Heather Ann Photography Privacy Policy
Privacy Policy
Effective Date: 07/23/2023)
Last Updated: 07/23/2023
The website http://www.heatheraphotos.com (our “Website”) is owned by Heather Ann Photography. At Heather Ann Photography (also dba Heather Ann Photo Booth), “we,” “us,” or “our”), we care about your privacy and how we collect, use, or share the information you provide to us. We are committed to protecting your privacy and personal information by complying with this Privacy Policy.
By visiting our Website, you agree that any information you contribute or provide to us is subject to this Privacy Policy. As a visitor or user of this Website, you agree to all terms in this Privacy Policy and the accompanying Terms of Use.
This policy details your right to choose how we collect, use, and disclose your data. Through your use of our Website, you may be asked to indicate your choice to opt out of receiving “cookies” or unsubscribe to our mailing list.
This policy applies to any information collected on this Website and information you provide to us offline, including, but not limited to, information you provide via phone and email.
If you have any questions about this Privacy Policy, please get in touch with us at hello@heatheraphotos.com.
Children’s Online Privacy Protection Act (COPPA)
You must be 18 years old or older and have the requisite mental capacity to agree to this Privacy Policy to access our Website. In compliance with COPPA (Children’s Online Privacy Protection Act.), this Website is not for use by those under the age of 13 or those under the age of 18 without parental consent. We do not knowingly collect personal information from children under the age of 13, nor do we specifically market to children under the age of 13.
The Children’s Online Privacy Protection Act (COPPA), enforced by the Federal Trade Commission, sets forth requirements for websites and online services to protect children’s safety and privacy. If you are under the age of 13, do not send us any personal information. We encourage parents to monitor their children’s Internet usage continually. If we learn that we have unknowingly collected or received personal information from a minor under the age of 13, we will delete this information and/or attempt to obtain parental consent. If you have any reason to believe we may have unknowingly collected data from a minor under the age of 13, please get in touch with us at hello@heatheraphotos.com.
What Data We Collect
When you visit our Website, join our email list, contact us through our Website, interact with us on social media, and make purchases on our Website, we collect different types of information from you.
This may include the collection of personal data by which you may be identified personally, like your name, email address, telephone number, postal address, demographic information (age, gender, education level etc.), and any other identifying information.
Data collected may also include financial data transmitted when you order, purchase, exchange, or return a product or service from our Website or any mobile apps. This data may include credit card or bank details related to your payment method, which is transferred to our third-party payment processors [PayPal, Square. You should review the privacy policies of these third-party payment processors.
We may also collect derivative data when you visit and use our Website, including your IP address, the date and time of your visit, your country of origin, and the type of browser you used. Furthermore, if you access our Website via a mobile device or app, we may collect information from your device, such as location information, model and manufacturer, and device ID.
Through social networking websites and apps, like Facebook, Instagram, and other social networking sites, we may access publicly available information such as your name, account username, profile photo, email address, age, location, gender, and other publicly displayed information. You may limit this access by changing your privacy settings on each social networking site.
If you provide us with additional information to participate in a survey or giveaway, that information will also be subject to the terms of this policy.
How and Why We Collect Data
Through your consent, we manually collect the information you provide. For example, if you join our email list by opting in for a free resource or otherwise subscribing, based on your consent to receive direct marketing materials, all emails you receive from us will state the sender of the email clearly and give you instructions on how to unsubscribe from our email list or contact us with any questions or concerns to ensure compliance with the CAN-SPAM Act. Our legal basis for collecting this information is your consent.
We may also collect or send standard “cookies” to occasionally identify your browser or device information and collect information through Automatic Data Collection Technology. We may use session cookies that expire when you close your browser and persistent cookies that remain on your computer until you delete them. You can accept or decline cookies in your web browser settings. No personally identifiable information will be included in cookies, and other than the methods described above, we will not use any other mechanisms to capture data on our website. Our legal basis for collecting this information is our legitimate interest in monitoring and improving our website, business operations, marketing efforts, and proper business protection against risks.
To obtain statistical data and provide relevant information, we may also collect data on how you use our website, including your browsing activity, browsing patterns, IP address, device information, internet connection, and other actions via Google Analytics and Facebook Pixels. We may also receive personal data from other third parties like Google, PayPal, and other third-party payment processing companies. We use these technologies in compliance with all policies of third-party providers. Our legal basis for collecting this information is our legitimate interest in monitoring and improving our website, business operations, marketing efforts, and proper business protection against risks.
The personal data we collect is used to create and administer your account, generate a personalized profile for you, compile statistics on site use, analyze trends, correspond with you, interact on social media with you, deliver targeted advertising, process payment, refunds, deliver any goods or services you purchased, communicate new products and services we think you might be interested in, update you on products and services, request feedback from you, resolve and troubleshoot disputes and problems, prevent fraudulent use of our website, and assist law enforcement when necessary. Our legal basis for collecting this information is our legitimate interests in monitoring and improving our website, business operations, marketing efforts, and proper business protection against risks.
How Long Your Data Will Be Stored
We use reasonable measures to ensure that your information remains confidential. Personal information is stored through a data management system. For as long as you choose to remain on our email list, we will retain a minimum amount of personal information, including your name, email address, and your behavior on our Website. Any additional personal information will be retained as long as necessary to fulfill legal obligations, resolve disputes, or as reasonably determined.
