John Coveney Photography Privacy Policy

1Introduction & Summary

Welcome to the Privacy Policy of  John Coveney Photography at www.johncoveney.ie (Business number 470723) and its associated blog at www.johncoveney.ie/blog.  Please read the Policy before using my website or submitting information to John Coveney Photography by any means.

To run its business, John Coveney Photography (JCP, “I” or “my”) needs to legitimately collect, store, process and archive necessary personal and business data about its clients, contacts, and visitors to my website and my social media accounts. Client and contact image data is similarly retained. As required by the General Data Protection Regulation (GDPR) as detailed by the Irish Data Protection Commission (DPC), I do not collect or store more data than I need to run and promote my photography business. I never sell client, contact or visitor data to any third party, but client, contact and visitor data may be legitimately shared or disclosed as detailed in this Privacy Policy – or as required by Irish law. For image data, such disclosure typically involves the promotion of my business by display of high-quality client and contact imagery on my website and my social media feeds, including my Blog, and my Instagram, Facebook, Twitter and Flickr accounts. Contact data about clients and contacts may be legitimately shared or disclosed to my service providers as detailed on page 4. Except in accordance with legal requirements, image or other data is only disclosed with the consent of clients & contacts. Images of children are only taken with the permission of their parents or guardians, or other organizations responsible for them such as schools. These images of children are only given to those who commission them. If I have personal data about you, I will provide it to you if you ask for it. If requested, I will remove your personal information and images from my records unless I am required by law to keep it. You can read guidance about your rights under GDPR from the DPC here. The Citizens Information Board also provides a non-technical overview of GDPR in Ireland.

Data is managed and or hosted for John Coveney Photography by five suppliers, who have their own GDPR compliant data and privacy policies  - see the Data Service Providers section on page 7. Access to my data service provider accounts is via unique passwords and, where available, two factor authentication.

  • The John Coveney Photography website at www.johncoveney.ie and its associated blog at www.johncoveney.ie/blog are based on templates provided and operated by  Zenfolio - an American ecommerce platform that provides websites to photographers to display and sell their photography.  They also hold and process some personal data and financial information about John Coveney Photography’s clients, contacts and website visitors as detailed elsewhere in this Privacy Policy.
  • The John Coveney Photography website and email addresses, principally [email protected]  are hosted by Digital Media Internet Services – an Irish company trading as LetsHost.ie
  • Data flows between John Coveney Photography and my Zenfolio operated website at www.johncoveney.ie and its hosting domain at LetsHost.ie via a broadband connection are supplied by Virgin Media Ireland. Virgin media details how it provides its broadband service in compliance with GDPR here. Its privacy policy is here, and its cookie policy is here.
  • Emails to John Coveney Photography are automatically forwarded to the my business gmail address, [email protected], so that I have mobile access to my emails on my phone and laptop. When a reply is needed before I return to base, I occasionally reply to emails from this address also. Google’s terms of use for its services including gmail are here and its privacy policy is here.
  • All of John Coveney Photography’s data is encrypted and securely backed up remotely by Backblaze – an American company.

The rest of this Privacy Policy details my practices on the collection, use, processing, archival and disclosure of information that you may provide, or that I may collect via this site or in other communications such as on the phone, via email or via messaging applications.

1.1Your Consent

When you use the John Coveney Photography website at www.johncoveney.ie or by contacting me by any means including email, phone or via messaging apps,  you agree to the collection, storage, processing, archival and disclosure of data and imagery connected to my business in accordance with this Privacy Policy.

1.2Contact for Queries, Corrections or Removal of Your Data

If you have queries about this Privacy Policy or any other aspect of John Coveney Photography, or wish to have your information or imagery corrected or removed, contact me at [email protected].

1.3Privacy Policy Updates

This version of this Privacy Policy was prepared on 2 July 2019. Updates will be logged here. A PDF of this Policy can be downloaded here www.johncoveney.ie/privacy-policy.pdf.

