Privacy Policy

This policy explains when and why we collect your personal information, how we use it and how we keep it secure.

Short Version…

Paul Crawford is committed to protecting and respecting your privacy.

We NEVER sell, rent or share your personal information with any third parties for marketing purposes.

We only collect data that is necessary for delivering you a product/service or to enhance your customer experience with us.

Under data protection laws you have rights in relation to your personal information that includes the right to request access, correction and erasure.

We will do everything we reasonably can to prevent security breaches and to assist authorities should any breaches occur.

Paul Crawford is the data controller responsible for your personal information and is the person to contact with any Privacy related concerns or issues. His contact email address is paul@paulcrawford.com

By using this site or/and our services, you warrant to us that you are over 16 years of age and you consent to the Processing of your Personal Information as described in this Privacy Policy.

Long Version…

This Privacy Policy is for this website and is provided by Paul Crawford, Ballyclare, Northern Ireland and governs the privacy of those who use it. The purpose of this policy is to explain how we collect, control, handle and protect your personal information while browsing or using this website, including your rights under current laws and regulations.

If you do not agree to the following policy you may wish to cease viewing/using this website.

Policy Key Definations:

  • “I”, “our”, “us” or “we” refer to the business, Paul Crawford
  • “you”, “the user” refer to the person(s) using this website
  • GDPR means the General Data Protection Act
  • PECR means Privacy & Electronic Communications Regulation

Who we are

Paul Crawford is a Photography business based in Ballyclare, Northern Ireland, offering Wedding, Portrait & Commercial Photography & website design and Photographic Tuition. This policy covers the website – paulcrawford.com

Paul Crawford is the data controller responsible for your personal information and is the person to contact with any Privacy related concerns or issues. His contact email address is paul@paulcrawford.com

How do we collect information about you?

Information you have provided us with

This might be your e-mail address, name, billing address, home address etc – mainly information that is necessary for delivering you a product/service or to enhance your customer experience with us. We save the information you provide us with in order for you to comment or perform other activities on the website. This information includes, for example, your name and e-mail address.

If you purchase a product or service from us, your card/payment information is NOT held by us. It is collected by Paypal or Stripe, our third party payment processors who specialise in the secure online capture and processing of credit/debit card transactions.

Information automatically collected about you – Use of Cookies

We use cookies and/or similar technologies to analyse customer behaviour, administer the websites, track users’ movements, and to collect information about users. This is done in order to personalise and enhance your experience with us.

A cookie is a tiny text file stored on your computer. Cookies store information that is used to help make websites work. Only we can access the cookies created by our website. You can remove cookies stored on your computer via your browser settings. Choosing to disable cookies may hinder your use of certain functions. For more information about cookies, visit allaboutcookies.org

We use cookies for the following purposes…

Necessary cookies – these cookies are required for you to be able to use some important features on our websites, such as logging in. These cookies don’t collect any personal information.

Functionality cookies – these cookies provide functionality that makes using our service more convenient and makes providing more personalised features possible. For example, they might remember your name and e-mail in comment forms so you don’t have to re-enter this information next time when commenting.

Analytics cookies – these cookies are used to track the use and performance of our website and services

We use Google Analytics to measure traffic on our websites. Google has their own Privacy Policy which you can review here. If you’d like to opt out of tracking by Google Analytics, visit the Google Analytics opt-out page.

Advertising cookies – Our websites use Google & Facebook Cookies. These cookies are used to deliver advertisements that are relevant to you and to your interests. In addition, they are used to limit the number of times you see an advertisement. They are usually placed on the website by advertising networks with the website operator’s permission. These cookies remember that you have visited a website and this information is shared with other organisations such as advertisers. Often targeting or advertising cookies will be linked to site functionality provided by the other organisation.

Sensitive Information

We do not collect any Sensitive Information about you. Sensitive information refers to data that includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data. We do not collect any information about criminal convictions and offences.

Comments

When visitors to our websites leave comments on our blogs or articles, we collect the data shown in the comments form, and also the visitors IP address and browser user agent string to help spam detection.

An anonymised string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here. After approval of your comment, your profile picture is visible to the public in the context of your comment.

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on any of our websites, we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

Links to other websites

Our websites may contain links to other websites of interest. However, once you have used these links to leave our website, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy policy. You should exercise caution and look at the privacy policy applicable to the website in question.

Please note that some of the links on our websites are affiliate links, and at NO ADDITIONAL COST TO YOU, we may earn a small commission if you make a purchase.

Paul Crawford is also a participant in the Amazon EU Associates Programme, an affiliate advertising programme designed to provide a means for sites to earn advertising fees by advertising and linking to amazon.co.uk.

If you have any concerns about this we suggest you do not click on any external links found throughout our websites.

Email Newsletter

Some of our websites operate an email newsletter program or marketing mailing list, used to inform subscribers about new products/services and special offers.

Users can subscribe through an automated online process should they wish to. Some subscriptions may be manually processed when you purchase certain products/services from our websites as per the terms and conditions of sale.

