IMPORTANT PLEASE READ - This Policy was last updated on: 8th Mar 2017.
This Policy describes how the Studio collects and uses any personally identifiable information that might allow someone to identify you; such as your name, address, email address, phone number, bank/payment card details etc ("Personal Information" or "Personal Data"), which has been provided by you, and with whom it may be disclosed with. It also describes the security procedures in place to protect misuse of your Personal Data, as well as the choices available to you regarding the Studio’s use of your Personal Data, and how it can be accessed, updated or removed.
It is your sole responsibility to read and fully understand this Policy before using this Website. This Policy includes important information regarding your legal rights, remedies and obligations. It also includes limitations and exclusions on our liability to you. For the purposes of transparency, your special due care and attention should be particularly drawn to the provision; 5.5 (Legal Disclaimer, Indemnity & Liability) and each of its individual sub-clauses.
By visiting and using this Website, you are agreeing and consenting to the practices described in this Policy. By accessing any part of this Website, as well as the purchase of any products or services, you shall be deemed to have accepted all provisions of this Policy in full. If you do not agree to all provisions of this Policy and do not wish to be bound by it, you are not authorised to access or otherwise use this Website, or take part in any of the events or offers that the Studio provides, and you should therefore leave this Website immediately.
The Studio takes your privacy seriously and is committed to safeguarding your privacy online. The Studio appreciates that you do not want any Personal Data you provide to be distributed indiscriminately and so it will never sell, lease, or exchange your Personal Information to, or otherwise share your Personal Data with, any third parties in ways other than described below.
The Policy is effective with respect to any data that the Studio has collected, or collects, about and/or from you. This Policy may change from time to time, so please check back here frequently to ensure you agree to any changes, as we will not necessarily bring any updates to your attention.
- Information Collection
- Internet Traffic Data (Log Files)
- ISP, IP & Computer Information
- Google Analytics & Metric Systems
- Hotspot/Heatmap Tracking Analytics
- Click To Tweet Tracking Analytics
- Cookie Statement
- What Are Cookies?
- Types Of Cookies We Use
- Disabling Cookies
- Third-Party Cookies
- Customer Service
- Personal Information
- Financial Information
- Third-Party Payment Processors
- Contracts, Licenses, Model Releases & Other Forms
- Contractual Agreements
- Purchase Orders & Confirmations Of Acquisition
- Layaway Agreements For Payment Plans
- Commercial Licenses
- Model Releases
- Parental Consent & Guardianship
- Other Forms
- Electronic Records & Signatures
- Marketing Emails
- Comments & User Content Posted To Our Website
- Social Media Widgets & Plug-ins
- Links To Other Websites & Third Parties
- Surveys & Contests
- Information From Other Sources
- Information Usage
- Sharing & Disclosure
- Use & Ownership Of Your Personal Information
- Statistical and Demographic Information
- Sharing With Service Providers & Third Parties
- Business Transfers, Mergers, Acquisitions & Liquidation
- Legal Disclosure
- Announcements & Other Communication
- Acceptable Image Usage
- Information Security
- Safeguarding, Security & Storage
- Our Compliance With UK/EU Data Protection Laws
- Online Protection Practices
- Secure Sockets Layer (SSL)
- Payment Processors & Third-Party Security Procedures
- Processing & Transfering Your Information
- Account Usernames & Passwords
- Notice Of Breach Of Security
- Offline Protection Practices
- Data Retention
- Information Access
- Accuracy Of Data & Transparency
- Viewing Information
- Changing Information
- Removing Information
- Additional Attributions
1.1.1) Internet traffic data includes but is not limited to; Internet Service Provider (ISP) information, the collection of IP addresses, geographic location, entry and exit pages, referral URLs and incoming links, information about your computer including the various operating systems, browser types, date/time stamp, click stream data, specific devices used, actions taken within an application, and other such traffic information.
1.1.2) We use GOOGLE ANALYTICS to collect data about how our visitors interact with our Website, the keywords used in search engines or the source used to find the Website, and the duration spent on individual pages. Our Website is built by SQUARESPACE and also has its own built in metric system to track traffic data, mobile usage, referrers, rss subscribers, search engine queries, internal content searches and page activity.
1.1.3) From time to time we may also use hotspot/heatmap tracking analytics from third-party service providers such as CRAZY EGG and/or INSPECTLET, which allows us to track, monitor and record heatmap videos of how our visitors interact with and use our Website, through mouse movements and clicks, page scrolling and keyboard button presses, as well as the duration spent on individual pages and starting/ending pages.
1.2.1) Like most websites, we use small files of harmless data, which are strings of codes that get transferred from our Website onto your hard drive to simulate a continuous connection, and to obtain information about your browsing preferences (“Cookie(s)”). Cookies are common and will not harm your computer, they simply store or gather information that enables us to improve your access to our Website, and they also help us identify returning visitors. Cookies are specific to the server that created them and cannot be accessed by other servers, which means they cannot be used to track your browsing or purchasing movements around the Internet.
Although Cookies can be used to store information, which may identify your computer, Cookies are in no way linked to any Personal Information that can be accessed by external servers to identify you. For instance, when we use a Cookie to identify your computer, this will mean that you do not have to submit a password more than once to gain access to certain areas within our Website, thereby saving you time and improving efficiency whilst browsing our interface, but your Personal Information, passwords and payment card details are not stored in those Cookies.
1.2.2) Cookies allow us to ‘remember’ information about your individual preferences, allowing you to move freely within our Website without the need to re-enter your details and preferential settings on every visit. If a password has been personally allocated to you, then when you are logged in to our Website using that user specific password, the Cookies stored on your computer allow us to uniquely identify your account within our system, but this data is anonymous and is not shared with anyone.
We may also collect information about your computer including, where available; your IP address, operating system, browser type and version, for system administration purposes as part of our audit trail process. When you play one of the videos on our Website, the flash player may use local shared objects from third parties, which are called "Flash Cookies". We don’t use these Flash Cookies for anything, but we cannot prevent the player from storing them.