2Table of Contents

 

1       Introduction & Summary. 1

1.1         Your Consent. 2

1.2         Contact for Queries, Corrections or Removal of Your Data. 2

1.3         Privacy Policy Updates. 2

2       Table of Contents. 2

3       Information Collection & Management. 3

3.1         About John Coveney Photography. 3

3.2         Information Collection. 3

3.2.1          Website & Social Media Visitors. 3

3.2.2          Direct Contacts with John Coveney Photography. 3

3.2.3          Clients & Suppliers of John Coveney Photography. 3

3.2.4          Collection and Management of Client & Contact Image Data. 4

3.3         Privacy and Security of Payment Methods and Details. 4

3.4         Use, Disclosure & Retention of Information. 4

3.5         Access & Correction. 4

4       Data Security & GDPR Compliance. 4

4.1         Data Security – John Coveney Photography’s Responsibilities & Your Responsibilities. 4

4.1.1          Management of Client & Contact Image Data. 5

4.1.2          Management of Images of Guests at Client Events. 5

4.2         GDPR Compliance. 6

4.3         Links to other Websites. 7

5       Data Treatment by Data Service Providers for John Coveney Photography. 7

5.1         Website Provision by Zenfolio. 7

5.1.1          How Zenfolio Manages & Secures My Client Account & Payment Data. 7

5.1.2          How Zenfolio Track Visitors to John Coveney Photography. 8

5.1.3          How Zenfolio Manages Cookie’s for John Coveney Photography. 8

5.1.4          Advertising and my Zenfolio Website. 9

5.2         Domain & Email Hosting by LetsHost.ie. 9

5.3         Offsite Secure Backups by Backblaze. 10

5.4         Broadband Service and Mobile Email Service. 10

5.4.1          Broadband Internet Access from Virgin Media Ireland. 10

5.4.2          Mobile Email Access from Gmail 10

 

3Information Collection & Management

3.1About John Coveney Photography

John Coveney has been photographing people place and wildlife in Dublin, all over Ireland and occasionally abroad since 2001 when he got his first digital camera. He has been running John Coveney Photography since 2013. He got his initial licentiate from the Irish Photography Federation in 2011 and he earned a high level Associateship qualification from them in 2017. In 2014, he won their National Nature photographic competition. His landscape and fashion work has been published in the national media.

3.2Information Collection

John Coveney Photography collects, stores, processes and archives information on its clients, contacts and website visitors, as detailed in this section of this Privacy Policy and elsewhere as referred to from this section. All information is collected in a lawful manner based on legitimate interest as detailed in the GDPR section on page 4.

3.2.1Website & Social Media Visitors

If you visit my website at www.johncoveney.ie or my blog at www.johncoveney.ie/blog but otherwise do not interact with me, your contact is managed by cookies. These are small text files that websites generate and store on your computer to “remember” your actions and preferences when you visit them. They do this to improve how the website performs for your current and future visits. Read the Data Protection Commission’s guidance on cookies for more information about them. John Coveney Photography uses cookies operated by Zenfolio. Their use is detailed in the Zenfolio section of this Privacy Policy on page 7. I have recently (June 2019) registered www.johncoveney.ie with  Google Analytics and I will update this Privacy Policy as I develop my use and understanding of this website visitor analysis tool.

The use of cookies by on social media accounts at Instagram, Facebook, Twitter and Flickr is in accordance with their privacy policies that can be viewed on their websites. My access to all of these accounts is secured by unique passwords from my phone, my desktop and my laptop. These devices are also protected by unique passwords.

3.2.2Direct Contacts with John Coveney Photography

If you make direct contact with me, or if I approach you, you may provide me with information such as your name, email and phone number. Additional job specific information could include your postal address and details of an event, such as where it is on, who will be there, and what kind photographs you want. In the case of an event with a religious or legal component such as a Weddings or First Communions, information on your religious or sexual orientation may be implicitly or explicitly provided.

