Privacy Policy
1. Introduction
At Adam Chin Photography, accessible via www.adamchinphotography.com, we are committed to safeguarding your personal data and upholding your privacy rights. We understand the importance of data protection and are dedicated to processing your information in a secure, transparent, and lawful manner. This Privacy Policy outlines how we collect, use, share, and protect your personal information in accordance with applicable data protection laws, including the General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act of 2018 (“CCPA”).
2. Scope of This Policy and Role as Data Controller
This Privacy Policy applies to all personal data collected through your use of our website, services, purchases, communications, and any interaction with Adam Chin Photography. For the purposes of both the GDPR and CCPA, Adam Chin Photography (“we,” “us,” or “our”) acts as the Data Controller for the personal data collected through www.adamchinphotography.com. As Data Controller, we determine the purposes and means of processing your personal data.
3. Categories of Personal Data We Process
We may collect and process the following categories of personal data:
3.1 Usage Data
Includes data about how you use our website (e.g. page views, time spent, browser type and version, IP address, referring URL, and interaction logs).
3.2 Account Data
Information that you voluntarily provide when creating an account or engaging our services, such as your name, residential or billing address, email address, and phone number.
3.3 Profile Data
Includes your service and product preferences, behavioral interactions with our website, purchase history, photography style choices, and other personalizations.
3.4 Communication Data
Includes any information provided to us via support requests, contact forms, phone calls, or email exchanges. This also includes records of such communications.
3.5 Technical Data
Comprises data about the type of device you use to access our website, system and firmware information, operating system details, hardware model, and other diagnostic data.
3.6 Transaction Data
Includes payment card details (processed securely via third-party providers), invoice data, services purchased, delivery or event logistics information, and transaction confirmation.
3.7 Preference Data
Encompasses your consents and preferences regarding marketing communications, service offerings, mailing subscriptions, and areas of photographic interest or service usage.
4. Legal Bases for Processing
There are several legal bases under which we process your data:
– Contractual Obligation: To fulfill contractual obligations, such as delivering photography services or processing payments.
– Legitimate Interests: To conduct direct marketing, web analytics, and customer support when such interests are not overridden by your fundamental rights.
– Consent: Where consent is required for certain types of processing (e.g., marketing emails, cookie usage), we will ask for and honor your preferences.
– Legal Compliance: To comply with applicable legal obligations, such as financial reporting and regulatory requests.
5. Your Rights
Subject to applicable laws, you are entitled to the following rights regarding your personal data:
– Right of Access: Obtain a copy of your personal data processed by us.
– Right to Rectification: Request correction of inaccurate or incomplete data.
– Right to Erasure (“Right to be Forgotten”): Request deletion of personal data, where legally applicable.
– Right to Restriction: Request that we limit the processing of certain data categories.
– Right to Data Portability: Receive a structured copy of your data for your own use or transfer it to another provider.
– Right to Object: Oppose processing of your data where our legal basis is legitimate interest.
– Right to Withdraw Consent: At any time, where processing is based on your consent.
To exercise these rights, you may contact us at [email protected]. We will respond promptly and in accordance with applicable legal timelines.
6. Security Measures
We implement appropriate technical and organizational measures to ensure that your data is protected from unauthorized access, accidental loss, unlawful processing, or destruction. These include:
– Encryption: Secure Sockets Layer (SSL) and HTTPS encryption for all website traffic.
– Access Control: Restriction of internal access to data on a need-to-know basis with authentication mechanisms.
– Regular Backups: Structured data backups are maintained and tested for recovery.
– Staff Training: Personnel are regularly trained on privacy, data handling, and security practices.
7. International Data Transfers
Where data is transferred outside of the European Economic Area (EEA), we implement standard contractual clauses and other legally approved mechanisms to ensure an adequate level of data protection in accordance with GDPR. We also ensure compliance with local United States privacy requirements where applicable.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the processing purposes. Specifically:
– Usage & Technical Data: Retained for up to 12 months for analytics and troubleshooting.
– Account & Profile Data: Retained as long as your account is active and up to 2 years thereafter.
– Transactional Records: Retained for up to 7 years in accordance with accounting and tax laws.
– Communication Data: Retained for up to 3 years to assist with historical support and inquiries.
– Preference & Marketing Consent Data: Retained until you withdraw consent or unsubscribe.
9. Cookie Policy
We use cookies and similar technologies to provide, enhance, and analyze our services:
– Essential Cookies: Required for proper functionality of the website.
– Functional Cookies: Improve user experience by remembering preferences.
– Analytics Cookies: Allow us to monitor usage, detect trends, and improve performance.
– Performance Cookies: Support the optimization of our site based on real-time performance data.
10. Cookie Management and Compliance
We provide a cookie consent banner upon your first visit to adamchinphotography.com, enabling you to manage your preferences and accept or reject non-essential cookies. You may also adjust your browser settings to block or delete cookies at any time. Our use of cookies complies fully with GDPR regulations and CCPA consent requirements.
11. Children’s Privacy
Our services are not intended for children under the age of 13. We do not knowingly collect or solicit personal data from anyone under 13. If we become aware that such data was inadvertently collected, we will promptly delete such information and take necessary steps to ensure compliance with applicable child protection laws.
12. Policy Modifications
We may revise this Privacy Policy to reflect changes in legal obligations, services offered, or operational needs. Any substantive changes will be posted on this page. We may, at our discretion, notify you via email or website banner if the changes are particularly material. Continued use of our website after any changes constitutes your acceptance of the updated policy.
13. Contact
If you have any questions or concerns about this Privacy Policy, our data handling practices, or wish to exercise your privacy rights, please contact us at:
Email: [email protected]
Website: www.adamchinphotography.com
We are committed to maintaining the highest standards of data privacy and fully adhere to applicable GDPR and CCPA requirements to ensure the protection of your personal data.