Image Art Privacy Policy
Information pursuant to Articles 13, 14, and 21 of the EU General Data Protection Regulation (GDPR)
Last updated: 15 May 2018
1. Who We Are (Data Controller)
Image Art (“we,” “us,” or “our”) is responsible for the processing of personal data under this Privacy Policy.
Image Art
Attn: Tim Macdonald
236 Rock Road, Unit B
Glen Rock, NJ 07452
United States
Email: imageart411@gmail.com
2. Scope of This Privacy Policy
This Privacy Policy explains how Image Art collects, uses, stores, and protects personal data in connection with our photographic services, websites, online galleries, events, and communications. It applies to customers, event participants, website visitors, and anyone who interacts with our services.
Where applicable, this policy complies with:
The EU General Data Protection Regulation (GDPR)
Relevant U.S. privacy and consumer protection laws
3. Sources and Types of Personal Data We Collect
3.1 Data You Provide to Us
We collect personal data that you provide directly, including:
Name, address, email address, and phone number
Order, payment, and billing information
Communications with us (emails, contact forms, support requests)
Consent forms and preferences
3.2 Data We Receive from Third Parties
Where necessary to provide our services, we may receive personal data from third parties such as:
Schools, daycares, leagues, or event organizers
Authorized partners involved in event coordination
3.3 Automatically Collected Data
When you visit our website or online galleries, we may collect:
IP address (in anonymized or truncated form where applicable)
Device and browser information
Usage and interaction data via cookies or analytics tools
4. How and Why We Use Personal Data (Legal Basis)
We process personal data only where permitted by law.
4.1 Performance of a Contract (Art. 6(1)(b) GDPR)
We process personal data to:
Provide photographic services
Capture, edit, display, sell, and deliver images
Fulfill orders placed through our online systems
Manage customer accounts and transactions
4.2 Legitimate Business Interests (Art. 6(1)(f) GDPR)
We may process personal data where necessary for legitimate business purposes, including:
Operating and improving our services
Website security and fraud prevention
Customer support and communication
Legal compliance and dispute resolution
Limited marketing and promotional communications (unless you object)
When photographs are taken at events, we process personal data based on our legitimate interest in fulfilling the contracted photography services and offering images for viewing and purchase. Individuals are informed of their right to object. Any objection applies only to future processing.
4.3 Consent (Art. 6(1)(a) GDPR)
Where required, we rely on your explicit consent, including for:
Publication or promotional use of images
Email and SMS notifications
Optional marketing communications
You may withdraw consent at any time. Withdrawal applies only to future processing.
4.4 Legal Obligations (Art. 6(1)(c) GDPR)
We process and retain personal data where required by law, including:
Accounting and tax records
Invoicing and transaction documentation
5. Sharing of Personal Data
We do not sell personal data.
We may share personal data only with trusted service providers where necessary, including:
Website hosting and IT providers
Photo hosting and gallery platforms (e.g., gotphoto)
Printing, production, and fulfillment partners
Shipping and logistics providers
Payment processors
Legal or regulatory authorities when required by law
All service providers are contractually obligated to protect personal data.
6. Data Retention
We retain personal data only as long as necessary to:
Fulfill contractual obligations
Meet legal and accounting requirements
Resolve disputes or enforce agreements
Retention periods generally range from 2 to 10 years, and in some cases longer where legally required.
7. International Data Transfers
Image Art is based in the United States. Where personal data of EU residents is processed or transferred outside the European Economic Area (EEA), appropriate safeguards are used, such as contractual protections or consent, in accordance with GDPR requirements.
8. Your Privacy Rights
Depending on your location, you may have the right to:
Access your personal data
Request correction of inaccurate data
Request deletion of your data
Restrict or object to certain processing
Request data portability
Withdraw consent at any time
File a complaint with a data protection authority (EU residents)
Requests may be submitted to:
📧 imageart411@gmail.com
9. Cookies and Tracking Technologies
Our website uses cookies and similar technologies to improve functionality and analyze usage. You may disable cookies in your browser settings; however, some features may not function properly.
Third-party services may include:
Google Analytics
Google Ads
New Relic
gotphoto (Fotografen Online Service GmbH)
10. Social Media and External Links
Our website may include links or plugins to third-party platforms such as Facebook, Instagram, Pinterest, or Google services. These platforms operate independently and are governed by their own privacy policies. We use activation-based (two-click) solutions where possible to limit automatic data sharing.
11. Right to Object (Art. 21 GDPR)
General Objection
You may object at any time to processing based on legitimate interests.
Direct Marketing
You may object at any time to the use of your personal data for marketing purposes. Upon objection, your data will no longer be used for such purposes.
All objections may be submitted to:
📧 imageart411@gmail.com
12. Changes to This Policy
We may update this Privacy Policy from time to time to reflect legal, technical, or business changes. The most current version will always be available on our website.