Any direct contacts to John Coveney Photography in person, by phone, text, WhatsApp, or using Instagram, Facebook, Twitter or Flickr messaging are secured and managed by those applications on my phone and on my laptop and desktop. These accounts and devices are uniquely password protected and, where available, by touch ID and two-factor authentication. Email contacts are principally managed in my office using Microsoft Outlook on my desktop – they are also forwarded to a gmail address for mobile access – see page 10. Occasionally notes about these contacts are made in my paper diary which is stored in my locked office or is in my possession when I’m away from the office.

3.2.3Clients & Suppliers of John Coveney Photography

In addition to contact and website visit data, additional information is stored about clients. This includes digital images, occasional sample prints, details of forthcoming and past jobs for clients, and financial information on payments from clients. Information is also stored on payments to suppliers. This information is stored in emails and client accounts on the John Coveney Photography website at www.johncoveney.ie – and also in Microsoft Excel spreadsheets. Client accounts and the client information in them are also stored and processed by Zenfolio in accordance with the GDPR compliance subsection of the Photographers Terms section their terms of use policy. However, it is John Coveney Photography who is responsible for the content of the client information in these client accounts on its website and their maintenance and, if requested, deletion – subject to any retention requirements necessary under e.g. Irish tax law.

3.2.4Collection and Management of Client & Contact Image Data

See Data Security on page 5.

3.3Privacy and Security of Payment Methods and Details

Clients may pay online for photography services and products provided by John Coveney Photography. They may do this by bank transfer, with PayPal, or with debit or credit cards. The security and privacy of online payments you make to John Coveney Photography from your bank or PayPal account are covered by those organizations’ data protection and privacy policies. Credit & debit card payments to John Coveney Photography are handled by Zenfolio and I only receive details of who made the payment, what it is for, and how much is involved. John Coveney Photography does not receive any credit or debit card details from customers. Here is how Zenfolio handles credit card payments on behalf of its photographer clients as detailed to me by Zenfolio Support: - [except for the addition of text in square brackets to enhance readability as well as active links]

[Zenfolio] take[s] security of transactions extremely seriously. We process tens of thousands of orders and all of the information collected during the check-out is processed via our secured servers. These servers are certified by VeriSign, a market leader in online security.

Because we must process transactions in a secure environment, we are also PCI compliant, which a set of requirements designed to ensure that all companies that process, store or transmit credit card information maintain a secure environment.

3.4Use, Disclosure & Retention of Information

The information you disclose to John Coveney Photography is used to improve the content of this site, to customize the site to your preferences, to communicate information to you (if you have requested it), for marketing and research purposes, and for the purposes specified in this Privacy Policy.

Your data is never sold to any third parties but it may be legitimately shared or disclosed in accordance with the GDPR Compliance section of this Privacy Policy at detailed on page 6.

3.5Access & Correction

If you become aware of any errors in your personal data, please contact me in writing by email at [email protected] or by post to John Coveney Photography, 56 Castle Farm, Shankill, Dublin D18 AD83. I will take all reasonable steps to correct errors notified to me once I have contacted you to verify the correction that you submitted.

4Data Security & GDPR Compliance

4.1Data Security – John Coveney Photography’s Responsibilities & Your Responsibilities

I take all reasonable steps to responsibly manage information about clients, suppliers, contacts and website visitors to protect this information from loss, misuse, unauthorized access, unauthorized disclosure, alteration, or its destruction except as specified by a contact or client in accordance with law. However, no computer or internet system is 100% reliable, secure or error. In particular, email sent to or from John Coveney Photography is not secure. Additionally, it is your responsibility to secure any passwords linked to any account on my site that you may have, and also any passwords or direct links that you may have to private galleries on my site.

All John Coveney Photography’s business and image data is principally managed on a password protected desktop in my home office with its own separate locked and alarmed entrance. Only I and my co-director (my wife – who is not operationally involved in the business) has access to this office. On-site backups are to local hard drives held in this office and in a locked cabinet in my house. Secure offsite backups are done using Backblaze - see page 10. When I am working away from base, I use a password protected laptop and password protected mobile hard drives. On return to base, client and contact imagery and information is copied to the desktop system and, once backed up, it is deleted from the laptop and the mobile drives.