Information Protection and Security
We use commercially reasonable methods to safeguard the personal data you provide to us and the personal data we collect automatically. We use reasonable online security measures and reputable third-party vendors compliant with generally accepted security and safety measures, including a Secure Sockets Layer (SSL) on our website to help secure information. Please note that we cannot guarantee that all information transferred will be secure, and if we become aware of a data breach, we will notify the necessary parties promptly of all the information we have.
By using our website, you agree that should your information be intercepted in this way without our knowledge, consent, or permission, you will hold harmless [business name], including a release of all claims related to using such information by such an unauthorized party.
Due to the nature of our business and information collection activities, we have determined that we do not process sensitive data on a large scale, nor do our core activities involve processing operations requiring regular or systematic data subject monitoring. We have concluded that appointing a Data Protection Officer is unnecessary for these reasons.
Providing Your Personal Data to Others
For very limited purposes, like legal assistance, accounting, or technical support, we may share your confidential information with necessary third parties. Any parties who access your information will keep your information confidential. To the best of our ability, we will not share your data with any unnecessary parties. If, in good faith, we determine that disclosure of your information is necessary to protect the rights of our business or comply with the law, prevent or mitigate a crime, or protect the rights or safety of our other website users, we may do so. We may also disclose necessary information in the event of a sale of [Heather Ann Photography.
Third-Party Sharing
We are not responsible for the policies or information handling of third-party websites or third-party apps.
Your Rights
Under this policy and applicable laws, you have certain rights when it comes to controlling and protecting your private data:
You have a right to request that your information be deleted and no longer retained. Upon your request, we will remove your information from our database.
You have a right to “unsubscribe” by hitting the “unsubscribe” button at the bottom of any email we send you at any time.
You may also contact us to request access to information that [business name] retains about you to be updated, edited, or deleted from our database at any time.
You have the right to contact us about how your data is collected, stored, or used and request a copy of our data.
You may also contact us to restrict how we process your data in certain circumstances.
You have the right to be forgotten, meaning you can withdraw your consent to give us your personal information by clicking the “unsubscribe” button at the end of any email you receive.
You may contact us at:
Heather Ann Photography
hello@heatheraphotos.com
14485 S Robert Trl, Rosemount, MN 55068
CAN SPAM Act
In compliance with CANSPAM, we agree to allow users to unsubscribe using a link provided at the bottom of every email, honor opt-out requests, monitor compliance with third-party email services, not use false or misleading email addresses or email subjects, reasonably identify advertisements, and provide the physical address of our business.
California Online Privacy Protection Act (CalOPPA)
Under CalOPPA, we agree that users can visit our site anonymously. After entering our website, we will add a link to this privacy policy on our home page or the first significant page. Any changes to this Privacy Policy will be published on our privacy policy page.
If you are a California resident, once a year and free of charge, you have the right to obtain from us: information about what data we disclose to third-party marketers and the names and addresses of each third party we disclose your personal data to.
If you are a California resident under the age of 18, you have the right to request that we remove any data you publicly post on our Website. Note that we may not be able to remove that data from our systems completely.
You may use the contact information listed above to make such requests.
GDPR Compliance and Privacy Shield Notice
To comply with the European Union’s General Data Protection Regulation (“GDPR”), we confirm that we have lawful grounds for processing the information we collect from you and a legitimate interest in responding to user inquiries. You may request that your information be deleted or edited at any time. No sensitive personal data is collected. To the best of our ability, we have researched and concluded that all third-party data processors we use have advised us they also comply with the General Data Protection Regulations.
Our Website is hosted by servers located in the United States. Appropriate safeguards, namely the EU-US Privacy Shield, protect the transfer of data internationally from individuals residing in the European Union to our servers in the United States. If you reside in the EU, we collect and transfer your personal data to the U.S. only with your consent, to perform a contract with you or to fulfill a compelling legitimate interest of [your business name]. We enter into model clauses and data processing agreements with vendors whenever appropriate and feasible to protect your privacy.
Legal Basis for Storage of Data Collected under GDPR
Art. 6(1) lit. (a) the GDPR serves as the legal basis for processing data for which we have obtained your consent to process.
Art. 6(1) lit. (b) the GDPR serves as the legal basis for processing your personal data when necessary to fulfill a contract or a contract-like relationship with you.
Art. 6(1) lit. (c) of the GDPR serves as the legal basis for processing your personal data to fulfill a legal obligation.
Art. 6(1) lit. (f) of the GDPR serves as the legal basis for processing your personal data when it is necessary to safeguard our or a third party’s legitimate business interests or your fundamental rights, freedoms, or interests that do not require protecting your personal data.
Third-Party Links Are Not Covered by This Policy
If we provide links to third-party websites, please note that this Privacy Policy does not cover any information collected on those websites. If you click on a link and access another website, this Privacy Policy does not attach. By using our Website, you acknowledge and agree that we are not responsible for the policies or practices of any third parties. You should review the privacy policies of each website you visit.
Jurisdiction and Applicable Law
The servers and parties that make this Website available are located within the United States. Any matters relating to the Website will be governed by the laws of the United States and the State of [insert], as well as the General Data Protection Regulation (GDPR), as it applies to residents of the European Union.
Updates and Changes to Privacy Policy
The terms of this Privacy Policy may change from time to time. Please refer back to this policy regularly. By accessing and using this Website, you agree to any such changes we make to this Privacy Policy.
Contact Information
Please read and review this Privacy Policy carefully. If you have any questions about this policy or your rights within this policy or would like to review, update, or delete your information from our database, please get in touch with us at:
hello@heatheraphotos.com
14485 S Robert Trl, Rosemount, MN 55068