1.2.3) Our Website uses two main types of Cookies:
However if you block our Cookies, you may not be able to take full advantage of our Website and some features and services may be restricted. You may also be unable to access certain parts of our Website, as those areas may require a constant login to be maintained, whilst within a browser session for security purposes.
Third-party Cookies that may be used on our Website:
126.96.36.199) GOOGLE ANALYTICS - Google sets a Cookie in order to anonymously identify when users visit and return to our Website. Google uses the information collected by this Cookie to store a history of all the pages visited in a user's session. This data will not be used to associate any part of your identity, anonymous or not, with any other data held by Google. CLICK HERE for further information about how to opt-out of this Cookie.
188.8.131.52) SHAREAHOLIC SHARE BUTTONS & DISQUS COMMENTS - We have content share buttons and comments sections on our Website and blog posts, which are hosted by Shareaholic and Disqus respectively. When sharing our Website, pages and Content through these buttons or when commenting on our posts via Disqus, your browser sends Cookie data to social media platforms such as Facebook, Twitter, Google+, Pinterest, Tumblr and LinkedIn, which connects the corresponding share button and/or comments section with the appropriate social media account that you are sharing our content or commenting through. When you create or log in to any social media account, Cookies are stored on your computer so that you may remain logged-in to your social media profile. This data is not accessible to us, and is not sent to us by Shareaholic, Disqus or any of the other associated social media channels. Click the following links to be taken to the aforementioned social media privacy policies: SHAREAHOLIC, DISQUS, FACEBOOK, TWITTER, GOOGLE+, PINTEREST, TUMBLR, LINKEDIN.
184.108.40.206) FACEBOOK PIXEL - The Facebook Pixel is a piece of code embedded into our Website that enables us to measure, track and optimise conversions, and build targeted audiences for our ad campaigns on our Facebook business page(s). The Facebook Pixel leverages the actions visitors take on our Website across multiple devices, to inform more effective Facebook advertising campaigns and to help us create a more efficient marketing strategy. By using the Facebook Pixel we are able to:
There are 2 types of data that our Website sends to Facebook when we use the Facebook Pixel custom audience feature: Contextual data, which includes the referral URL, browser info, and the person's Facebook user ID; and custom data through the Facebook Tag API. This information is shared in a privacy-safe way using HASHING ('Hashed Data"), where Facebook and Instagram matches the locally Hashed Data from our customer lists with their own existing list of users' hashed IDs, and the matches are then added to our custom audience when we run a Facebook ad.
By using this Website, you shall automatically be deemed to have fully read and understood this Policy, and you hereby accept that we have the FACEBOOK PIXEL installed on our Website, and Facebook’s custom audience feature enables us to run specific ad campaigns on Facebook that may use your Personal Information such as your name, email address and/or phone number to help us build a more targeted audience on Facebook, and to assist us in our marketing efforts. This Policy represents that we have provided the appropriate notice to, and secured any necessary consent from those whose data may be hashed to create the Hashed Data, including as needed to be in compliance with all applicable laws, regulations and industry guidelines.
Upon contacting us to issue a customer support request, we may keep a record of that correspondence, and use your Personal Information that you provided us with, such as your name, email address or phone number, to contact or respond to you regarding your enquiry. We use third-party studio management software such as LIGHT BLUE, 17 HATS, SPROUT STUDIO, TAVE or STUDIO CLOUD (depending on their current business rates) for running our business day-to-day administration and to help us organise, schedule and keep track of our client leads and commissions. Therefore the contact forms embeded on our Website are lead tracked and all information is collected and sent to us through these third-party studio management services, as well as any email responses, and so your Personal Information is stored securely on their servers.
1.4.1) Some personally identifiable information must be collected from you so that you can use and access the services, products, promotions and materials that we offer. The amount of Personal Information we collect from you will depend on your level of commitment with our services. For example, your name and email address will be collected when you sign up to our mailing list, so that we may send you personalised content. Your banking/payment details may be collected when you purchase any of our products and services, so that we may fulfil your order, or if you have been contracted by us to offer your professional services for an agreed upon commission.
Your postal address may be collected in the event that we need to deliver items to you, such as printed artwork, or when you sign a contractual agreement with us so that we may have an alternative way of contacting you, should we need to do so. Your date of birth and identifying image may be collected on a model release in the event that we might photograph or film you, for the legal purposes of image usage/licensing, copyright and to ensure you are over the age of majority, as we are unable to contract with children under 18, without parental/agency consent.
1.4.2) Personal Information is only collected from you when you personally and willfully provide us with such information over the Internet or via email, telephone, in writing, or in person; or by completing and signing any of our agreements, contracts, model releases, sales/purchase orders, print releases, copyright notices, delivery notes, independent contractor agreements, image licenses, invoices, remittance advices, employee terms and conditions etc; or otherwise when making purchases through our online store or any third-party trading site that we may partner with for payment processing; or when contacting us through our Website contact form, pursuant to making a purchase or requesting a service from us; or by signing up to our mailing list subscription or entering any of our competitions, offers or promotions; or when commenting on our blog posts and/or social media Sites, and/or engaging in any other discussion/forum boards that may be present on our Website or other Sites. We may also ask for your Personal Information when you report a problem with our Website.
Other information about you which is non-identifiable (such as your age, gender, income, occupation, interests and demographics etc) may be requested for market research purposes via our surveys, questionnaires, feedback forms, interviews or casting calls, for the purposes of improving our products and services, and occasionally for other internal purposes to identify and better understand the needs of our target audience, although you are not required to respond to any market research that we might send you.
Personal Information that is provided by you will only ever be used for the purposes for which it was provided, unless you are informed otherwise at the time of providing the information to us.
We may keep details of payment transactions you carry out through our Website, so that we can fulfil any obligations arising from any contracts entered into between you and us, such as purchasing artwork, or for commercial/private commissions, and so that we may bill and collect monies owed to us for any services rendered. This data may also be used for auditing purposes.
