• Duc M Phung Photography
    Data Protection Statement
  • You can use this website without the need to provide any personal data.
  • In order to provide a comprehensive service Duc M Phung Photography may at times request information relating to his clients or any additional participants taking part in a photographic session.
  • All of this infomation will be requested by Duc M Phung Photography or via email/telephone.
  • Any personal data, such as the name, address, e-mail address or telephone number shall always be in line with the General Data Protection Regulation (GDPR), and in accordance with any European specific data protection regulations.

  • It will be stored and sent to Duc M Phung Photography via a encrypted site or in paper form taken in person at the time of booking and stored in a locked filing cabinet.
  • The information provided by the client will be held by Duc M Phung Photography for up to 6 years.
  • A copy of this data will always be available to the client at no cost.
  • The Policy may change from time to time, and by using my website, you’re agreeing to be bound by this Policy.
  • Duc M Phung will be the sole person responsible for processing this data.
  • This data will only ever be used by Duc M Phung Photography.
  • This Data will not be sold to third parties.
  • All service providers sourced by Duc M Phung Photography will be verified as being GDPR Compliant.
  • I will use any information that you provide to:

    1. Carry out any obligations arising from any contracts entered into by you and me

    2. Seek your views or comments on the services I provide.

    3. Notify you of any changes to my services.

  • Direct Marketing

    Duc M Phung Photography does not generate a newsletter, offer any subscriptions and does not generate bulk or direct mail shots for marketing. If I contact you, it will be about an enquiry you have made or any photographic services we have agreed upon. All communications will be sent directly from me to you.

  • Every year the data stored will be reviewed and disposed of by means of shredding/deletion if it has lapsed over 6 years.
  • The Data Protection Statement will be reviewed every 12 months.