-it-work.
WE DO NOT TRACK
Please note that we alter our website data collection and use practices when we see a Do Not Track signal from your browser.
DATA RETENTION AND SECURITY
12.03.2019 This is presently being updated to comply more effectively with GDPR Guidelines. Details will be included here when completed.
Our studio computer hardware uses the most up-to-date Mac OSX platform. Our computer hardware is user defined and password protected. Desktop hard disk data is automatically encrypted using the Mac native FileVault programme. We do not store client photography on our desktop computers.
Presently, client photography is stored on Sophos SafeGuard encrypted removable hard disk drives. Sophos SafeGuard Easy 6.10 encrypts content as soon as it’s created. Synchronised Encryption proactively protects data by continuously validating the user, application, and security integrity of a device before allowing access to encrypted data. When not in use, removable hard disk drives are protected and securely stored off-site.
Our business involves the taking of photographs. As such, we intend to archive such work for the lifetime of the business. This also enables our clients to retrieve past photography commissions, should they require additional copies of prints or digital files. In order to maintain an effective archive, minimum personal data is also retained for the lifetime of the archive.
When you place an order through our website, we will maintain your Order Information for our records unless and until you ask us to delete this information.
Our computer and storage systems use password protected encryption software.
If you are a European resident, you have the right to access personal information we hold about you and to ask that your personal information be corrected, updated, or deleted. If you would like to exercise this right, please contact us through the contact information below.
Additionally, if you are a European resident we note that we are processing your information in order to fulfil contracts we might have with you (for example if you make an order through our website), or otherwise to pursue our legitimate business interests listed above. Additionally, please note that your information will be transferred outside of Europe, including to Canada and the United States.
For more information about our privacy practices, if you have a question or if you would like to make a complaint, please contact us by email at email@example.com or by post using the details provided below:
Tony Murphy Photography,