The information we collect from you may include your credit/debit card number, expiration date and last 3 digits of your card security number (“Financial Information”), in order for us to process your payment. We may also collect Personal Information such as your name and billing address to verify payment authenticity, and to contact you if any payment collection issues arise.
Or if you have opted for a payment plan, we may collect alternative Financial Information such as your bank account number and sort code, so that with your authorisation we may set up a direct debit to automatically collect the agreed funds from your bank account, on the agreed date, for an agreed period of time, as set out in any signed contractual agreement. In some situations you may rather pay us by cheque, bank transfer or standing order, in which case your Financial Information and Personal Information may be visible to us on our bank statements.
If you are an independent contractor and we have contracted you for a commission, we may request your Financial Information via an invoice, so that we can make the appropriate payments to your business bank account.
We will take all steps reasonably necessary to ensure that any Financial Information you provide us with is stored safely and treated securely in accordance with this Policy, in order to try and prevent unauthorised access. Upon discontinuation of your service with us, your Financial Information will be securely destroyed and removed from our password protected billing system.
We use trusted third-party payment processors such as PAYPAL, STRIPE, IZETTLE or SQUARE, depending on their current card handling transaction fees and promotional offers, to assist us in processing your payment securely. Both your Financial Information and Personal Information (“Billing Information”) is sent to those third parties so that they can process your orders and credit/debit card payments, and in rare instances, to arrange for the delivery of your orders direct to your shipping address.
Such third-party processors’ use of your Billing Information is governed by their respective privacy policies, which may or may not contain stringent privacy protections that are as vigilant and protective as our own Policy, and therefore their practices are not covered by this Policy. We will always endeavour to only use trusted third-party payment processors that use encrypted Secure Sockets Layer technology, which has been certified and approved by EMV (Europay, MasterCard and Visa), and which adheres to the requirements of the global "Payment Card Industry Data Security Standard" (PCI DSS) for handling card data, in an effort to further safeguard your data. By submitting your Billing Information, you agree to this transfer, storing and processing via such third parties.
Neither our third-party payment processors nor we, will ever ask you for your Financial Information by email.
1.7.1) To ensure that both us and you fully understand and adhere to all expectations of a commissioned assignment, in that we are compensated correctly, fairly and swiftly in exchange for an agreed upon service, and to also protect our images from misuse or copyright infringement, we require a ‘contractual agreement’ to be signed prior to any work being carried out. This form collects your Personal Information including your name, address and contact details, as well as your potentially identifiable signature.
1.7.2) In the event of an artwork purchase, we may require a signed ‘purchase order’ and/or a ‘confirmation of acquisition’ as proof of satisfactory and safe delivery of the artworks purchased. These documents may collect your Billing Information and Personal Information respectively, as well as your potentially identifiable signature.
1.7.3) If a payment plan has been put into place to help spread the cost of an artwork investment, then a ‘layaway agreement’ will need to be signed with full details of the intended payment plan. This form may collect your Billing Information including your name, address and payment details, as well as your potentially identifiable signature.
1.7.4) If any of our images are to be used commercially for marketing, advertising, to help promote sales or for anything else that directly or indirectly results in financial gain or commercial awareness for you or your brand, then a ‘commercial license’ will need to be purchased and signed, with detailed instructions on how and where our images can be used. This document may collect your Billing Information including your name, address and payment details, as well as your potentially identifiable signature.
1.7.5) A ‘model release’ may need to be signed (depending on any contractual restrictions put in place by your contracted modeling agency) in order for us to use your potentially identifiable image(s)/video(s) commercially in any of our marketing or advertising campaigns, promotional efforts and/or licensing commitments worldwide, for perpetuity. This document collects your Personal Information, including your name, address, contact details, date of birth and identifying picture, as well as your potentially identifiable signature.
1.7.6) In the event our services are offered to a child under the age of 18, we will also require the same Personal Information from their parent or legal guardian, confirming their authorisation and consent for their use of our services.
1.7.7) Other forms we may use from time to time, which may collect your Personal Information, Financial Information, Billing Information, and/or your potentially identifiable signature, depending on your level of commitment with our services, include ‘independent contractor agreements’, ‘collaborator/trade agreements’, ‘contracts of employment’, ‘property, location, equipment and styling agreements’; among other documents that we may use in the future as part of our business practices.
1.7.8) Although we may in rare situations still use printed contracts or facsimile to obtain signatures and Personal/Financial Information for our forms, contracts and agreements, we now aim to be a mostly paperless company (excluding our artwork prints). And so we use third-party digital studio management software such as ADOBE E-SIGN SERVICES, LEGALSIGN, DOCUSIGN, LIGHT BLUE, 17 HATS, SPROUT STUDIO, TAVE and STUDIO CLOUD; among others (depending on their current business fees and promotions), to help us securely and legally collect electronic records and signatures (“E-Signatures”) to allow for the reduction of physical documents that are easily lost or misfiled, and to lesson our overall carbon footprint.
The E-Signatures we collect are securely stored on our third parties' encrypted servers, and it is their responsibility to ensure its safety, however we only use trusted, regulated and certified digital services that comply with strict industry security standards. When collecting your E-Signatures, you will always receive a disclosure and will always be asked for your affirmative consent, prior to signing, to contract with us using electronic records, which are legally enforceable and carry the same weight as a handwritten signature. You will also have the option to decline an electronic contract, if you would prefer to contract with us in the traditional sense.
When contracting with us using E-Signatures, you should be aware that the third parties we partner with to collect your data may also have access to the Personal Information you provide us with, in order to relay and transfer this information back to us, and to also help us in the event of any problems that may arise from using their services. Some of these providers may also capture and record your IP address when you sign any of our digital contracts for audit purposes.
