Privacy Policy

Data Controller

The data controller for this website (danieledelgrosso.co.uk) is Daniele Delgrosso. Throughout this privacy policy, ‘we’, ‘our’, or ‘us’ shall mean danieledelgrosso.co.uk, and ‘you’ means the viewer. This policy applies to the domain, which includes both personal and photography pages (danieledelgrosso.co.uk and danieledelgrosso.co.uk/photography).

To get in contact, please see my contact page.

 

Introduction

This notice describes how we collect, store and use personal data. It tells you about your privacy rights and how the law protects you.

In the context of the law and this policy, ‘personal data’ is information that clearly identifies you as an individual or which could be used to identify you if combined with other information. Acting in any way on personal data is referred to as ‘processing’.

This policy applies to personal data collected through our website.

Except as set out below, we do not share, or sell, or disclose to a third party, any information collected through our website.

 

Personal data we process

  1. How we obtain personal data

The information we process about you includes information:

  • as a result of monitoring how you access or use our website or our services
  1. Types of personal data we collect from your use of our services

By using our website and our services, we process:

Web Server Access Logs

We automatically collect information when you visit or navigate our website or services, which is recorded in the form of web server access logs. This information is used to primarily monitor and maintain the operation of our website and services, for security and maintenance, and used for internal analytics and reporting purposes, including aggregated information such as statistical or demographic data. Web server access logs from the previous month are automatically removed at the end of each month.

Web server access log data may contain the following information:

  • technical information about the hardware and the software you use to access our website and use our services, including your Internet Protocol (IP) address (or proxy server), browser type, browser version, device operating system, country, location, HTTP code, bytes served, URL page visited, time, date and referring URL.
  • usage information, including the frequency you use our services, and the pages of our website that you visit.

Web server access log data is processed by the web host we use. Their servers are located in the United Kingdom. For more information, please see their privacy notice.

AWStats

We utilise software called AWStats which is installed and hosted directly on the server we use for the website. AWStats is used to analyse visitor access directly from the web server access logs (the data in these logs is mentioned in section 2 of the privacy policy under ‘Web Server Access Logs’). This software is used for internal purposes only, and allows us to determine the number of people accessing our website, which web pages, content they are accessing and to provide a better experience for future visitors to the website. The data used by AWStats is stored directly on the server used for this website, and can be stored for up to one year.

The bases on which we process information about you

The law requires us to determine under which of six defined bases we process different categories of your personal data, and to notify you of the basis for each category.

Under the General Data Protection Regulation (GDPR), the lawful bases we rely on for processing this information are:

(a) We have a legal obligation.

(b) We have a legitimate interest.

 

If a basis on which we process your personal data is no longer relevant then we shall immediately stop processing your data.

If the basis changes then if required by law we shall notify you of the change and of any new basis under which we have determined that we can continue to process your information.

  1. Information we process for the purposes of legitimate interests

We may process information on the basis there is a legitimate interest, either to you or to us, of doing so.

Where we process your information on this basis, we do after having given careful consideration to:

  • whether the same objective could be achieved through other means
  • whether processing (or not processing) might cause you harm
  • whether you would expect us to process your data, and whether you would, in the round, consider it reasonable to do so

For example, we may process your data on this basis for the purposes of:

  • improving our services
  • record-keeping for the proper and necessary administration of the website
  • responding to unsolicited communication from you to which we believe you would expect a response
  • preventing fraudulent use of our services
  • exercising our legal rights, including to detect and prevent fraud and to protect our intellectual property
  • insuring against or obtaining professional advice that is required to manage risk
  • protecting your interests where we believe we have a duty to do so
  1. Information we process because we have a legal obligation

Sometimes, we must process your information in order to comply with a statutory obligation.

For example, we may be required to give information to legal authorities if they so request or if they have the proper authorisation such as a search warrant or court order.

This may include your personal data.

Use of information we collect through automated systems

  1. Cookies

We do not use cookies on this website.

