Privacy Policy for PhotoConsent
Updated July 6, 2022
PhotoConsent is committed to safeguarding and protecting your information. Below you can read more about the processing of your personal data, the purpose of such processing, and your rights regarding the handling of your personal information.
Purpose of Processing Personal Data
Personal data refers to information that can identify an individual. Processing personal data, also known as data processing, includes actions such as storing, accessing, and transferring the information for a specific purpose.
PhotoConsent helps photographers and others who handle photographs (hereinafter referred to as “PhotoConsent’s customers”) obtain consent for processing a subject’s personal data, including photographs of them (referred to as “photo subjects”). PhotoConsent provides a service designed to make it easier for photographers to comply with data protection laws. PhotoConsent also offers to store obtained consents. These consent forms may include the photograph in question or an image for identifying the consenting individual (the photo subject).
Regarding photo subjects, PhotoConsent only receives and processes personal data as outlined in the consent form signed by the photo subject at the request of PhotoConsent’s customers. PhotoConsent’s customers may choose to attach photographs of the data subject in the collected consent forms. PhotoConsent cannot access or manage individual consent forms, nor can it view photographs that may be linked to consent forms stored on behalf of its customers. The processing of personal data, including photographs, is an agreement between the photographer and the subject, and PhotoConsent is not responsible for it. Questions and requests regarding photographs you are a subject in should be directed to the relevant photographer, not PhotoConsent.
Regarding PhotoConsent’s customers, only the information necessary to fulfill PhotoConsent’s service is collected and processed.
PhotoConsent has entered into data processing agreements with the companies it works with to ensure compliance with rules and principles for personal data protection.
In rare cases, PhotoConsent may be legally required to disclose information to authorities, insurance companies, banks, or others with a legitimate right to access the information.
PhotoConsent has taken necessary technical and administrative measures to prevent the accidental or unlawful deletion, publication, loss, degradation, or unauthorized access, misuse, or processing of data in violation of the law.
Categories of Personal Data
PhotoConsent collects contact information such as name, address, phone number, and email address from the individual or company using its service. This information is provided solely by PhotoConsent’s customers.
In some cases, PhotoConsent’s customers may include photographs of data subjects in consent forms.
PhotoConsent processes payment information from its customers to fulfill its services.
PhotoConsent’s website processes technical information about the devices of customers and visitors. This includes, but is not limited to, a unique ID, technical information about your computer, tablet, or mobile phone, your IP address, geographic location, and the pages you click on. The website uses cookies, which are text files stored on your device to recognize it, remember settings, perform statistics, and target advertisements.
PhotoConsent only stores and processes the information necessary to fulfill its services and comply with documentation requirements from authorities or other legitimate entities.
Recipients of Personal Data
To securely and reliably store consent forms for its customers, PhotoConsent uses servers from Scannet A/S, based in Denmark. This means that the consent forms containing personal data of photo subjects and PhotoConsent’s customers are transferred to and stored by Scannet A/S. Scannet A/S only provides hosting for the consent forms and cannot access the personal data within them.
Contact information and other personal data of PhotoConsent’s customers will not be shared outside PhotoConsent’s organization unless explicitly agreed with the individual or company providing the data or if required by legitimate claims, such as from authorities.
Data Retention
The personal data belonging to PhotoConsent’s customers is retained as long as the customer uses PhotoConsent’s services. If the customer ceases to use the service or violates the agreement with PhotoConsent, the data will be stored for at least 6 months unless the customer exercises their right to request deletion. Inactive customer data will be deleted no later than 1 year after becoming inactive.
Personal data related to photo subjects in consent forms stored by PhotoConsent will be retained as long as PhotoConsent’s customers are active and the subject’s consent is valid.
Access to Your Data
If you suspect or are aware that PhotoConsent is processing your personal data, you have several rights regarding such processing:
Right of Access
You have the right to request access to the personal data PhotoConsent stores and processes about you. Note that PhotoConsent cannot access individual consent forms or the images they may contain.
Right to Object
You can object to the processing of your personal data if you believe it does not align with the purposes described in this privacy policy or the given consent.
Right to Rectification
You can request the correction of incorrect or incomplete data that is relevant to processing.
Right to Erasure
You can request the deletion of your data if it is no longer necessary for the stated purposes, if you withdraw your consent, or if the processing is unlawful. However, some data cannot be deleted due to legal or legitimate obligations.
Right to Data Portability
You can request your data in a readable format.
Right to Withdraw Consent
You can withdraw your consent to data processing at any time. For customers, this requires formally notifying PhotoConsent. For photo subjects, this requires contacting the photographer or relevant entity.
Right to Complain
If you have questions or concerns, you can contact PhotoConsent directly. Alternatively, you can file a complaint with the Danish Data Protection Agency at dt@datatilsynet.dk.
Contact Information
PhotoConsent ApS
Minkemarkvej 12
4300 Holbæk
CVR: 29414122
Email: info@photoconsent.dk
Phone: +45 36957755
