Updated 26th January, 2019

We're big fans of privacy. Here's a very, very, very long page detailing how we protect yours:

1. Key terms
2. How does this policy apply to you?
3. What information we collect about you
4. How we collect information
5. How we use information
6. How we share information
7. Your rights
8. How we protect information
9. How we retain your information
10. How to contact us

This privacy policy describes how we – Rachel Juarez-Carr and Christopher Senteno Juarez – collect, use, store, share and protect your information in connection with products and services we offer, including but not limited to, services provided at or using the domain septemberpictures.com.

By using any of our products or services, you confirm you have agreed to the terms of use and read and understood this privacy policy and our cookie policy. We might amend this policy. We'll notify you of material changes to the policy beforehand by email or in another conspicuous manner to give you reasonable notice.

1. Key terms

In our policy, when we refer to “users”, we mean clients who use our products or services, and visitors to our sites. We offer photography services for business and personal use. We refer to all of these products as “services” in this policy. And when the words ‘we’, ‘us’ and ‘our’ refer Rachel Juarez-Carr and Christopher Senteno Juarez.

2. How does this policy apply?

This policy describes what we do with personal information that we collect and use for our own purposes (ie, where we are data controllers – doesn’t that sound fancy?).

We use cookies and similar technologies. Our cookie policy describes what we do in that regard. It’s quite boring, sorry.

Any service provided by us is purely voluntary. You aren’t required to provide any personal information to us unless you wish to purchase our products or enquire about our services. If you don’t agree with the terms in this policy, or the terms of use related to our services, then please don’t provide us with personal information.

By sharing your personal information to access any of our services, you expressly consent to our collection, use, disclosure and retention of your information as described in this policy and in the terms of use.

3. What information we collect about you

We collect information about you when you provide it to us, when you use our services, and when other sources provide it to us, as further described below.

Information you provide to enquire about services, such as email address, first name, last name, event date, etc: If you purchase a service or product from us, we may ask you for additional data, such as your address. If you purchase a service or product from us we may also ask you to make a bank transfer: we won’t ask for payment and billing information. We don’t hold or store information related to your payments, we only receive confirmation from the payment provider you choose that payment has been processed.

Your marketing preferences: The emails and other communications that you send us or otherwise contribute, such as service enquiries.

Information from your use of our services: This includes IP addresses, preferences, web pages you visited prior to coming to our or our site, information about your browser, network or device – such as browser type and version, operating system, internet service provider, preference settings, unique device IDs and language and other regional settings – information about how you interact with the services and our site (such as timestamps, clicks, scrolling, browsing times, searches, transactions, referral pages, load times and problems you may encounter, such as loading errors).

Information we get from our partners to support our marketing initiatives, improve our services and better monitor, manage and measure our ad campaigns, such as details about when our partner shows you one of our ads on or via its advertising platform.

4. How we collect personal information

We obtain personal information from various sources. We do this in two main ways:

You provide some of it directly (such as by enquiring about a service via a contact form or email).

We record some of it automatically when you use our services (including with technologies like cookies).

We’ve described the above in more detail below.

a. Personal information you provide

For instance, we ask you to provide your name and email address to enquire about our services. We also maintain your marketing preferences and the emails and other communications that you send us or otherwise contribute, such as customer support inquiries or posts to our customer message boards or forums.

We’ll normally let you know when information is required, and the consequences of failing to provide it. If you do not provide personal information when requested, you may not be able to use our services if that information is necessary to provide you with the service or if we are legally required to collect it.

b. Personal information obtained from your use of our services

When you use our services, we collect information such as your IP address(es), your device and browser type, the web page you visited before coming to our sites, what pages on our sites you visit and for how long and identifiers associated with your devices.

Some of this information is collected automatically using cookies and similar technologies when you use our services. You can read more about our use of cookies in our cookie policy. Some of this information is similarly collected automatically through your browser or from your device.

5. How we use your personal information

We use the personal information we obtain about you to:

Provide the services and products you request: for example, we’ll need your wedding date and location to check our availability

Communicate with you: such as by sending you emails about your enquiry

To promote our services: we might want to let you know of an additional service

To advertise our services: we analyse your interactions with our services so we can tailor our advertising to what we think will interest you. For example, we may avoid advertising to you on a social-media site if you’re already a client of ours

To improve our services: we’re constantly learning about how our services are accessed and used. We usually do this based on anonymous, pseudonymised or aggregated information that does not identify any user individually

To secure our services

To protect our and others’ interests, rights and property (e.g., to protect our users from abuse)

To comply with the law: we comply with all applicable legal requirements, such as tax and other government regulations and industry standards, contracts and law enforcement requests

We and any affiliates comply with national laws regarding spam. You can always opt out of receipt of further email correspondence from us and/or our affiliates. We agree that we will not sell, rent or trade your email address to any unaffiliated third-party without your permission.

We process your personal information for the above purposes in the below situations:

Consent: you have consented to the use of your personal information in a particular way. When you consent, you can change your mind at any time

Performance of a contract: we need your personal information to provide you with services and products you request, or to respond to your enquiries; for example, we need you to provide a shipping address if you have purchased a product

Legal obligation: we have a legal obligation to use your personal information, such as to comply with applicable tax and other government regulations or to comply with a court order or binding law enforcement request.