Such third-party software developers’ use of your information is governed by their respective privacy policies, which may or may not contain stringent privacy protections that are as vigilant and protective as our own Policy, and therefore their practices are not covered by this Policy. We will not be held liable for any damages that may occur as a result of the practices or security procedures used by any of these third parties. We advise you to take the time to read their individual policies carefully before interacting with any of their digital services that we may use from them.
1.8.1) If you have shown interest in any of our services by consenting and subscribing to our mailing list, or by entering any of our competitions or offers, the Personal Information we collect from you will include your full name and email address, so that we can send you personalised updates, and communicate with you about informational and promotional content, products or services that you have requested from us, or which we feel may be of interest to you.
You will only receive these marketing emails once you have ‘opted in’, by confirming your email address and clicking the ‘subscribe’ button in the confirmation email we send you upon registering with us. You can unsubscribe/opt-out from our mailing list and stop receiving these marketing emails at any time, by following the unsubscribe link and instructions included in every promotional/marketing email we send you.
1.8.2) We use third-party mailing integrations such as MAILCHIMP to help us collect, communicate with and analyse our mailing subscribers, using targeted and automated marketing campaigns. You should be aware that these third-party integrations may also have access to your name and email address so that we may create personalised content for you. Such third parties’ use of your information is governed by their respective privacy policies, which may or may not contain stringent privacy protections that are as vigilant and protective as our own Policy, and therefore their practices are not covered by this Policy, and we are not responsible for any spam email that has been sent to you as a result of their negligence in safeguarding your information.
1.8.3) From time to time, we may track who opened our marketing emails and who clicked on certain links within those emails, as well as promotional links on our Website. We do this to measure the overall performance and effectiveness of our email campaigns and promotional offers, and also to improve our features for specific customer segments. In order to do this, we may include single pixel gifs (“Web Beacons”) in some of the marketing emails we send, or place transparent graphic images (“Pixel Tags”) on certain pages of our Website to indicate to us that a specific page or email has been viewed.
Web Beacons and Pixel Tags allow us to collect information about when you open an email or web page that we have sent you, your IP address, your browser or email client type, and other similar information. We use the data collected from these Web Beacons and Pixel Tags to create reports, which help us identify who has or hasn’t opened our emails, or clicked the links contained within them, so that we may review and improve our marketing strategy.
Our Website and blog have interactive features that allow you to engage and participate with some of our content by posting comments. If you post any comments on our Website or blog, you should be aware that any personally identifiable information, personal interests, opinions, thoughts and/or feelings that you choose to provide is public, and may be read, collected or used by other users of our Website, as well as other third parties, of which we have no control over.
We are not responsible for the information you choose to submit to publicly viewable areas on our Website, or via our other Sites, and any material you do post shall be considered non-confidential and non-proprietary, and we shall not have any obligations or responsibilities with respect to any such material that is posted. We cannot guarantee that other users have not made copies of and/or will not use such material outside of our Website, and we are not responsible for any spam sent by third parties as a result of any information that has been shared publicly by you.
Our Website provides you with the opportunity to interact with and share/post content through various trusted third-party social media platforms, including but not limited to; Facebook, Twitter, Google+, Pinterest, Tumblr and LinkedIn, among others. Your interactions with such tools, and any information you provide in connection with these interactions are publicly viewable outside of our Website. We do not control how your Personal Information is collected, stored or used by any such third-party social platforms, or to whom it is disclosed.
You should review the privacy policies and settings on any social networking sites that you subscribe to so that you understand the information they may be sharing about you. If you do not wish for this information to be disclosed, then you should refrain from using any of these tools, or you can contact the social platforms in question to determine whether they give you the opportunity to opt-out of sharing such information.
Our Website may also include embedded social media features, such as the Facebook ‘Like’ button or Facebook ‘comments’ plug-in, and Google ‘+1’ buttons, as well as other widgets and sharing capabilities linked directly to various social media channels. These features may collect your IP address, which page you were visiting on our Website, personally identifiable information such as your name, city, date of birth and identifying image (depending if you have these set publicly on your social media accounts), and may also set a Cookie/require authorisation to enable the feature to function properly. Social media features and widgets are hosted by a third-party or hosted directly on our Website but are not owned or controlled by us.
We may also work with application developers who specialise in social media, so that we can connect with your social networks and generate interest in our products and services among members of your social networks, and to allow you to share product and service interests directly with your social networks.
Our Website includes links to other third-party sites that are not owned or controlled by us and we have no access to any Cookies used by them. Please be aware that we are not responsible for the privacy practices of other such sites, whether linked directly from our Website or not. Therefore if you click on any advertisements or links you will leave our Website and go to another site not operated by us. If you submit any Personal Information or any other information to any of those sites, your information is governed by their own privacy policies and not ours.
We encourage you to be fully aware when leaving our Website to go to another, and to carefully read through the privacy statements of each and every third-party site you visit that collects personally identifiable information about you. This Policy only applies to information collected by this Website and does not extend to any third parties whatsoever.
From time to time we may request information via surveys and questionnaires for market research purposes, and via model casting calls or promotional contests. Participation in such surveys or contests is completely voluntary, and you may choose whether or not to participate and therefore disclose the information sought by such surveys or contests.
Information requested may include Personal Information (such as your name and address), and demographic information (such as your age, occupation and income level). Contact information will be required to notify winners of any contests or successful applicants responding to any model casting calls. Survey information will be used for purposes of monitoring and improving the use and satisfaction of our services, products and our Website.
Information may be collected via third-party data collection agencies such as TOLUNA QUICKSURVEYS, SURVEY MONKEY, MAILCHIMP, LIGHT BLUE, 17 HATS, SPROUT STUDIO, TAVE or STUDIO CLOUD among others. We are not liable for the protection and safeguarding of any identifiable Personal Information that is collected and hosted by any such third parties.
Information may also be collected via surveys, contests and contact forms using the built in features provided by SQUARESPACE, of which our Website is hosted by, and is sent to us to view via email. You should be aware that email is not safe and therefore if you have anything confidential to send us, then you should not use these forms to do so, and you should certainly never send your Financial Information by email.