4.1.1Management of Client & Contact Image Data

Most of my client imagery is taken with a high specification digital camera (DSLR) with removable dual memory cards that allows duplication of the imagery as it is being captured. As a shoot is completed or as memory cards fill up, they are removed from my cameras and stored on my person until I can copy the images to my desktop or laptop – normally within a few hours. Memory cards with client and contact images are never left in unattended in cameras or cars. Once the imagery is backed up, it is deleted from the cameras’ memory cards.  Client & contact imagery is catalogued and processed using Adobe’s Lightroom and is typically tagged with the clients’ and contacts’ names and the location of the shoot. Client & contact imagery may be further manipulated with Photoshop. Client and contact image data is backed up locally to secured hard drives. Offsite backups to “the cloud” are done using Backblaze - see page 10

Images are typically supplied to clients & contacts via private galleries on my website – or, where the client or contact has requested it, via public galleries or social media accounts. Access to private galleries is usually via a supplied direct link. In some cases, a password may also be required. Private galleries are not visible to or searchable by search engines. In some cases images are sent by email, or where large numbers of images are sent, I use the free Netherlands based WeTransfer service. WeTransfer encrypts files when it is transferring them between senders and recipients and while it temporarily stores them. WeTransfer’s GDPR compliant privacy policy is here.

No client or contact imagery is ever sold to third parties without explicit written client/contact permission and, where relevant e.g. for advertising purposes, a model release is obtained. With client/contact permission, I may share high quality client image data on my website and my social media accounts to promote my business. I may also for submit them for photographic qualifications and awards. Clients/contacts may withdraw permission for the display of images on my website, my blog and on my social media accounts. This should be done in writing by emailing me at [email protected] . However, if a client or contacts gives permission for an image to be used in connection with a submission for an award or qualification and if that submission is successful and goes into to the public domain, the image cannot be removed from public circulation. Additionally clients and contacts should to be aware that if they consent to me publicly displaying their photograph(s) on my website, blog or social media accounts, it may pass irretrievably into the public domain beyond my control even if I take it down from my website and accounts.

4.1.2Management of Images of Guests at Client Events

I may photograph adult guests of clients or other third parties at their events and may wish to display these images on my website, my blog or my social media accounts to legitimately promote my business. It may not be possible (nor is it required by GDPR) for me to seek consent of guests to take their photographs.  In order to balance the rights of guests who appear in my public photographs I apply the following three tests:

  1.  I only publish flattering images of clients and their guests – with the caveat that this is a subjective test.
  2. Would that person reasonably have expected to have appeared in such a photograph?
  3. If someone published that photograph of me would I be upset?

If in spite of the application of these tests, I am approached by the person in question and asked to take down the photograph I will do so, except in the case of award winning images in the public domain as detailed above in section 4.1.1.

Any images of children on my website are only published with the explicit written permission of their parents or guardians or relevant organizations such as schools or sports clubs. Full names of children are not published, nor are any other contact details.

In preparing this section on the  photography at client events of adult and child guests, and also third parties,  I read and took account of the only guidance on photography from the Irish Data Protection Commission (DPC) here. This mainly deals with photography at school events and by implication at other events involving children. More generally, however, the DPC advocates a “common sense” approach and states unambiguously that that GDPR does not prevent anyone taking photographs of people at public events providing they are not “harassing” them.  However, GDPR arises when considering what to do with these photographs especially if they are put on public display. It then advises that that same GDPR considerations that apply to other personal data are also applied to the storage and display of these photographs – especially consent, compliance by me with withdrawal of consent requests, and legitimate interest.

I believe it’s worth quoting their closing statement on the issue of school photography here and taking account of it more generally in this Privacy policy.

We live in a world where every owner of a smartphone is a potential photographer. The GDPR does not provide an exact roadmap on when it’s permissible to take and publish photographs in the context of school events. However, a balanced, common sense approach will go a long way towards ensuring that individuals’ rights are respected, while also ensuring that data protection doesn’t become an obstacle to capturing and celebrating significant school events.”

