Thank you for visiting our website. We are committed to protecting the privacy of your data and this policy explains what we collect and how we use your personal information. This policy may be amended so we encourage you to review this policy from time to time to stay informed of any changes that might affect you.
In this policy, “we”, “us” and “our” refers to Shot by Amy. This policy applies where we are acting as a data controller with respect to the personal data of Shot by Amy website visitors and customers.
2. What information do we collect?
Usage data: We may process data about your use of our website and services. The usage data may include your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths, as well as information about the timing, frequency and pattern of your service use. The source of the usage data is Squarespace. This usage data may be processed for the purposes of analysing the use of the website and services. The legal basis for this processing is our legitimate interests, namely monitoring and improving our website and services.
Enquiry data: We may process your personal data that is provided as part of an enquiry about our services. The enquiry data may include your name, telephone number and email address. The source of the enquiry data is you.] The enquiry data may be processed for the purposes of operating our website, providing our services, or communicating with you. The legal basis for this processing is consent based on checking availability for and information on our services.
Service data: We may process your personal data that is provided in the course of the use of our services. The service data may include your name, contact telephone number and email address. The service data may be processed for the purposes of providing our services, maintaining back-ups of our databases and communicating with you. The legal basis for this processing is the performance of a contract between you and us and/or taking steps, at your request, to enter into such a contract.
Customer Relationship Data: We may process information relating to our customer relationships, including customer contact information. The customer relationship data may include your name, your contact details, and information contained in communications between us and you. The customer relationship data may be processed for the purposes of managing our relationships with customers, communicating with customers, keeping records of those communications and promoting our products and services to customers. The legal basis for this processing is consent.
Transaction data: We may process information relating to transactions, including purchases of goods and services, that you enter into with us. The transaction data may include your contact details and the transaction details. The transaction data may be processed for the purpose of supplying the purchased goods and services and keeping proper records of those transactions. The legal basis for this processing is the performance of a contract between you and us and/or taking steps, at your request, to enter into such a contract and our legitimate interests, namely providing you requested service or goods.
Correspondence data: We may process information contained in or relating to any communication that you send to us. The correspondence data may be processed for the purposes of communicating with you and record-keeping. The legal basis for this processing is our legitimate interests, namely the proper administration of our website and business and communications with users.
2.1 We may process any of your personal data identified in this policy where necessary for the establishment, exercise or defence of legal claims, whether in court proceedings or in an administrative or out-of-court procedure. The legal basis for this processing is our legitimate interests, namely the protection and assertion of our legal rights, your legal rights and the legal rights of others.
2.2 We may process any of your personal data identified in this policy where necessary for the purposes of obtaining or maintaining insurance coverage, managing risks, or obtaining professional advice. The legal basis for this processing is our legitimate interests, namely the proper protection of our business against risks.
2.3 In addition to the specific purposes for which we may process your personal data set out in this Section 2, we may also process any of your personal data where such processing is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.
2.4 Please do not supply any other person’s personal data to us, unless we prompt you to do so.
3. How do we collect your information?
Information you provided directly: When you submit an enquiry using the form on our website, you provide personal information in order for us to process and respond to your enquiry. This may include your name, telephone number and email address.
Information from your use of the website: When you visit our website, we collect information of your activity and usage from your interaction with the site. This may include your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths, as well as information about the timing, frequency and pattern of your service use.
4. How do we use the information we collect?
We use the information collected primarily to provide you with the services and goods you requested and to support our legitimate interests in operating our services and business.
To communicate with you about our services: With your consent, we will respond to any enquiries and discuss relevant options with you over email or telephone.
To maintain and improve our website: We use the information collected to analyse our site performance and measure the usage of features.
To successfully fulfil our services: We will use the information you provided to communicate with you and provide our services in conjunction with the in the contract
To meet legal requirements: We may need to use the information to comply with legal requests such as court orders, request by public authorities, and any other other appropriate legal mechanisms.
5. How do we share the information we collect?
To comply with the law: Information may be disclosed if it is deemed necessary to comply with the law and court order, to protect the rights of individuals and to fulfil law enforcement requirements.
6. How do we protect the information we collect?
We follow industry standards on the management of personal information. We employ technical and administrative safeguards intended to protect against accidental or unlawful destruction, loss, alteration and disclosure of personal information. No method of storage and transfer of information over the Internet is absolutely secure, so whilst we have safeguards in place, we cannot prevent the use or misuse of such personal data by others.
7. Data Retention
We will retain your information for as long as necessary to fulfil our contractual services and may continue to store your information for a reasonable amount of time after completion of the services to ensure you are completely satisfied. We will retain your personal data as follows:
(a) Invoices, contact details and contracts will be retained for 5 years following final delivery of services
(b) Planning information, wedding details and customer notes will be kept for a maximum of 2 years
We may also retain and use your information in order to comply with our legal obligations, resolve disputes and to protect our and others’ interests.
8. International information transfer
The hosting facilities for our website are situated in the USA so your personal data may be transferred, stored or processed to countries outside the European Economic Area (EEA). You acknowledge that personal data that you submit for publication through our website or services may be available, via the internet, around the world. We cannot prevent the use or misuse of such personal data by others.
9. Your Rights
Your principal rights under data protection law are:
(a) the right to access;
(b) the right to rectification;
(c) the right to erasure;
(d) the right to restrict processing;
(e) the right to object to processing;
(f) the right to data portability;
(g) the right to complain to a supervisory authority; and
(h) the right to withdraw consent.
If you wish to exercise any of these rights, please reach out to us at firstname.lastname@example.org.
10. Contact information