2.1.1) We use the information we collect about you for a variety of business purposes, including:
We only collect the aforementioned personally identifiable information that you voluntarily give us directly, in order to provide you with an individual and custom service, specific to your own individual needs and requirements. We are the sole owner of any Personal Information collected and we will never sell, rent or otherwise share your confidential information with any other individual or business entity, except as reasonably necessary to provide products, materials or services to you. We may share your Personal Information with any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in sections 1159 of the UK Companies Act 2006. We will only use your information to respond to you, and will not share your information with any third-party outside of our organisation, other than with our partners as necessary to fulfil your request, e.g. to ship an artwork order to you.
2.1.2) Information collected through our service logs is used only to identify potential cases of abuse and establish statistical information regarding our Website traffic. This statistical information is not otherwise aggregated in such a way that would identify any particular user of our Website or services. We may share aggregated demographic information about our user base with our marketing partners. This information does not identify individual users. This information contains statistics related to traffic and the geographic location of our visitors viewing our Website. We may also share aggregated user information with third parties to help us analyse our user base in order to improve our services. Other than as described above, we do not link aggregate user data with personally identifiable information.
2.1.3) We may from time to time employ third-party service providers to perform functions on our behalf (or on behalf of our partners). Examples include service providers that host or operate our Website, processing payments and transactions, email servicing, analysing data, fulfilling orders or providing customer service; advertisers; sponsors or other third parties that participate in or administer our promotions, contests, sweepstakes, surveys or provide marketing or promotional assistance. Our service providers, subsidiaries, affiliates, sponsors and partners may have access to your Personal Information, which is needed to perform such functions on our behalf related to the operation of our business, and are authorised to use your Personal Information only as necessary to provide these services to us. In most cases, you will be covered by the privacy policies offered by those third-party service providers.
2.1.4) As we continue to develop our business, we may sell or purchase assets. In the situation of a business transfer, merger, acquisition by another company or third-party, or sale of all or a substantial percentage of our business, then customer information, usage information and any other information collected, is usually one of the transferred business assets disclosed to any such entity. However any acquirer will be subject to our obligations, which remain integral and subject to the commitments made in this pre-existing Policy (unless of course, you consent otherwise), including your rights to access and choice.
You will be notified via email or by a notice posted on our Website of any such change in ownership or control of your Personal Information. We may also share your Personal Information with other entities and affiliates of our business, in any event where we might introduce a subsidiary company under our brand. Also, if any bankruptcy, liquidation or reorganization proceeding is brought by or against us, all such information may be considered an asset of ours, and as such may be sold or transferred to third parties.
2.1.5) Under certain circumstances we may occasionally be required by legal obligation, court order, subpoenas or governmental authorities conducting investigations, to disclose certain types of Personal Information, usage information and device identifier (including IP addresses), and we reserve the right to comply with any such legally binding request, when we believe such release is necessary and we believe in good faith that the law requires it in the administration of justice.
For instance, for the prevention and detection of crime, the capture or prosecution of offenders and the assessment or collection of taxes. This includes exchanging Personal Information with other companies and organisations for the purposes of fraud protection, credit risk reduction, and the prevention of terrorism or other crimes, or by developing tools and algorithms that help prevent violations.
We may also release your Personal Information if we need to; respond to an emergency; verify, enforce or apply our Terms, terms of conditions of supply, or any other agreements; protect our rights and integrity should we need to prosecute or defend ourselves legally (including copyrights and moral rights) in a court, arbitration, or similar proceeding; protect property; or otherwise protect the safety and security of ourselves, of our members, partners, independent contractors, employees, users, customers, agents and other third parties, as well as the public.
Other than as set out above, you will receive notice when information about you might be shared with third parties, and you will have the opportunity to choose not to share any such data.
2.2.1) We may infrequently send you system or service-related announcements and messages on occasions when it is necessary to do so about your registration details, to manage any account or subscription you have with us, or to provide customer service, even if you have opted-out of or declined to consent to receiving promotional and marketing emails. For instance, we may let you know about any temporary or permanent changes to our services, liked planned outages or unforeseen suspensions, new features, version updates, releases and abuse warnings.
Also if a booking needs to be rescheduled or if an order has been delayed, we may send you an email or contact you directly by telephone. We may also contact you if we consider that revisions to this Policy or our Terms are sufficiently important to notify you about them, and require your immediate attention. Generally, you may not opt-out of these communications as they are not promotional in nature and are essential for us to provide you with the best customer service and care possible.
2.2.2) If you have subscribed to our mailing list to be updated with new blog posts, special promotions or new products and services that you might be interested in, then you will receive such notifications via the email address you supplied us with at the time of subscribing. You can unsubscribe from these marketing notifications and promotional messages at any time, by clicking the ‘unsubscribe’ link listed at the bottom of all our marketing correspondence. Emails collected for mail subscriptions are stored on third-party mail servers such as MAILCHIMP and you are therefore covered by their own privacy policies.
2.2.3) We may also license technology to serve targeted and relevant advertisements whilst you are browsing online, or we may use third-party network advertisers to serve advertisements on our behalf, as well as third-party analytics vendors to evaluate the use of our Website and viewing of our content. We do not share Personal Information with these third parties, but ad network providers, advertisers, sponsors and/or analytics service providers may set and access their own Cookies, Pixel Tags and similar technologies on your devices, and they may otherwise have access about you, including usage information.
If you prefer not to receive targeted advertising, you can opt-out of certain network advertising programs through the Network Advertising Initiative (NAI) Opt-out Page. Please note that even if you do choose to opt-out, you will still see advertisements while you are browsing online, however the advertisements you see may be less relevant to you and your interests.
We actively try to seek personal and positive endorsements (“Testimonials”) from all of our satisfied clients, independent contractors, agencies, sponsors and business partners, in order to give the best representation of our brand to potential new customers who might also be interested in our services, and to show that we are a genuine, legitimate, trustworthy, consistent and highly professional organisation.