  1. Personal identifiers from your browsing activity

Requests by your web browser to our servers for web pages and other content on our website are recorded.

We record information such as technical information about the hardware and the software you use to access our website and use our services, including your Internet Protocol (IP) address (or proxy server), browser type, browser version, device operating system, country, location, HTTP code, bytes served, URL page visited, time, date and referring URL, usage information, including the frequency you use our services, and the pages of our website that you visit.

We use this information in aggregate to assess the popularity of the webpages on our website and how we perform in providing content to you.

If combined with other information we know about you from previous visits, the data possibly could be used to identify you personally.

Other matters

  1. Third party URLs

Our website may contain links to third party websites. Please note that these websites are not part of our domain, and have their own terms and privacy policies and that we do not accept any responsibility or liability for them.

  1. Your rights

The law requires us to tell you about your rights and our obligations to you in regard to the processing and control of your personal data.

We do this now, by requesting that you read the information provided at http://www.knowyourprivacyrights.org

  1. Information about children

This website is not intentionally designed for or directed at children. If you are under 18, you may use our website only with consent from a parent or guardian.

  1. Encryption of data sent between us

We use Secure Sockets Layer (SSL) certificates to verify our identity to your browser and to encrypt any data you give us.

Whenever information is transferred between us, you can check that it is done so using SSL by looking for a closed padlock symbol or other trust mark in your browser’s URL bar or toolbar.

  1. Data processing location

Our website, the data centres they are hosted on, and processing are securely located in the United Kingdom. Please see their GDPR statement here: https://www.jolt.co.uk/gdpr-hosting/

  1. Control over your own information

At any time, you may contact us to request that we provide you with the personal data we hold about you. Please visit the contact page to get in touch.

When we receive any request to access, edit or delete personal data we first take reasonable steps to verify your identity before granting you access or otherwise taking any action. This is important to safeguard your information.

Please be aware that we are not obliged by law to provide you with all personal data we hold about you, and that if we do provide you with information, the law allows us to charge for such provision if doing so incurs costs for us. After receiving your request, we will tell you when we expect to provide you with the information, and whether we require any fee for providing it to you.

If you wish us to remove personally identifiable information from our website, you should contact us to make your request.

This may limit the service we can provide to you.

We remind you that we are not obliged by law to delete your personal data or to stop processing it simply because you do not consent to us doing so. While having your consent is an important consideration as to whether to process it, if there is another legitimate basis on which we may process it, we may do so on that basis.

  1. Communicating with us

When you contact us by email, we collect the data you have given to us in order to reply with the information you need.

We record your request and our reply. We may keep personally identifiable information associated with your message, such as your name and email address so as to be able to track our communications with you to provide a high quality service.

  1. Complaining

If you are not happy with our privacy policy, or if you have any complaint, then you should tell us.

When we receive a complaint, we record the information you have given to us on the basis of consent. We use that information to resolve your complaint.

We may also compile statistics showing information obtained from this source to assess the level of service we provide, but not in a way that could identify you or any other person.

If a dispute is not settled then we hope you will agree to attempt to resolve it by engaging in good faith with us in a process of mediation or arbitration.

If you are in any way dissatisfied about how we process your personal data, you have a right to lodge a complaint with the Information Commissioner's Office (ICO). We would, however, appreciate the opportunity to talk to you about your concern before you approach the ICO.

  1. Retention period

Except as otherwise mentioned in this privacy notice, we keep your personal data only for as long as required by us:

  • to provide you with the services you have requested
  • to support a claim or defence in court
  1. Compliance with the law

Our privacy policy complies with the law in the United Kingdom, specifically with the Data Protection Act 2018 (the ‘Act’) accordingly incorporating the EU General Data Protection Regulation (‘GDPR’) and the Privacy and Electronic Communications Regulations (‘PECR’).

  1. Review of this privacy policy

We shall update this privacy notice from time to time as necessary. This privacy policy was last updated on 8th April 2021.