Photographer and RGPD

The General Data Protection Regulation is a European regulatory text that has provided an equal framework for data processing throughout the European Union (EU) since May 25, 2018.

It is aimed at any structure (whatever its sector of activity and size) established on EU territory or whose activity directly targets European residents, and carrying out the collection and/or processing of personal data.

If you collect personal data (surname, first name, e-mail address, etc.) as part of your activity as a photographer, you have a duty of transparency.

This may be :

- for your prospect/customer files,

- for account creations on your site,

- for subscriptions to your newsletter

- etc.

The RGPD requires you to

- to obtain the informed consent of the person whose data you are collecting

- to inform them of the purpose and use of the data collected.

You must therefore provide access to the following information:

- the identity and contact details of the organization responsible for data processing

- contact details of the Data Protection Officer (DPO) or a point of contact for these matters

- the legal basis for data processing (consent of the person whose data you are collecting, compliance with a legal obligation, performance of a contract, etc.)

- purpose of data collection (fraud prevention, information required by regulations, etc.)

- whether data collection is compulsory or optional, and the consequences for the individual in the event of non-provision of data

- recipients or categories of recipients of the data

- how long the data is kept

- rights of the person whose data you collect: right of refusal, access, rectification and deletion of data, and right to lodge a complaint with the CNIL.

- Where applicable, transfer of personal data to a country outside the European Union.