Therefore with your implied consent when issuing us with a Testimonial (either by email, survey or social media), we may choose to display your Testimonial (alongside a professional headshot of you, if we have one, and any other endorsements you give us), anywhere on our Website, blog, marketing materials, social media channels and/or other Sites where we deem it appropriate. From time to time, we may also create video Testimonials for added authenticity.
We will only ever share your name, occupation, and a link to your own website or portfolio site (if you have one) and will never intentionally list any other confidential information about you, which may harm your identity. However, you agree that we cannot be held responsible for any third parties misusing or releasing any unwanted Personal Information about you. Should you choose to remove or update your Testimonial, please simply contact us and we will promptly do so, within good and fair reason.
2.4.1) As a small independent business, we greatly depend on our ability to showcase our images and videos from commissions and collaborations, along with client Testimonials, behind the scenes and personal stories, so that we may further promote our services and continue to grow our company. We regularly feature them in our online and print advertising campaigns, promotional efforts, portfolios, blog posts, social media Sites and any other marketing materials, as well as but not limited to; photographic competitions, magazine editorials, gallery exhibitions, and studio samples, banners, cards, leaflets and posters etc. We may also release certain images to our independent contractors (hair stylists, makeup artists, wardrobe stylists etc), for use in their own portfolios to market themselves, as a form of compensation, or as a goodwill gesture for their time and professional services.
By being able to use your material (where you might be featured, mentioned and potentially recognised and identified) to promote our business in this way, this allows us to lower our marketing costs significantly, considering the time and material investment related to any production, and therefore allows us to heavily discount our services to those clients, models, actors and independent contractors who commission us by signing a model release form. This release is not compulsory but image exclusivity will be charged at full premium price (unless other prior agreements have been arranged, such as through a trusted modeling agency).
2.4.2) Therefore we request and reserve the right to use your photographic and/or video content to fulfil our marketing needs. As a result, you may easily be recognised and identified in any images or videos we have of you and any third parties could potentially expose your identity or Personal Information in any public space, or steal and misuse your images in a defamatory or derogatory manner; not intended by us and of which, we would have no control over, and therefore we are not responsible for any such misuse or offending behaviour.
2.4.4) We will however respect your privacy and accept any guidelines to the contrary, if you decide you want to keep your images/videos private and out of public view. In such cases, image exclusivity is available to purchase at full premium price. A non-refundable additional payment of £500.00 will be required to compensate us, for being unable to use your images/videos in any public advertising to further promote our services. However this fee does not include copyright, and the transfer of ownership of any images/videos will be subject to an alternative, higher fee.
2.4.5) In the event that you do authorise us to use your images/videos for promotional purposes, we will never portray you in way that implies you are affiliated with our brand, but instead as a customer who has previously used our services. Neither shall we sell any of your images to third parties such as stock agencies without your prior consent, nor will we ever post content that was maliciously caused and produced, for the purpose and subjection to conspicuous ridicule, pornography, defamatory, scandal, reproach, scorn and indignity.
3.1.1) We take every precaution reasonably necessary to comply with the Data Acts in order to ensure that your Personal Information is treated securely and with the utmost care and attention, and in accordance with this Policy. When you provide us with sensitive information, we maintain it with reasonable safeguards, both online and offline, to the best of our abilities in order to protect your Personal Information against accidental loss, theft, unauthorised access, unlawful use, disclosure, destruction or damage, and when transferring information for processing, whilst it is under our control.
3.1.2) Once we have received your information, we will use strict procedures and security features to try and prevent any unauthorised use. We have put into effect suitable and reasonable physical, technical, electronic, organisational and managerial measures and procedures, to help safeguard and secure the information you provide and trust us with. Any personally identifiable information stored on our own servers, is password protected and secured by our Website and domain host. Access to our Internet, router and Wi-Fi is protected by a mixed WPA2/WPA-PSK encrypted password, and is further restricted using a double-key encryption and wireless access list that only allows access to permitted devices, based on their specific MAC addresses.
3.1.3) As of the 8th November 2016, you will be able to access a constant, secure connection on every page of our Website through Secure Sockets Layer ("SSL"), which is a technology that secures the connection between your browser and our Website. To verify that SSL is protecting a page, look for a URL beginning with https://, instead of http://, and a green, closed padlock icon.
This indicates that your information is safe and allows you to navigate the Website and submit information through a secure connection. SSL provides three important security benefits:
You will be redirected to HTTPS, even if you entered the HTTP version in your browser. Sitemaps contain HTTPS links and search engines will index the HTTPS version. Unfortunately however, unsupported and older browsers will not be able to load the Website.
You may notice a slight difference in the Website load time over HTTPS, as the secure connection takes time to authenticate the certificate and validate the Website. In most cases, the difference is only a few seconds.
On checkout pages, Squarespace are Level 1 PCI compliant and use a 128 bit SSL encryption.
3.1.4) To protect your Financial Information online, we employ trusted third-party vendors like PAYPAL, STRIPE, IZETTLE or SQUARE, who use secure and encrypted databases, protected via a variety of industry standard access controls, such as the latest 128-bit SSL technology for more secure payment transactions. The third-party payment processors we choose to work with claim to be approved by EMV (Europay, MasterCard and Visa) and certified as compliant with card association security initiatives, like the Visa Cardholder Information Security and Compliance (CISP), MasterCard® (SDP), Payment Card Industry Data Security Standard (PCI DSS), and Discovery Information Security and Compliance (DISC).
We also require that all other third parties providing services on our behalf, such as mailing integrations and developers for E-Signatures, protect your Personal Information and not use it for purposes other than providing assistance to us. The various third parties we use for different services are detailed above in the Information Collection and Information Usage provisions.