4.2GDPR Compliance

  1. My Details and Who is collecting the data: - The data is being collected by John Coveney Photography, 56 Castle Farm, Shankill, Dublin D18 AD83. Email [email protected]. Phone 087 2765158. The emergency backup contact for this Privacy Policy is to my wife and co-director. Her email is [email protected] .
  2. What data is being collected: - John Coveney Photography collects, stores, processes and archives business information (e.g. details of financial transactions with clients), personal information (e.g. contact details) and digital images about its clients, its contacts and website & social media visitors.
  3. Where is the data accessed and stored: - The data is primarily accessed from and stored and backed on a password protected desktop computer in my home office with its own entrance that is locked and alarmed. Portions of the data are stored or backed up online as detailed in the Data Service Providers section on page 7. When I am away from base, some data is occasionally stored and processed on my laptop and mobile phone. Both are password protected.
  4. How is the data collected: - The data is collected in a lawful manner in compliance with GDPR as detailed in the Information Collection section of this Privacy Policy on page 3
  5. Why is it being collected: - It is collected based on legitimate interest criterion of GDPR – i.e. to run the John Coveney Photography business.
  6. How will it be used: - It will be used to provide John Coveney Photography services and products to clients and to market the business to existing and potential clients who agree to be contacted for this purpose. Any such contacts include the option to be excluded from further contact from John Coveney Photography. The data is also used for business analysis and forecasting.
  7. Who will it be shared with: - I take your privacy seriously as evidenced by the preparation and implementation of this Privacy Policy. I do not sell your information to any third-party organizations for any purpose. I may legitimately share your information, such as your contact details, with photographic printers or other photographic service providers, as well as delivery service providers, to allow me to prepare and deliver products that you have ordered from me. I also share financial information about receipts and payments with my chartered accountants O’Brien Curran and O’Mahony, 28 Fairview Strand, Dublin. When I use such service providers, I ensure that they have GDPR compliant privacy policies. I will also provide data to law enforcement agencies if legally required to do so.
  8. How can I access and correct or update my data:- If you have any questions about your data, please contact me by email at [email protected] or by phone at 087 276 5158. If you want a copy of the data I have about you, please email me at [email protected] with GDPR data in the subject line and I will provide it as specified by the Data Protection Commission.
  9. How long is the data stored and how can my data be deleted: - The data is stored indefinitely to allow me to provide a better service to clients and potential clients – except where individuals request that their data is deleted. Requests for the deletion of contact, business and image data must be submitted in writing by email to [email protected]  or by post to John Coveney Photography, 56 Castle Farm, Shankill, Dublin D18 AD83. I will take all reasonable steps to delete your data once I have promptly contacted you to verify the request in accordance with the Data Protection Commissions requirements. However, business data relating to business receipts and expenditure must be retained by law for six years following the relevant end of business year returns. In practice, this may mean that business data may need to be retained for about eight years e.g. if the transaction took place near the beginning of John Coveney Photography’s business year on 1 March. If you ask me to delete your image data, I will warn you that if you lose access to the image data that I have previously provided to you, I will not be able to replace it. This is to allow you to make an informed decision on deletion of your image data that you may no longer wish me to retain.
  10. How will this Privacy Policy affect you: - The way in which I collect, store, process and archive your data should have no negative effect on you.
  11. Where can I get more information  about my data and GDPR: - For your own data, please contact me by email at [email protected] or by phone at 087 276 5158. For more information on GDPR You can read guidance about your rights under GDPR from the DPC here. The Citizens Information Board also provides a non-technical overview of GDPR in Ireland.

4.3Links to other Websites

This site contains links or reference to other websites other than my data service providers. If you follow these links or references to these other websites, you will leave John Coveney Photography and your interactions with those other websites are not covered by this Privacy Policy. Instead you should read to the privacy policies of those other websites as you visit them. Mention of any other website by John Coveney Photography on its website or in this Privacy Policy is not an endorsement of their services.

