Privacy Policy & Data Protection Statement
ICO Registered: Reference ZA474861 (Valid until 27/08/2026)
UK GDPR Compliant | Data Protection Act 2018
Last Updated: 04 December 2025
Policy Version: 2.0
1. Data Controller Information
Business Name: Photographer with a Walker
Legal Entity: Super Photo Cam Ltd
Company Number: NI655628
ICO Registration Reference: ZA474861 (Valid until 27 August 2026)
Registered Office:
Unit 869A, Moat House
54 Bloomfield Avenue
Belfast, BT5 5AD
Northern Ireland, United Kingdom
Data Protection Officer: Lukasz Małec
Email: info@superphotocam.com
Telephone: 07533823338
Website: https://www.photographerwithawalker.com
Super Photo Cam Ltd is registered with the Information Commissioner’s Office (ICO) as a data controller under the UK General Data Protection Regulation (UK GDPR) and Data Protection Act 2018. You can verify our registration at: ICO Register Entry ZA474861.
2. Scope of This Policy
This Privacy Policy applies to all personal data processed through:
- Website: photographerwithawalker.com
- Online shop and purchases
- Email communications (info@superphotocam.com)
- Social media interactions related to our business
- Telephone communications (07533823338)
3. Lawful Basis for Processing
Under UK GDPR Article 6, we process personal data based on the following lawful bases:
| Processing Activity | Lawful Basis | Purpose |
|---|---|---|
| Order processing and fulfillment | Contract (Article 6(1)(b)) | Necessary to perform sales contract |
| Payment processing | Legal obligation (Article 6(1)(c)) | Financial record keeping requirements |
| Customer service communications | Legitimate interests (Article 6(1)(f)) | Responding to inquiries and providing support |
| Marketing communications | Consent (Article 6(1)(a)) | Only with explicit opt-in consent |
| Website analytics | Legitimate interests (Article 6(1)(f)) | Improving website functionality and user experience |
4. Types of Personal Data Collected
4.1 Data You Provide Directly
- Identity Data: Full name, title
- Contact Data: Email address, telephone number, billing/shipping address
- Financial Data: Payment card information (processed securely by PCI-DSS compliant providers)
- Transaction Data: Details of purchases, order history
- Communication Data: Messages, feedback, inquiries
- Marketing Preferences: Consent for marketing communications
4.2 Data Collected Automatically
- Technical Data: IP address, browser type and version, time zone, operating system
- Usage Data: Website visit history, pages viewed, navigation paths
- Cookie Data: See separate Cookie Policy section
5. How We Use Your Personal Data
5.1 Order Processing
- Process and fulfill your orders for prints and digital downloads
- Send order confirmations and shipping notifications
- Manage payments, refunds, and exchanges
- Maintain purchase records for tax and accounting purposes
5.2 Customer Service
- Respond to inquiries and provide support
- Handle complaints and resolve issues
- Send important service updates
5.3 Marketing (With Consent Only)
- Send promotional emails about new prints or collections
- Inform about exhibitions or special offers
- Request reviews or feedback
5.4 Legal Compliance
- Comply with UK tax laws (HMRC requirements)
- Meet Companies Act 2006 obligations
- Prevent fraudulent transactions
6. Data Sharing and Third Parties
We only share your data with third parties when necessary for business operations:
| Third Party | Purpose | Data Shared | Location |
|---|---|---|---|
| Payment Processors (Stripe/PayPal) | Secure payment processing | Payment information, contact details | UK/US (GDPR compliant) |
| Shipping Providers (Royal Mail/DPD) | Order delivery | Name, address, contact details | UK |
| Web Hosting Provider | Website operation | Technical data, contact forms | UK/EU |
| Accountant/Bookkeeper | Financial records | Transaction data, contact details | UK |
All third parties are required to maintain appropriate security measures and comply with UK data protection laws.
7. International Data Transfers
Your data is primarily processed within the UK. Any international transfers (e.g., to US-based payment processors) are protected by:
- UK International Data Transfer Agreement (IDTA)
- EU Standard Contractual Clauses (SCCs)
- Adequacy decisions where applicable
8. Cookies and Tracking Technologies
8.1 Essential Cookies
Required for website functionality:
- Session cookies for shopping cart
- Authentication cookies for user accounts
- Security cookies for fraud prevention
8.2 Analytics Cookies
Used to understand website usage (you can opt-out):
- Google Analytics (anonymized data)
- Heatmap tools for UX improvement
8.3 Marketing Cookies
Only used with explicit consent:
- Facebook Pixel (if used)
- Email marketing tracking
You can manage cookie preferences through our Cookie Settings page.
9. Data Retention Periods
| Data Type | Retention Period | Legal Basis |
|---|---|---|
| Purchase records | 7 years from transaction | HMRC requirements |
| Customer communications | 3 years from last contact | Legitimate interests |
| Marketing consents | Until withdrawal of consent | Consent |
| Website analytics | 26 months | Legitimate interests |
| Financial records | 6 years + current year | Companies Act 2006 |
10. Your Data Protection Rights (UK GDPR)
Under UK data protection law, you have the following rights:
Right of Access
Request a copy of your personal data we hold (Subject Access Request).
Right to Rectification
Request correction of inaccurate or incomplete data.
Right to Erasure
Request deletion of your data (“right to be forgotten”) in certain circumstances.
Right to Restriction
Request limitation of processing in specific situations.
Right to Data Portability
Receive your data in a structured, machine-readable format.
Right to Object
Object to processing based on legitimate interests or for direct marketing.
Right to Withdraw Consent
Withdraw marketing consent at any time (without affecting lawful processing).
Right to Complain
Lodge a complaint with the ICO if concerned about our data handling.
11. How to Exercise Your Rights
To exercise any of your data protection rights, please contact us:
By Email: info@superphotocam.com (Subject: Data Protection Request)
By Post: Data Protection Officer, Super Photo Cam Ltd, Unit 869A, Moat House, 54 Bloomfield Avenue, Belfast BT5 5AD
By Phone: 07533823338 (Monday-Friday, 9am-5pm)
We will respond to all legitimate requests within one month. We may require specific information to confirm your identity before processing requests.
12. Data Security Measures
We implement appropriate technical and organizational measures including:
- SSL encryption for all data transmissions
- Secure payment processing through PCI-DSS compliant providers
- Regular security updates and vulnerability scanning
- Access controls and password policies
- Employee data protection training
- Regular data protection impact assessments
13. Data Breach Procedures
In the event of a personal data breach, we will:
- Contain and assess the breach immediately
- Notify the ICO within 72 hours if required
- Inform affected individuals if there is high risk to their rights
- Document all breaches for compliance records
14. Changes to This Privacy Policy
We may update this policy periodically. The latest version will always be available on our website with the “Last Updated” date. Significant changes will be communicated to registered users.
15. Contact & Complaints
Data Protection Officer: Lukasz Małec
Supervisory Authority:
Information Commissioner’s Office (ICO)
Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF
Telephone: 0303 123 1113
Website: ico.org.uk
If you have concerns about our data processing, you have the right to lodge a complaint with the ICO.