3.1.5) Your Personal Information may be processed both in and outside of the UK. When you submit your details in whichever country you are situated in, you agree to your information being processed in the UK. We may also process or transfer your Personal Information outside the UK, and possibly to places outside of the European Economic Area, including Norway, Iceland and Liechtenstein (EEA). It may also be processed by staff members operating outside of the EEA who work for us or for one of our suppliers.
Such staff may be engaged in, among other things, the fulfillment of your order, the processing of your payment details and the provision of support services. By submitting your Personal Information, you agree to this transfer, sorting and/or processing. We shall take all reasonable steps to ensure that any transfer of your Personal Information to a country or territory outside of the EEA, whose laws may provide for a lesser standard of protection for your Personal Information, than that provided under European Law, shall have adequate protection (such as model contractual arrangements as approved by the EU).
3.1.6) Where we have given you a username and password (or where you have chosen one for yourself), which enables you to access and log into certain areas of our Website, you are responsible for the safekeeping and confidentiality of that username and password. Account passwords are often encrypted and so we will not be able to see your chosen passwords or resend them to you if you have forgotten them, we can only reset them for you. We ask you to never share any passwords with anyone, to prevent your online accounts from being misused.
3.1.7) Whilst we strive to do our very best in protecting your Personal Information through online transactions and communications, unfortunately absolutely no organisation or website is safe from, or impervious to hackers and viruses. No electronic data transmission or storage of information over the Internet can ever be guaranteed as 100% safe and secure.
Therefore please note that we cannot guarantee, ensure or warrant the security of any information or data that you choose to transmit to us over the Internet, via our Website, or by email, or through any third-party services we use, and so any transmission of data of any kind, is done purely at your own risk. We will not be held responsible or liable for any damages for any breach of security, which is not proven to be a direct result of gross negligence or wilful neglect and misconduct on our behalf.
However, if we become aware of any security breach that causes an unauthorised intrusion into our system that materially affects you, then we will notify you as soon as possible and later report to you the action we took in response of any such incidences. If you have any questions regarding our security practices, please email us and we will endeavour to respond to you within 5 business days.
3.1.8) Offline, the computers, devices and external hard drives we use to process and store any information on, have secure passwords, finger print encryptions and firewalls, and are kept in a securely locked premises that is occupied both day and night. Authorised access to your Personal Information is restricted to those persons who have a legitimate business purpose to know that information, in order to perform specific tasks and provide products or services to you and to those persons whom you have trusted and authorised to have access to such information. We aim to be a mostly paperless office (with the exception of prints), however if we do have any paper documents containing sensitive information, they are stored in a secure location and are destroyed by cross-shredder immediately after use.
We will retain your Personal Information or Financial Information for as long as your account is active or as needed to provide you with our services for a period up to three years. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our Terms, agreements and payment conditions. Upon termination or completion of any contract, agreement or financial liability, all unnecessary sensitive data no longer required, will be destroyed and disposed of quickly and securely.
Any other information that is required for taxation or auditing purposes will be kept securely on file for a maximum of seven years, unless otherwise specified. Information may also be stored for future promotional purposes, or to send gifts to our clients, independent contractors and partners, on their birthdays or during seasonal events such as Christmas, as a goodwill gesture.
We do not actively promote our services to children under the age of 16, nor do we knowingly collect, use or disclose personally identifiable information from anyone less than 16 years of age. If you are aged 16 or under, please get your parent/legal guardian’s permission before submitting any Personal Information to our Website. This may involve us having to access and verify your age and other relevant details to confirm such consent and authorisation.
If we determine upon collection that a user is under this age, we will not use or maintain his/her Personal Information without their parent/legal guardian’s consent. If we become aware that we have unknowingly collected Personal Information from a child under the age of 16 without legal consent, we will make all reasonable efforts to delete such information from our records and databases immediately. In the event that we are given authorisation from a parent or legal guardian to offer our services to their child, we will do so with the utmost care and attention, in order to protect their wellbeing, identity, welfare, innocence and integrity.
We cannot legally contract with anyone under the age of 18, unless their parent/legal guardian has signed a minor release form, and contractual agreement issuing their approval of our services.
We will do our best to keep your data accurate and up to date, to the extent that you provide us with the information we need in order to do that. If your Personal Information changes (like a new email address or postal address), then you are responsible for notifying us of those changes. We only store information about you for as long as it is reasonably necessary to fulfill the purposes that gave us the right to access your information in the first place.
In accordance with our routine record keeping, we may delete certain records that contain Personal Information you have submitted through our Website or other Sites. We are under no obligation whatsoever to store any Personal Information indefinitely and disclaim any liability arising out of, or related to, the destruction of such Personal Information. Conversely, we may however keep some information indefinitely, for reasons already explained in this Policy.
In compliance with the Data Acts, you have the entitled right to request the details of any Personal Information that we hold about you, and your right of access can be exercised in accordance with the Data Acts. If we are legally able, we will provide you in writing, with copies of all the Personal Information we hold about you, and any access request will be subject to an administration charge of £30.00, to cover our time and costs in providing you with details of the information we hold about you. We are also obliged to request that you provide us with identification so that we can be certain that you are entitled to receive the requested data, and so that we may confirm your identity before any sensitive information is released. If you would like a copy of the information held about you, please write to us or send us an email, and we will respond to your request to access within 21 business days.
All Personal Information that we store about you and your account with us; including any subscription, Billing Information and contact information, can be updated or changed at any time if it is incorrect, and we encourage you to keep this information up to date by notifying us of any changes or corrections, so that your customer service requests and billing processes operate efficiently. To make any amendments or changes to your details, please contact us. Please note we do not control certain privacy settings and preferences maintained by our social media partners like Facebook and Twitter. If you wish to make changes to those settings and preferences, you may do so by visiting the settings page of the appropriate social media channel.
