In the UK, the GDPR is implemented through the Data Protection Act 2018. This act controls how personal information is used by organisations, businesses, or the government. Everyone responsible for using personal data must follow strict rules called ‘data protection principles’.

The Information Commissioner's Office (ICO) is responsible for enforcing these regulations in the UK. Visit https://www.gov.uk/data-protection to find out more.

Data Protection

De Villiers Photography is committed to protecting the privacy and security of your personal data. This data protection policy explains how we collect, use, store and disclose your personal data when you use our services or interact with us. It also informs you of your rights and choices regarding your personal data.

We are the data controller of your personal data, which means that we are responsible for deciding how and why we use your personal data. We are not registered with the Information Commissioner's Office (ICO).

We collect personal data from you when you book a photography event with us when you contact us by phone, email or through our website when you subscribe to our newsletter or follow us on social media, when you participate in our surveys or promotions, or when you provide feedback or testimonials. The types of personal data we collect may include your name, contact details, payment information, preferences, interests, images and videos of you and your family or friends, and any other information you choose to share with us.

We use your personal data for the following purposes:

• To provide you with our photography services and products, such as taking and editing your photos, delivering them to you in digital or physical format, creating albums or prints, and fulfilling your orders.

• To communicate with you about your booking, our services and products, and any changes or updates to them.

• To respond to your enquiries, requests, complaints or feedback.

• To send you our newsletter and other marketing communications about our services and products, offers, promotions and events that may interest you, if you have consented to receive them or if we have a legitimate interest to do so.

• To analyse and improve our services and products, our website and our customer experience, using aggregated and anonymised data.

• To comply with our legal obligations, such as tax and accounting requirements, or to cooperate with law enforcement authorities or regulators.

• To protect our rights and interests, such as enforcing our terms and conditions, preventing fraud or misuse of our services and products, or defending ourselves against claims or disputes.

We store your personal data securely on our servers and devices, using appropriate technical and organisational measures to prevent unauthorised access, loss, alteration or disclosure. We only retain your personal data for as long as necessary for the purposes for which we collected it, or as required by law. We may also anonymise your personal data and use it for statistical or research purposes.

We may share your personal data with third parties who provide services to us or on our behalf, such as payment processors, delivery companies, cloud storage providers, web hosting providers, email service providers, marketing agencies or analytics providers. We only share your personal data with third parties who respect your privacy and comply with applicable data protection laws. We do not sell or rent your personal data to anyone.

You have the following rights regarding your personal data:

• You can request access to your personal data and obtain a copy of it.

• You can request the correction of any inaccurate or incomplete personal data that we hold about you.

• You can request the erasure of your personal data if it is no longer necessary for the purposes for which we collected it if you withdraw your consent (where applicable), if you object to our use of it (where applicable), or if we have processed it unlawfully.

• You can request the restriction of the processing of your personal data in certain circumstances, such as if you contest its accuracy or legitimacy, or if you need it for a legal claim.

• You can request portability of your personal data in a structured, commonly used and machine-readable format, and transfer it to another data controller (where applicable).

• You can object to the processing of your personal data for direct marketing purposes at any time.

• You can withdraw your consent to the processing of your personal data at any time (where applicable), without affecting the lawfulness of the processing based on your consent before its withdrawal.

• You can lodge a complaint with the ICO or another supervisory authority if you are unhappy with how we handle your personal data.

If you wish to exercise any of these rights, please contact us at via the email address on our website. We may ask you to provide proof of identity before fulfilling your request.

We may update this data protection policy from time to time to reflect changes in our services and products, our practices or the law. We will notify you of any significant changes by email or by posting a notice on our website. We encourage you to review this policy periodically to stay informed about how we use your personal data.

If you have any questions or comments about this policy or how we use your personal data, please contact us via the email address on our website. We are always happy to hear from you.