We at Gorgon Photography use a hosting site through which we run this website and sell photographs. Their GDPR policy is as follows:
Why does Zenfolio need personal information?
Operation of our Services necessarily requires in the collection of “personal information,” which is defined in the CCPA broadly to include data that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer, household or device. The categories of personal information that we collect are listed below, but here are a few examples of why we need to collect personal information:
For example, in order to process orders, we collect similar information from the photographers’ customers, such as, such as name, shipping address, email address, phone number and payment information.
We only collect personal information from you when you use our Services or interact with our customer support personnel. We don’t collect any personal information from any other source.
Also, we don’t sell your personal information. We use it only to enable the Services. Please note that we cannot provide the Services if you don’t allow us to use your personal information, so if you don’t like that your personal information will be used for that purpose, we can’t provide Services to you. By user our Services, you are expressly consenting to our use of your personal information for that purpose.
What categories of personal information does Zenfolio collect?
Below is a summary of the categories of personal information we may have collected from consumers within the last twelve (12) months and the main purpose for its collection. Please note that not all of the information identified below is collected from every end user.
|Customer transaction information||Name
|To provide our Services, to enable ecommerce transactions, to fulfill orders, and to communicate with customers|
|Sensitive personal information||Information about images uploaded by photographers, which may include facial recognition data. Photographers, not Zenfolio, control the use of facial recognition tools and the identification of facial recognition data to a name or identity of an individual.||For sorting or organizing photographs in a gallery.|
We will not collect additional categories of personal information from you or use it differently than as described unless we provide you with advance notice and obtain your consent.
Where is the data held?
Zenfolio utilizes data centers in the United States, where all of our necessary systems are located. Some of our support programs leverage affiliated companies in the European Union (EU) to provide customer support, and those European-based customer support teams may have remote access to account information, but they do not store that information. Transfers of personal data to and among our affiliates are subject to terms of intercompany agreements governing the transfer of data to the United States and protection of that data under applicable law. Also, we require that you acknowledge and agree to allow us to transfer data to the United States, so if you’re not willing to provide that consent, you shouldn’t use our products and services.
What safeguards does Zenfolio utilize to protect data?
We take appropriate technical and organizational measures for our systems to comply with data privacy to ensure a level of data protection appropriate to the risk resulting from the processing of personal data, taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing, as well as the severity and likelihood of realization of risks for the rights and freedoms of folks who’ve provided the data.
What do I do if I have concerns about use of my data?
Attn: Legal Department – Privacy
3515-A Edison Way
Menlo Park, California 94025