5Data Treatment by Data Service Providers for John Coveney Photography

Data is managed, transmitted, processed and hosted for John Coveney Photography by five data service providers as detailed below. These five suppliers have their own GDPR compliant service, data and privacy policies. Access to my data service provider accounts is via unique passwords and, where available, two factor authentication.

5.1Website Provision by Zenfolio

The John Coveney Photography website at www.johncoveney.ie and its associated blog at www.johncoveney.ie/blog are based on templates provided and operated by Zenfolio – an American ecommerce platform that provides websites to photographers to display and sell their photography. Their privacy policy can be viewed here and their terms of use policy is here. These policies primarily deal with the interactions between Zenfolio and my business, but they also hold and process some personal data and financial information clients, contacts and website visitors as detailed below.

5.1.1How Zenfolio Manages & Secures My Client Account & Payment Data

Details of how Zenfolio handles client and contact account information is in the Client & Supplier subsection of the Information Collection section on page 3.

Information of how Zenfolio secures payment Information is covered in the section on Privacy and Security of Payment Methods and Details on page 4.

5.1.2How Zenfolio Track Visitors to John Coveney Photography

Zenfolio anonymously track visitors to galleries, including private galleries as per the following text in italics [with slight modifications in square brackets to enhance readability] – as received from Zenfolio Support on 6 May 2019.

While [Zenfolio] offer[s] some basic visitor tracking numbers for your galleries, the visitor counter will only show a visit to [a JCP] site or a gallery if a Photo page or a Quick Shop page is viewed. If someone simply clicks into [a JCP] gallery, but does not click a photo within the gallery, their visit will not count in the visitor counter. Same if they visit [the JCP] homepage but do not go into any galleries to view an image.

Only unique visitors are recorded, so if a visitor views the same photos from the same computer, the system will not record the additional visits because the visitor's IP address is what constitutes a new visitor. Depending on the ISP (Internet Service Provider) settings, multiple computers can be on the same IP address which can skew the visitor count.

5.1.3How Zenfolio Manages Cookie’s for John Coveney Photography

When you visit John Coveney Photography at www.johncoveney.ie and its associated blog at www.johncoveney.ie/blog your notified by Zenfolio that “This site uses cookies. By continuing to use the site you are agreeing to our use of cookies.” You can choose to hide this notification or to click on the Learn More link. If you click on the Learn More link it will generate a pop-up showing the Zenfolio Cookie Policy that is used by John Coveney Photography. This policy is quoted below in italics as it is in the Zenfolio pop-up except that a few active links have been added and a few words have been inserted in [square brackets] to improve readability.

[Zenfolio] Cookie Policy

Our Privacy Policy explains how we collect and use information. This policy explains more about how we use cookies and choices you can make about cookies. By accessing and using our website or other services, you are agreeing to the terms of this policy.

What are cookies?

A cookie is a simple text file that is stored on your computer or mobile device by a website's server. Only that server will be able to retrieve or read the contents of that cookie. Each cookie is unique to your web browser. It contains some anonymous information such as a unique identifier, the site name, and random digits and numbers. Cookies allow a website to remember things like your preferences, or what's in your shopping basket.

For more details about cookies and details of how to delete and disable cookies you can visit www.aboutcookies.org. For more information, including how to turn off cookies, see below.

If you don't want to receive cookies, you can modify your browser so that it notifies you when cookies are sent to it or you can refuse cookies altogether. You can also delete cookies that have already been set. Please refer to the help function within your browser for specific instructions.

How does this website use cookies?

We use cookies on our website for a variety of reasons which you can learn about below. The cookies we use do not store personally identifiable information, nor can they harm your computer. Unless you have adjusted your browser settings (where possible) to refuse cookies, our systems will issue cookies as soon you visit our website. If you have switched off cookies then some of the functionality of our services may not be available to you.

The cookies set by our website fall into the following categories.

Strictly Necessary [Cookies]

These cookies are essential to ensure that you can navigate and use all features of the site. This includes browsing pages, remembering your preferences, saving favorite images, secure registration, placing orders, and other essential features. These cookies don't gather any information about you that could be used for marketing or remembering where you've been on the Internet.