Unless law prohibits it, or if we need to protect and defend our moral/copyrights and/or enforce any previously signed contractual agreement, we will endeavour to immediately remove any Personal Information we hold about you from our databases upon your request. We can remove your Billing Information once your contractual obligation has been settled and all outstanding balances have cleared, including any cancellation or late payment fees for payment plans. We may still keep some records of your account history with us, for taxation and auditing purposes, as well as business and sales analysis. You should also be aware that it is not always possible to completely remove or delete all of your information from our databases without some residual data, because of backups and other similar reasons.
Only non-promotional, service emails and system announcements, as described above, will be issued without prior authorisation. You have the right to ask us not to process your Personal Information for marketing purposes. We will endeavour to inform you (before collecting your data) if we intend to use your information for such reasons, or if we intend to disclose your information to any third-party, for such marketing purposes.
If you do not wish to receive promotional notifications from us, about services or products you might be interested in, then you can exercise your right to opt-out and prevent such processing, by checking certain boxes on the forms we use to collect your data, by unsubscribing from our mailing list, or by contacting us directly where we will update your account and not send you any further marketing materials. Upon completely terminating your account with us, you will receive no further communication from us, including service and system related announcements.
You should be aware that Great Britain and other countries have not coordinated their privacy policies, and so conflicts over privacy protection and information usage between different countries and territories may occur. Since we are located in and do the majority of our business and trading throughout the United Kingdom, we have written this Policy to satisfy and comply with UK and EU regulations.
Except to the extent expressly provided otherwise in this provision 5.1, this Policy shall be governed by, construed and enforced in accordance with the laws in the country of England (part of the United Kingdom), and you agree that English Law and the courts of England and Wales will have the exclusive jurisdiction to govern the validity, construction and performance of this Policy, without regard to its choice or conflict of law principles, and shall resolve any dispute or claim, arising out of this Policy. You may not assign, sub-license or otherwise transfer any of your rights under this Policy. Non-contractual obligations (if any) arising out of or in connection with this Policy (including their formation) shall also be governed by English Law.
Any actions, disputes, claims or matters (whether contractual or non-contractual) relating to, arising out of, or in connection with this Policy, or any of the documents to be entered into pursuant to this Policy, shall be brought and heard in the courts located in, and serving the City of Norwich and County of Norfolk, where we are currently based and located, and you hereby waive any jurisdictional, venue or inconvenient forum objections to such courts. You may not assign, transfer or otherwise sublicense, any or all of your rights or obligations under this Policy, to any third-party whatsoever, without our express prior written consent.
All provisions of this Policy, wherever possible, are intended to be as broad and inclusive as is permitted by and valid under applicable English Law. If any provision of this Policy is, at any time, found to be invalid, held illegal, deemed to be unlawful, or otherwise rendered void or for any reason unenforceable by a court, tribunal or other forum of competent jurisdiction in England or Wales, then that provision shall be deemed severable from this Policy, and that decision shall not affect the validity and enforceability of any remaining provisions of this Policy, which will nevertheless continue in full force and effect.
That provision will be reformed only to the extent necessary to render it valid, legal and enforceable, while preserving its intent, or if that is not possible, by substituting it with another provision that is valid, legal and enforceable that gives equivalent effect to the parties’ intent.
Any rule of construction to the effect that ambiguities are to be resolved against the drafting party shall not apply in interpreting this Policy. The language in this Policy shall be interpreted as to its fair meaning and not strictly for or against any party. In this Policy the words “include”, “including”, “includes”, “such as”, “in particular” and any similar expression are to be construed as if they were immediately followed by the words “without limitation”.
We will only notify you via email of any changes becoming effective, if such changes require your immediate attention and differ drastically from the time when you originally submitted your information to us. We will not materially change our Policy and practices to make them less protective of customer information collected in the past, without the consent of all affected customers. We will notify you by email prior to any such change becoming effective.
Whilst we appreciate that our Policy is extremely wordy and lengthy, we have gone to the fullest extent possible to be as open and transparent as we can be regarding the collection, use and security of your Personal Information, and we review our compliance with this Policy regularly in order to continue to improve our privacy procedures. Therefore we treat all valid privacy complaints with the utmost sensitivity, and will endeavour to take all necessary and reasonable actions required to enforce and resolve any privacy disputes quickly, fairly and professionally.
If you send us a written complaint with regards to this Policy and/or our privacy practices, and have included your email address or telephone number, we will endeavour to acknowledge your complaint within 1 business day, and will try to resolve the complaint by written letter, if possible, within 14 business days after receiving your complaint, or at the very least, provide you with an update about the progress made regarding the complaint. If we are unable to resolve any privacy complaints directly, then we may bring in an external mediator or legal representative who will act on our behalf to enforce a fair and timely resolution.
5.5.1) We reserve the right to disclose your personally identifiable information as required by law and when we believe that full disclosure is necessary to protect our rights and/or to comply with a judicial proceeding, court order, or any other legal process served upon us, our subsidiaries, affiliates, officers, representatives, sponsors, advertisers, third parties, independent contractors, employees, agents, partners, or anyone else acting on our behalf.
5.5.2) By using our Website, Sites, or any of our services, offers, promotions, subscriptions or similar, you are giving us your explicit indication and implied consent that you have fully read, understood and agree to comply with all provisions of this Policy, as well as our use of your Personal Information and sensitive data, as detailed above, with a complete and unconditional release of all and any claims of liability to the greatest extent granted by UK law, including giving up your substantial right to sue us for any privacy related reason, which is not proven to be a direct cause of gross negligence or the wilful neglect and misconduct of our company.
5.5.3) You shall also indemnify and hold us harmless against all claims, liability, damages, costs and legal expenses stemming from a breach of this Policy, use of your Personal Information, or failure to abide by any restriction regarding the use of your Personal Information, or any claim made by a third-party related to the use of your Personal Information, unless it can be explicitly proven that the aforementioned was done with malice and intent, and out of accordance and compliance with our stringent Policy practices, as detailed and listed above, as well as our Terms.
Please note email communications are not secure; accordingly, you should not include any financial information or other sensitive information in your email correspondence with us.