Privacy policy

Introduction

In order to deliver products and services, Gerlach Delissen Photography, hereinafter referred to as “GDP”, processes personal data. This is data relating to natural persons. The processing of this personal data takes place with the greatest possible care and in compliance with the European General Data Protection Regulation (GDPR), as well as national laws and regulations current at the time of processing.

The GDPR requires that GDP provide insight into the manner in which personal data is processed, including the nature of the personal data, the legal basis and purpose of the data processing, and the rights that data subjects can exercise in this regard.

GDP will evaluate the privacy policy from time to time to verify whether this policy is still current.

Controller

Gerlach Delissen Photography
Bergstraat 14
6129 CZ Urmond
www.gerlachdelissen.com
[email protected]
Chamber of Commerce number: 14089812

Personal data that is processed

GDP processes the following personal data:

General personal data:

  • surname
  • first names
  • address
  • telephone number
  • email address

Processing basis

GDP processes personal data only if:

  1. the data subject whose data is concerned has given consent;
  2. the processing is necessary for the performance of a contract that GDP has concluded with the data subject;
  3. GDP must comply with a legal obligation;
  4. a legitimate interest of GDP, which also includes bringing GDP’s products and services to the attention of the data subject.

Processing purpose

The (personal) data mentioned above are used for the following purposes:

  • execution of assignment or contract with data subject
  • invoicing
  • delivery of products (photos, other materials) or services
  • information about changes to products and services
  • marketing, promotion, advertising, sending newsletters
  • telephone contact, email contact
  • compliance with legal obligations

Sharing personal data with third parties

GDP does not in principle provide your data to third parties and will only provide it to third parties if this is necessary for the performance of a contract concluded with you or to comply with a legal obligation. We conclude a processor agreement with organizations that process your data on our behalf to ensure the same level of security and confidentiality of your data. GDP remains responsible for these processing activities.

Retention period of personal data

GDP will not retain the collected personal data longer than strictly necessary, or legally required, to achieve the purposes for which the data was collected. For this we apply the statutory retention periods:

The data subject has the right at all times to object to the use of his or her personal data for marketing purposes, sending newsletters or advertising. This can be done via the GDP website or by telephone or email. GDP will then no longer use the data subject’s data for those purposes.

Use of cookies on website

GDP only uses technical and functional cookies. A cookie is a small text file that is stored on your computer, tablet or smartphone when you first visit this website. The cookies we use are necessary for the technical operation of the website and your ease of use. They ensure that the website works properly and remember, for example, your preferred settings. We can also use them to optimize our website. In addition, we place cookies that track your browsing behavior so that we can offer customized content. You can opt out of cookies by setting your internet browser so that it no longer stores cookies. In addition, you can also delete all information that was previously stored via the browser settings.

Security of personal data recorded by GDP

GDP takes the protection of your data seriously and takes appropriate measures to prevent misuse, loss, unauthorized access, unwanted disclosure and unauthorized modification. If you have the impression that your data is not properly secured or there are indications of misuse, please contact GDP. If a data breach does occur, GDP will immediately take all necessary steps to limit the consequences of the data breach as much as possible. GDP will report the data breach to the Personal Data Authority within 72 hours if there is a privacy risk. If harmful consequences are foreseeable for the data subjects, GDP will immediately contact these data subjects.

Right to access, correction, restriction and deletion; right to complain

You have the right to request access, correction, restriction and deletion of your data. To do so, you can contact GDP via [email protected].

Withdrawal of consent

You have the right to withdraw consent granted in the context of the above-mentioned processing of personal data, insofar as this does not conflict with other legislation (such as, for example, data that is required for financial administration), or does not unnecessarily violate GDP’s fundamental rights, such as the right to freedom of expression and information (including artistic and journalistic freedom). Contracts signed by you regarding the use of photos in the context of, for example, portrait rights, such as a model agreement and/or quit claim, are in principle excluded from the right to withdraw consent.