General Data Protection Regulations
What is GDPR?
GDPR is a new set of regulations that replace the previous Data Protection Act. The regulations came into force on 25 May 2018 and place a greater responsibility on all organisations, including Harvey’s of Ramsey, to ensure that your personal data is secure, accurate and up-to-date.
Access to information
Everyone will now have much greater access to the personal data that an organisation holds on them and will be legally allowed to view the data by making a Subject Access Request. Incorrect or incomplete data must also be rectified upon request. There is also a right to demand that your data is deleted if it’s no longer necessary to the purpose for which it was collected. This is known as the “right to be forgotten”.
Organisations must ensure they provide a lawful basis for processing all types of personal data that they have sought specific consent to use. GDPR requires that controllers and processors must be transparent about how they collect data, what they do with it and how they process it, and must be clear in explaining these things to you.
GDPR will enforce stricter rules upon organisations to ensure that they are taking all reasonable measures to guard against data theft, loss, or other breach. If there is a breach of your data, we must let you and the Information Commissioner’s Office (ICO) know at the earliest opportunity.
For further information you can visit the Information Commissioner’s Office website at: https://ico.org.uk/for-the-public/
Information we collect
We collect information for the purposes of responding to enquiries via our contact form, fulfilling orders, making contact with you, informing you of promotions or special events and for social media purposes. This information may include:
Wedding details, such as date, venue, photographer and partner name
Order and payment details for invoicing
Photographs either taken at Harvey’s of Ramsey, sent to us by you or taken from your photographer’s website or social media pages
How we store this data
All data collected will be stored digitally on secured, encrypted computers. Limited data, such as name, address, e-mail and telephone number may be stored on the company mobile phone, which is password protected.
What rights do I have to access my data?
Harvey’s of Ramsey is committed to managing personal data in line with the GDPR requirements. Your personal information is held in a transparent and lawful manner and can be accessed on request, at any time, in writing.
The reasons why we store your data
We hold personal data in order that we can respond to any enquiries via our contact form, to fulfil orders, social media purposes or to make you aware of any offers, updates, news or events that we think may be of interest to you.
Who do we share our data with?
Your personal data is not shared with any third parties and is used strictly by Harvey’s of Ramsey.
Exercise your rights under GDPR
Send your GDPR request, via the form below, to the Data Protection Officer.