Email marketing campaigns published by us may contain tracking facilities within the actual email. Subscriber activity, such as the opening of emails, forwarding emails, the clicking of links within the email message and the number of times the email is viewed is tracked and stored for future analysis and evaluation. This information is used to refine any future email campaigns and supply the subscriber with more relevant content based on their activity.

All email marketing campaign messages we send are in accordance with the GDPR and the PECR 2003 and subscribers are given the opportunity to immediately unsubscribe from our lists at any time through an automated system with an “unsubscribe” link at the bottom of each email.

How we use the information about you

We use your personal information in order to provide you with products or services that you have requested and communicating with you in relation to those products and services, either for sales or invoicing, interacting with you and notifying you of changes to any services and to conduct questionnaires concerning client satisfaction.

We review our retention periods for your personal information on a regular basis. We will only hold your personal information on our systems for as long as necessary for the relevant activity, or as long as set out in any relevant contract you hold with us. We are legally required to hold some types of information to fulfil our statutory requirements, for example, HMRC requires us to keep Accounting records for 6 years from the end of the last company financial year they relate to.

Who has access to your information

We will NEVER sell, rent or share your information with third parties for marketing purposes.

Your personal information is shared with our trusted third party service providers to either make the service possible or to enhance your customer experience.

Our sub-processor partners are:

Cloudways Limited – Website Hosting
Amazon Web Services (AWS) – Cloud storage and transactional email delivery
Google Inc – Email, Calendar and Cloud Storage
Acuity Scheduling – Online Appointment Booking
ConvertKit – Email Marketing
Zestia Limited t/as CapsuleCRM – Customer Relationship Management Software
IRIS Software Group Limited t/as Kashflow – Online Accounting Software
Paypal – online payment processing
Stripe – online payment processing
Zenfolio – Online Image storage
One Vision Imaging – Order fulfilment

We require all sub-processor partners to whom we transfer your personal information to respect the security of your personal data and to treat it in accordance with the law and they are all fully GDPR Compliant.

We will disclose your Personal Information to third parties or public officials when we are legally obliged to do so.

How we secure your Personal Information

All our websites are set up securely and use the HTTPS security protocol. All information to and from our websites is therefore transmitted securely and is encrypted. We have software in place to monitor our website for possible vulnerabilities and attacks.

All our websites are websites are scanned for potential malware and vulnerabilities by Sucuri’s SiteCheck. We do not send personal information to Sucuri; however, Sucuri could find personal information posted publicly (such as in comments) during their scan. For more details, please see Sucuri’s privacy policy.

Security logs are retained for 14 days.

This website site is part of a network of sites that protect against distributed brute force attacks. To enable this protection, the IP address of visitors attempting to log into the site is shared with a service provided by ithemes.com. For privacy policy details, please see the iThemes Privacy Policy.

We do NOT hold sensitive payment information on any of our servers or systems. If you purchase a product or service from us, your card/payment information is NOT held by us. It is collected by Stripe or Paypal, our third party payment processors who specialise in the secure online capture and processing of credit/debit card transactions.

All our IT hardware (All Apple Mac OSX operating systems) is kept fully up to date with the relevant security patches and updates from the manufacturer.

When you give us your personal information, we have put in place security measures to prevent this information from being accidentally lost, used, altered, disclosed, or accessed without authorisation.

Even though we try our best we can not guarantee the security of your information. However, we will notify suitable authorities of any data breaches. We will also notify you if there is a threat to your rights or interests. We will do everything we reasonably can to prevent security breaches and to assist authorities should any breaches occur.

Your Legal Rights

The accuracy of your information is important to us.

Under data protection laws you have rights in relation to your personal information that includes the right to request access, correction and erasure. You can read more about these rights here.

If you require a copy of the personal information we hold about you, please contact our data controller.
You will need to provide us with suitable Photographic ID as evidence of who you are.

There is no charge for this (unless we believe the request is manifestly unfounded, repetitive or excessive and then you will be charged a small fee) and we will get the information to you, in a form you can use, within 28 days.

If you wish for the personal information we hold to be permanently deleted, please contact our data controller.
You will need to provide us with suitable Photographic ID as evidence of who you are.

We are legally required to hold some types of information to fulfil our statutory requirements, for example, HMRC requires us to keep Accounting records for 6 years from the end of the last company financial year they relate to.

If you wish to raise a complaint about how we have handled your personal information, in the first instance you should contact our data controller who will investigate the matter.

Data Controller

Paul Crawford is the data controller responsible for your personal information and is the person to contact with any Privacy related concerns or issues. His contact email address is paul@paulcrawford.com

If you are still not satisfied with his response or believe we are processing your personal information in a way that is not in accordance with the law you can complain to the Information Commissioner’s Office – ICO website

We may change this policy from time to time so please check this page occasionally to ensure that you’re happy with any changes. You can contact us at paul@paulcrawford.com if you have any questions or problems regarding the use of your Personal Information and we will gladly help you.

By using this site or/and our services, you warrant to us that you are over 16 years of age and you consent to the Processing of your Personal Information as described in this Privacy Policy.

The last modification to this policy was made on 8th July 2018.

>