Performance [Cookies]

These cookies allow the website to deliver a better browsing experience. They collect information about your website usage, such as the pages you visit, or if you experience any errors. These cookies don't collect any information that could identify you - all the information collected is anonymous and is only used to help us improve how the website works.

Functionality [Cookies]

Functionality cookies are used to provide services, or to remember settings to improve your visit. We use them for remembering settings you've applied, showing you when you're logged in to the website, saving your favorite images, and so on.

Targeting [Cookies]

Targeting cookies are linked to services provided by third parties. These include 'Like' buttons and 'Share' buttons used by services like Facebook, Google+, Twitter, Pinterest, and others. The third party provides these services in return for recognising that you have visited our website.

Additionally, the website may use Google Analytics or StatCounter services to analyse the use of this website. These services generate statistical and other information about website use by means of cookies, which are stored on users' computers. The information generated relating to our website is used to create reports about the use of the website. You can view privacy policies for Google Analytics or StatCounter on their respective websites.

5.1.4Advertising and my Zenfolio Website

There is no advertising on my website from anyone other than John Coveney Photography and I do not use any of the information gathered on website in connection with advertising.

Your visits to my website at www.johncoveney.ie may result in you seeing advertising for related services in your subsequent internet browsing. This is because your search provider may be recording your search choices especially if you are logged in with that search provider. You may be able to prevent this by deleting cookies or blocking them. If you do this, however, you may find that my website does not work well or at all. Here’s another source providing information about your online choices and cookies. You could also try using search providers that claim not to record your searches such DuckDuckGo or Startpage. As previously stated, any mention of other services in this Privacy Policy should not be taken as an endorsement of that service.

5.2Domain & Email Hosting by LetsHost.ie

The domain name for the  John Coveney Photography website at www.johncoveney.ie is provided by Digital Media Internet Services – an Irish company trading as LetsHost.ie. However, the website itself and all its contents are located on Zenfolio’s servers (see section 5.1) and so are not visible to Letshost.ie. Therefore, LetsHost.ie does not process my website data.

Emails to and from John Coveney Photography email addresses at [email protected] and [email protected] pass through LetsHost.ie’s email servers but they are automatically deleted from those servers once I download them to Microsoft Outlook on my desktop. LetsHost’s terms of service are here  and their GDPR compliance statement is here.

5.3Offsite Secure Backups by Backblaze

All of John Coveney Photography’s business and image data is encrypted before transfer and securely backed up remotely by Backblaze – an American company. Their security policy can be viewed here. All data transfers between JCP and Backblaze are encrypted and done securely via HTTPS. Backblaze is unable to access this encrypted JCP data. I can only access remotely backed up JCP data via a unique password that is also subject to two-factor authentication. In the event of the total loss of part of all of my on-site data and backups, Backblaze will restore data over the internet (up to 500GB) or on shipped encrypted drives for larger amounts of data. This approach to offsite backups and restores “in the cloud” complies with the guidance of the Data Protection Commission.

5.4Broadband Service and Mobile Email Service

5.4.1Broadband Internet Access from Virgin Media Ireland

Data flows between John Coveney Photography and my Zenfolio operated website at www.johncoveney.ie and its hosting domain at LetsHost.ie are done via a broadband connection that is supplied by Virgin Media Ireland. The principal conncetion between my broadband service and my computer is via an ethernet cable to a router supplied by Virgin Media. Occasional access from my mobile phone or laptop is via my secured home wifi connection or my phone data package from Vodafone Ireland. No unsecured public WiFi connections are used. Virgin media details how it provides its broadband service in compliance with GDPR here. Its privacy policy is here, and its cookie policy is here.

5.4.2Mobile Email Access from Gmail

Emails to John Coveney Photography are automatically forwarded to the business’s gmail address, [email protected] so that I have mobile access to my emails on my phone and laptop. When a reply is needed before I return to base, I occasionally reply to emails from this address also. Google’s terms of use for its services including gmail are here and its privacy policy is here. Access to this gmail account is via a unique password.