Legitimate interests: we have a legitimate interest in using your personal information; in particular, we have a legitimate interest in the following cases:

To operate our business and provide you with tailored communications to develop and promote our business

To analyse and improve the safety and security of our services – we do this as necessary to pursue our legitimate interests in ensuring our business is secure, such as by implementing and enhancing security measures and protections and protecting against fraud, spam and abuse

To provide and improve the services, including any personalised services – we do this as necessary to pursue our legitimate interests of providing an innovative and tailored offering to our Users on a sustained basis

To share your personal information with other companies that help us provide and improve the services, for example Royal Mail if shipping you a product you’ve purchased

To anonymise and subsequently use anonymised information
Protecting you and others: to protect your vital interests, or those of others

6. How we share your personal information

We share personal information in the following ways:

Following the law or protecting rights and interests: we disclose your personal information if we determine that such disclosure is reasonably necessary to comply with the law, protect our or others’ rights, property or interests (such as enforcing our terms of use) or to prevent fraud or abuse of us or our users. In particular, we may disclose your personal information in response to lawful requests by public authorities, such as to meet national security or law enforcement requirements.

Advertising: we share personal information with third parties so they and we can provide you with tailored advertising and measure and monitor its effectiveness; for example, we may share your pseudonymised email address with a third-party social-media platform on which we advertise to avoid serving adverts to people who already use our services.

Business transfers: if we’re involved in a reorganisation, merger, acquisition or sale of some or all of our assets, your personal information may be transferred as part of that deal.

We use the following services to collect your information:

Google Analytics – We use analytics on our site to collect data to provide us with statistics about our site. We collect non-sensitive information about you: all sensitive information has been anonymised including IP addresses. Here’s Google’s privacy policy.

Facebook Custom Audiences – We occasionally use Facebook custom audiences on our site to allow us to deploy targeting marketing to customers or offer adverts based on your Facebook ad preferences. You can opt out of marketing by updating your ad preferences on Facebook. Here’s Facebook’s privacy policy.

Mailchimp – We use Mailchimp to send emails. Here’s Mailchimp’s privacy policy.

Gmail – We use Gmail to send emails. Here’s Google’s privacy policy.

Pic-Time – We use Pic-Time to store, display and deliver photography products to clients and other users. It’s rare that we’d need to store any users’ data there, but if you request client access to a particular gallery or to download files, for example, Shootproof might need your email address. Here’s Shootproof’s privacy policy.

7. Your rights

You have the right to access, update, change or delete your personal information.You can access, update, change or delete personal information or by contacting us at rachel@carrandsenteno.com. You can exercise your other rights by contacting us at the same email address. It’s likely that there’d be a short delay in deleting your personal data from our systems, because it’s not an automated process – it’s done by a real human who’s mostly out with her camera being a photographer instead of sitting by a computer being a data controller. But it’ll be done as soon as is reasonably possible.

We also will retain personal information in order to comply with the law, protect our and others’ rights, resolve disputes or enforce our legal terms or policies, to the extent permitted under applicable law.

You can also elect not to receive marketing communications if you’ve signed up for our newsletters or other content, by changing your preferences via the unsubscribe button at the bottom of all our marketing emails.

Additionally, if we rely on consent for the processing of your personal information, you have the right to withdraw it at any time and free of charge. When you do so, this will not affect the lawfulness of the processing before your consent withdrawal.

Our cookie policy explains how you can manage cookies and similar technologies.

8. How we protect your information

While it’s impossible for any service to be entirely secure, we maintain administrative, technical and physical safeguards that are intended to appropriately protect against accidental or unlawful destruction, accidental loss, unauthorised alteration, unauthorised disclosure or access, misuse and any other unlawful form of processing of, the personal information in our possession.

We employ security measures such as using firewalls to protect against intruders and testing for and protecting against network vulnerabilities. We avoid keeping hard copies of data wherever possible, and any that do exist – for example, if you hire us to perform photography services and return your contract to us via post rather than email – are stored with reasonable expectation of security.

9. How we retain your personal information

We retain personal information regarding you or your use of our services for as long as needed to provide you with our services. We also retain personal information for as long as necessary to achieve the purposes described in this policy, for example, to comply with our legal obligations, to protect us in the event of disputes and to enforce our agreements and to protect our and others’ interests.

The precise periods for which we keep your personal information vary depending on the nature of the information and why we need it. For example, the period we keep your email address is connected to how much time has passed since you provided it, and the nature of that submission. In the course of providing the services, we collect and maintain aggregated, anonymised information which we may retain indefinitely.

10. How to contact us

If you have questions, comments or complaints about this policy or our practices – or if you would like to exercise your rights and choices – just email us: rachel@carrandsenteno.com.

In accordance with GDRP law, you have the right to:

confirmation that your data is being processed;

access to your personal data: A copy of your personal data in our possession will be provided free. But if your request is made excessively, we might opt to charge a reasonable admin fee. We’ll try our hardest to provide the requested data within seven days, but please note that it may need to take up to 30 days (we have pictures to take and a toddler to wrangle).