Privacy Policy & GDPR
GDPR – General Data Protection Regulation
The General Data Protection Regulation (GDPR) is a European privacy law. The GDPR regulates how individuals and organisations may collect, use, and retain personal data. The regulation affects organisations based in the EU and organisations involved in processing EU citizens’ personal data.
The Fine and DandI site is hosted by Bluehost, a US-based company. Since people in the EU can visit sites hosted by GoDaddy, GoDaddy and its customers are subject to the GDPR.
Bluehost have been working to ensure compliance with the GDPR. This work includes reviewing how Bluehost stores and uses data about and on behalf of its customers. Bluehost is also doing the following:
> Updating its Terms of Service and Privacy Policy to be more transparent about Bluehost’s use and treatment of data. These updates will include the addition of a data processing agreement.
> Implementing internal processes to help Bluehost’s customers comply with EU data subject rights.
> Implementing any product changes that need to take place subject to the GDPR.
The GDPR requires that certain safeguards be put in place when transferring personal data outside the EU. Bluehost is already self-certified to the EU-US Privacy Shield, which allows the company to lawfully transfer EU personal data to our US-based datacenters.
Privacy, Cookie and Copyright Policy
Fine and DandI is hosted and secured online via Bluehost.com. Bluehost’s privacy policy can be found here.
Data Collection and Licensing
Fine and DandI does not collect or store any customer financial data. Rights managed licence and personal use transactions are facilitated by with PayPal. No details are passed to Fine and DandI other than address and e-mail information where required to complete a transaction.
Fine and DandI does not operate a mailing list of any kind. We do not send unsolicited e-mails or practice other bulk messaging strategies. We will only contact you by e-mail if you have requested notification that a particular gallery is online or to complete/facilitate a transaction.
Fine and DandI does not operate its own online server hosting customer data. Any such data is hosted securely via Godaddy’s servers or, if held locally, offline. Fine and DandI only collects the following information:
> Contributor contact/payment details. These details are held so that we are able to process payments promptly and in order to communicate with our contributors.
> Our images contain industry standard IPTC metadata. The caption/description field of the metadata includes details of events and, in some cases, those participating in the events.
> The IPTC data is stored on the secure Bluehost’s servers to allow for editorial usage of our images and complies with the standard requirements of regional, national and global media companies.
> A limited amount of customer data may be stored locally (offline); specifically e-mail addresses where you have asked for notifications to be sent and address details if you have placed an order that requires a postal address.
Fine and DandI, in conjunction with Bluehost, will comply with any request to delete data that it holds on its system.