What information can be collected?
We receive, collect and store any information you enter on our website or provide us in any other way. In addition, we collect the Internet protocol (IP) address used to connect your computer to the Internet; login; e-mail address; password; computer and connection information and purchase history. We may use software tools to measure and collect session information, including page response times, length of visits to certain pages, page interaction information, and methods used to browse away from the page. We also collect personally identifiable information (including name, email, password, communications and your image (and others with you) if you are investing in portrait photography); payment details (including credit card information), comments, feedback, product reviews, recommendations, and personal profile.
How do we collect information?
When you conduct a transaction on our website, as part of the process, we collect personal information you give us such as your name, address and email address. Your personal information will be used for the specific reasons stated above only.
Why do we need this information?
To provide and operate the Services;
To provide our Users with ongoing customer assistance and technical support;
To be able to contact our Visitors and Users with general or personalised service-related notices and promotional messages; your contact, either online, via email or via text message is your consent to this.
To create aggregated statistical data and other aggregated and/or inferred Non-personal Information, which we or our business partners may use to provide and improve our respective services;
To comply with any applicable laws and regulations.
How do we store, use, share and disclose your personal information?
Our company is hosted on the Wix.com platform. Wix.com provides us with the online platform that allows us to sell our products and services to you. Your data may be stored through Wix.com’s data storage, databases and the general Wix.com applications. They store your data on secure servers behind a firewall.
All direct payment gateways offered by Wix.com and used by our company adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
Images are retained offline on PC hard drives, Back up DAS discs and on physical media such as SD, USB and portable hard discs. Every effort will be made to ensure the physical security of these items. For PC this includes limiting folder access using Windows 10's Encryption System and for Physical items by Securing items in lockable containers and or housing in a secure home office with a combination locked door.
Does GDPR apply to my photographs?
GDPR from a photography point of view is detailed the ICO website, they state that a photograph is NOT personal data if it is not used to record, learn or decide something about the individuals, as in people who are visible in a general scene. And if an image is not personal data then GDPR does not apply. For example: "A photographer is not processing the photograph to learn anything about any of the individuals whose images were captured, nor is it likely that the photographer would ever process the photograph for that purpose. Whilst being processed by the photographer, the photograph would not be personal data as it is not used to record, learn or decide something about the individuals.”
What about my messages and emails?
Messages sent via Facebook and other social media sites are sent at your own risk, however, these companies have their individual GDPR rules, typicaly use end-to-end encryption and are considered to be secure; Cinnabar Services cannot be considered liable for any data breach on social media platforms other than through gross negligence. Your e-mails are stored on a desktop computer using a firewall and up to date anti-virus software, whilst emails received on smart phone are read on an encrypted device. Whilst messaging servers for email (Virgin Media and Go Daddy) are secure and also behind firewalls as such Cinnabar Services cannot be considered liable for any data breach through these platforms other than through gross negligence.
Regular weeding of email correspondence is undertaken to limit data loss in the event of a breach. To request that your email data be deleted please email email@example.com.
How do we communicate with our site visitors?
We may contact you to notify you regarding your account, to troubleshoot problems with your account, to resolve a dispute, to collect fees or monies owed, to poll your opinions through surveys or questionnaires, to send updates about our company, or as otherwise necessary to contact you to enforce our User Agreement, applicable national laws, and any agreement we may have with you. For these purposes we may contact you via email, telephone, text messages, and postal mail.
How can you (site visitor) withdraw your consent?
If you don’t want us to process your data anymore, please contact us online or by email at firstname.lastname@example.org or send us mail to: CINNABAR STUDIOS, 1 Highbury Buildings, Cosham, PO62SN.
Questions and Contact Information
If you would like to: access, correct, amend or delete any personal information we have about you, you are invited to contact us at email@example.com or send us mail to: CINNABAR STUDIOS, 1 Highbury Buildings, Cosham, PO62SN.