Privacy Policy
At Photo Walks of London (photowalksoflondon.com), we are firmly committed to protecting the privacy and personal data of our users, customers, and website visitors. This Privacy Policy sets forth how we collect, use, disclose, and safeguard your information in accordance with the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and all other applicable data protection laws. Our privacy-first approach ensures that your rights are respected and your data handled responsibly at every step.
1. Scope of Policy and Data Controller Role
This Privacy Policy applies to your access and use of our website, photowalksoflondon.com, and any related services. The data controller for the processing of personal data under this Policy is Photo Walks of London. For purposes of relevant data protection laws, we determine the purposes and means of the processing of your personal data.
If you have any questions or concerns about this policy or our practices, please contact us at: [email protected].
2. Categories of Data Processed
We may collect, use, and process the following categories of personal data:
a. Usage Data: Includes information about how you use our website, such as your IP address, browser type, device information, operating system, pages viewed, referring website URLs, and session duration.
b. Account Data: Includes identifying information provided when creating an account or booking a walk, such as your full name, email address, phone number, and residential or billing address.
c. Profile Data: Includes details about your activities, purchases, preferences, interests, and feedback that help us tailor your experience and improve our services.
d. Communication Data: Includes records of correspondence with us, such as support queries, contact forms, email communications, and interaction logs.
e. Technical Data: Includes technical identifiers such as device type, system configuration, time zone settings, browser plug-in types, and other diagnostic data.
f. Transaction Data: Includes payment-related details and details of products or services purchased from us, delivery information, dates of purchase, and receipt numbers. We do not store full credit card numbers; payments are processed via secure third-party providers.
g. Preference Data: Includes your opt-in or opt-out selections for marketing communications, interest topics, and website personalization settings.
3. Legal Bases for Processing
We process your personal data only where we have a lawful basis under GDPR and similar frameworks, including:
– Contractual Necessity: To perform a contract with you, such as fulfilling bookings and delivering our services.
– Legitimate Interests: To operate, optimize, and secure our website and services, provided such interests are not overridden by your data rights.
– Consent: Where we rely on your explicit agreement, for instance, in subscribing to marketing emails or accepting non-essential cookies.
– Legal Obligation: Where necessary to comply with a legal or regulatory obligation, such as for tax or law enforcement purposes.
4. Your Rights
Under applicable data protection laws, you have the following rights:
– Right of Access: Request access to the personal data we hold about you.
– Right to Rectification: Request correction of inaccurate or incomplete data.
– Right to Erasure (“Right to be Forgotten”): Request deletion of your data under certain conditions.
– Right to Restriction of Processing: Request restriction of data use in specific circumstances.
– Right to Data Portability: Receive a copy of your data in a structured, commonly used format.
– Right to Object: Object to our processing, particularly regarding direct marketing or processing under legitimate interests.
– Right to Withdraw Consent: Where you have provided consent, you may revoke it at any time without affecting prior processing.
To exercise your rights, please contact [email protected]. We honor such requests within the timeframes required by law.
5. Security Measures
We implement industry-standard technical and organizational security measures to ensure the confidentiality, integrity, and availability of your personal data. These include:
– Encryption of data in transit (e.g., SSL/TLS for our website)
– Secure access controls with password protections and role-based access
– Routine server and data backups
– Ongoing employee awareness and data protection training
– Regular audit and monitoring of systems for vulnerabilities
6. International Transfers
If we transfer your personal data outside of the United Kingdom or European Economic Area (EEA), we do so only under lawful mechanisms such as Standard Contractual Clauses approved by the European Commission or UK’s equivalent safeguards. Where CCPA applies, we ensure that such transfers are in accordance with California privacy standards.
7. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including legal, regulatory, accounting, or reporting requirements. Specific data retention periods include:
– Usage & Technical Data: Up to 24 months
– Account & Profile Data: For the duration of your account and up to 6 years after inactivity
– Communication Data: Up to 3 years from the last communication
– Transaction Data: Stored for 7 years for accounting compliance
– Preference Data: Retained until update or withdrawal of consent
After these periods, data is securely deleted or anonymized.
8. Cookie Policy
Photowalksoflondon.com uses cookies and similar technologies to enhance your browsing experience and improve our services. We categorize cookies as follows:
– Essential Cookies: Required for site functionality, including navigation, user sessions, and security.
– Functional Cookies: Enhance usability and preferences (like remembering login details or location settings).
– Analytics Cookies: Help us understand site traffic and performance through services like Google Analytics.
– Performance Cookies: Monitor and improve site speed, responsiveness, and availability.
9. Cookie Management & Compliance
Upon your first visit, our site presents a cookie banner requesting your consent for non-essential cookies. You can manage or withdraw your cookie preferences at any time via our Cookie Settings tool. Under both GDPR and CCPA, we:
– Respect “Do Not Sell My Personal Information” requests by ensuring no sale of personal data to third parties.
– Offer opt-in consent to non-essential cookies and personalized advertising.
– Respond to consumer rights requests consistent with CCPA and GDPR timelines.
10. Children’s Privacy
Our services are not directed toward individuals under the age of 13. We do not knowingly collect personal data from children under 13 without verified parental consent. If you believe that a child under 13 has provided us with personal data, please contact us immediately at: [email protected] so we can take appropriate steps.
11. Policy Updates
We may update this Privacy Policy from time to time to reflect legal, technical, or service-related changes. When material updates occur, we will post a notification on our website and update our privacy communications accordingly. Continued use of photowalksoflondon.com following changes to this Policy indicates your acceptance of the revised terms.
12. Contact
If you have any questions about this Privacy Policy, your personal data, or how we comply with data protection laws, please contact us at:
Email: [email protected]
We are committed to addressing all privacy concerns in a prompt, lawful, and transparent manner.
—
Photo Walks of London is fully committed to compliance with GDPR, CCPA, and all applicable privacy regulations to ensure your personal data is handled with the utmost care. You may reach us at any time at [email protected] with questions or requests related to your personal data.