GDPR Compliance

At John Mak Photography, we are committed to protecting your privacy and ensuring that your personal data is handled in compliance with the General Data Protection Regulation (GDPR). This page outlines our GDPR compliance policies and practices.

1. Data Collection and Use

  • Personal data collection: We collect personal data such as name, email address, and any other information you provide when you sign up, participate in forums, or use our services.
  • Purpose of data collection: We use your data to provide and improve our services, communicate with you, personalize your experience, and comply with legal obligations.

2. Lawful Basis for Processing

  • Consent: We process personal data based on your consent, which you can withdraw at any time.
  • Contract: Processing is necessary for the performance of a contract with you or to take steps at your request before entering into a contract.
  • Legal obligation: Processing is necessary to comply with our legal obligations.
  • Legitimate interests: Processing is necessary for our legitimate interests, provided your rights and interests do not override these interests.

3. Data Protection Rights

  • Right to access: You have the right to request access to your personal data and obtain information about how we process it.
  • Right to rectification: You have the right to request correction of inaccurate or incomplete personal data.
  • Right to erasure: You have the right to request the deletion of your personal data under certain circumstances.
  • Right to restrict processing: You have the right to request the restriction of processing of your personal data under certain conditions.
  • Right to data portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit it to another controller.
  • Right to object: You have the right to object to the processing of your personal data based on legitimate interests or direct marketing.
  • Rights related to automated decision-making: You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or significantly affects you.

4. Data Security

Security measures: We implement appropriate technical and organizational measures to protect your personal data from unauthorized access, disclosure, alteration, or destruction.
Data breach: In the event of a data breach, we will notify you and the relevant supervisory authority within 72 hours if the breach is likely to result in a high risk to your rights and freedoms.

5. Data Retention

  • Retention period: We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected and to comply with legal, accounting, or reporting requirements.
  • Deletion of data: Upon expiry of the retention period, we will securely delete or anonymize your personal data.

6. Third-Party Data Sharing

  • Service providers: We may share your personal data with third-party service providers who assist us in providing our services. These providers are contractually obligated to protect your data.
  • Legal requirements: We may disclose your personal data if required by law or in response to valid requests by public authorities.
  • International transfers: If your data is transferred outside the European Economic Area (EEA), we ensure that appropriate safeguards are in place to protect your data.

7. Cookies and Tracking Technologies

  • Use of cookies: We use cookies and similar tracking technologies to enhance your experience on our website. You can manage your cookie preferences through your browser settings.
  • Third-party cookies: Our website may use third-party cookies from service providers such as analytics or advertising partners.

8. Changes to This Policy

  • Policy updates: We may update this GDPR compliance policy from time to time. We will notify you of any significant changes by posting the new policy on our website.

9. Contact Information

  • Data info: If you have any questions or concerns about this GDPR compliance policy or your data protection rights, please contact us here.

Summary

Using John Mak Photography, you acknowledge that you have read and understood this GDPR Compliance Policy and agree to its terms.

Thank you for trusting us with your data.

John Mak Photography