If you’re on this page then you must care a little about your data and it’s privacy, alternatively you may have clicked the link by accident and maybe you’re wondering what GDPR stands for. Well, I’m no expert but I’m not alone and the General Data Protection Regulation says I have to declare how my website and I, as a business, store information that’s been collected, not only by myself but by other services I use to deliver the best work I can to you and my other clients. All websites within Europe should now be doing this so you’ll find a whole lot of small businesses, like myself, bundling something together and the policy below is my best way to help you identify what is done by myself, the data controller, and the website I run as Bevan Cockerill – Photography & Design.
What personal data I collect and why I collect it
When visitors leave comments on the site I collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
Images I upload to the website will contain certain bits of information relating to the job I was hired for and this may include who I was photographing and where. This will not always be the case and you can request for this to be removed at any point if you are concerned. This information helps my clients to search for the work that was done across the Internet and is usually helpful to anyone wanting to see the photographs I was taking.
My website asks for your information so that I can contact you easily and know what to call you. This information will be sent to my e-mail address and then dealt with internally.
Cookies are small files saved by the browser you are viewing my website on. They track, save and store information about the users interactions and usage of the website. This allows the website, through it’s server to provide the users with a tailored experience within this website.
- To estimate my audience size and usage pattern;
- To store information about your preferences, which allows me to customise my site according to your individual interests;
- To speed up your searches;
- To recognise you when you return to my site.
Users are advised that if they wish to deny the use and stop the saving of cookies from this website on to their computers they should take necessary steps within their web browsers security settings to block all cookies from this website and it’s external serving vendors.
Embedded content from other websites
Articles on this site may include embedded content (i.e. videos, images, articles, etc.). Embedded content from other websites behaves in the same way as if the visitor has visited the other website.
Users should also adopt a policy of caution before clicking any external web links mentioned throughout this website. I cannot guarantee or verify the contents of any externally linked website despite my best efforts. Users should therefore note they click on external links at their own risk and I cannot be held liable for any damages or implications caused by visiting any external links mentioned.
Who I share your data with
I use a few third party services providers to help me manage and deliver the best possible service I can offer to my clients. This includes the hosting of websites on UK servers with 20i, backing up the websites and audit logging with WPMU Dev, backing up my computer and all the data on it to CrashPlan / Code42, other backup services include DropBox and Apple iCloud, Google Analytics helps to collect information about who visits my sites so I can provide a better service. Then I have accounts with multiple social media platforms that all have their own set of tools to monitor the traffic that comes and goes through the website including Facebook, Twitter, Instagram, Google+, LinkedIn and Flickr.
How long I retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so I can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on my website (if any), I also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive the personal data I hold about you. You can also request that I erase or amend any personal data I hold about you. This does not include any data I am are obliged to keep for administrative, legal, or security purposes.
Where I send your data
Visitor comments may be checked through an automated spam detection service.
My website and my client’s are backed up frequently by Snapshot Pro and this information is stored by WPMU Dev my third party service provider who encrypts and protects the data. I also make use of audit logging through a plugin called Defender which again stores the information with my third party service provider WPMU Dev who encrypts and protects the data it records using cloud servers that are outside the European Economic Area (“EEA”). These cloud servers are heavily encrypted and protected so WPMU Dev ‘my data processor’ has been approved for inclusion in the US/EU Privacy Shield Framework.
I backup my business computer to CrashPlan through a company called Code42, their GDPR Compliance can viewed here. I also backup to DropBox who has also achieved Privacy Shield Certification as can be seen here.
How I protect your data
The personal data you provide is stored on computer systems that have limited access. I take the security of my clients’ data very seriously and I use appropriate measures to protect all personal information collected in a secure, controlled environment.
What data breach procedures I have in place
In the event of a data breach, the affected individuals will be contacted within 72 hours after I become aware and a full report – highlighting any risks – will be recorded and kept.
The EU Regulations requires that I continue to work as I always have been but by writing everything down it helps me to be transparent about what I do and how. Hopefully you can see that I have done my best to follow these rules and that I’m not going to abuse your data. The intention I have is to run my business in a professional manner whilst providing the best service I’m able to give.
How to contact me