Privacy Policy


I am delighted that you have shown interest in my business. Data protection is of a particularly high priority for us. 

 In very basic terms, we completely respect your personal information and will only ask you for what information we really need from you. We will look after it in the same way we would our own, keeping it secure!  Be assured that we will never share your information– nor will we sell it on elsewhere. 

1. What Information Is Being Collected

What Information is being collected?

As a data controller David McIntosh Photography will collect a variety of data in order to deliver our services, and will manage your personal data transparently, fairly and securely.

When you book a session with our self we will collect basic personal data about you that may include your name,  email, contact number, agreement to our session terms and consent to take your photograph during the session (or parental consent in the case or a newborn or family session with children). If your partner/family member/friend is attending a session or being photographed, we will also ask for their first name and for children we will ask their age. This information helps us prepare the studio, lighting and ideas for your session and lets us contact you about your session if needed.

When placing an order we will store any data related to the order that we need to in order to process your order (for example, who placed the order, contact details for letting you know that your order is ready or your address if you have asked us to deliver your order.

As part of being a photography studio, we will also create and manage images as per our contractual agreement(s).  

2. How We Collect Data

How we collect your data.

The data we collect is directly from yourself. This could include when you fill in a form on our website, sign a contract in our studio, log in to your client gallery, send us an e-mail or message on social media or place an order with us. 

In some cases, data may be given to our self by a third party if they are purchasing a gift voucher for a session. This would be a name and contact information to allow us to provide the service. 

3. Why We collect Data

Why we collect your data?

We use your data to contact you in relation to your enquiries and any contractually agreed services or website if we have had your permission to do so and to generally fulfil our contract with you.

We will not collect any personal data from you that we do not need in order to provide and oversee our services to you. Please note that unlike most companies, we do not market by e-mail. 

What do we do with your data and how do we store it?

The processing of personal data, such as the name, address, e-mail address, or telephone number of a data subject shall always be in line with the General Data Protection Regulation (GDPR), and in accordance with the country-specific data protection regulations applicable to David McIntosh Photography.

If you email us or send messages via social media, these messages are stored within the email system or social media accounts. These messages are stored for as long as needed. All information you provide to us is stored on our secure servers. Physical information copies are stored on our premises in a secure unit. As we own intellectual property rights to our images, we store the images for as long as is required for legitimate business interests.

For marketing, archival purposes and legitimate business interests, some of our images may be archived and backed up indefinitely or until you request otherwise. We may also archive and keep indefinitely any contracts, consent forms and any other form of proof of fulfilment of contract. 

We take your privacy very seriously and we do not share or sell your email or any contact information with any third party organisations.  Our website provider, deposit system and e-mail are all provided by companies that are part of the US-EU Privacy Shield Framework and we have taken every endeavour to make sure all companies we work with in any capacity are GDPR complaint..

In the unlikely event of a criminal breach of security I will inform the relevant regulatory body as quickly as possible and, if your personal data were involved in the breach, I will also inform you.

4. What Do We Do With Your Data And How Do We Store It

Your Rights

You have the following rights -

  • -  the right to be informed about the collection and use of your personal data

  • -  the right of access to your personal data and any supplementary information

  • -  the right to have any errors in your personal data rectified

  • -  the right to have your personal data erased

  • -  the right to block or suppressing the processing of your personal data

  • -  the right to move, copy or transfer your personal data from one IT environment to another

  • -  the right to object to processing of your personal data in certain circumstances, and

  • -  rights related to automated decision-making and profiling. 

5. Your Rights

Further Information

We may change this privacy policy from time to time. When I do, I will let you know by changing the date on this policy, notifying customers of only significant changes. By continuing to access or use my services after those changes become effective, you agree to be bound by the revised privacy policy. If you would like any clarification on how we collect , store or process your data, please contact us directly.

If you would like further information on the legal guidelines we operate within, or have any concerns about how we use your data, please check the Information Commissioner's Office website. ( ) 

To contact us, please e-mail;


6. Further Information