Skip to content
Jason Holt Photography

Privacy Policy

This Privacy Policy explains how Jason Holt Photography collects, uses, and protects your personal information. We are committed to ensuring your privacy is protected in accordance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

Impressum (Legal Notice) - §5 TMG

Jason Holt Photography, owner Jason Holt
Complete address in Frankfurt
Commercial register information
VAT identification number
Contact information: privacy@jasonholtphotography.com

1. Controller Information

The controller responsible for data processing on this website is Jason Holt Photography, based in Frankfurt, Germany. Complete contact information can be found in the Impressum section.

2. Information We Collect

We may collect the following information:

  • Name and contact information including email address and phone number
  • Demographic information such as address and postal code
  • Session preferences and requirements
  • Images and photographs taken during your session
  • Website usage data through cookies and analytics

3. Legal Basis for Processing

We process your personal data on the following legal bases according to Article 6 of the GDPR:

  • Contract fulfillment (Art. 6(1)(b) GDPR): Processing necessary for the performance of our contract with you (booking, providing photography services)
  • Legitimate interests (Art. 6(1)(f) GDPR): Processing necessary for our legitimate interests (improving services, internal record keeping, portfolio development)
  • Legal obligation (Art. 6(1)(c) GDPR): Processing necessary for compliance with legal obligations (tax records, commercial law requirements)
  • Consent (Art. 6(1)(a) GDPR): Processing based on your specific consent (marketing communications, use of images for portfolio)

4. How We Use Your Information

We use your personal information for:

  • Managing your booking and providing photography services (legal basis: contract fulfillment)
  • Internal record keeping and business management (legal basis: legitimate interests, legal obligation)
  • Improving our products and services (legal basis: legitimate interests)
  • Sending promotional emails about new services or special offers (legal basis: consent)
  • Creating and maintaining photography portfolio (legal basis: consent or legitimate interests, depending on circumstances)
  • Contacting you regarding your session or booking (legal basis: contract fulfillment)

5. Data Security

We are committed to ensuring your information is secure. We have implemented suitable physical, electronic, and managerial procedures to safeguard and secure the information we collect online, following the requirements of Art. 32 GDPR on data security.

6. Cookies and Tracking

Our website uses cookies to improve your experience. Cookies are small files stored on your computer that help analyze web traffic and allow web applications to respond to you as an individual.

We use the following types of cookies:

  • Essential cookies: Necessary for the website to function properly
  • Preference cookies: Enable the website to remember your preferences
  • Statistics cookies: Help us understand how visitors interact with the website
  • Marketing cookies: Used to track visitors across websites for marketing purposes (only with your explicit consent)

When you first visit our website, you will be asked to consent to non-essential cookies. You can manage your cookie preferences at any time through our cookie banner or by modifying your browser settings.

7. Third-Party Services

We use third-party services for:

  • Booking management: TidyCal (for scheduling appointments)
  • Email communication: Email service providers for managing client communications
  • Image galleries and delivery: Secure gallery platforms for sharing images with clients
  • Website analytics: To analyze website performance and user behavior

These third parties have access to your personal data only to perform specific tasks on our behalf and are obligated to not disclose or use it for any other purpose. All third parties we use that process EU citizen data comply with GDPR requirements.

8. Data Transfers Outside the EU

Some of our service providers may be based outside the European Economic Area (EEA), which means your data may be processed outside the EEA. Whenever we transfer your personal data outside the EEA, we ensure a similar degree of protection by ensuring at least one of the following safeguards is implemented:

  • Transfer to countries that have been deemed to provide an adequate level of protection by the European Commission
  • Use of specific contracts approved by the European Commission (Standard Contractual Clauses)
  • Transfer to providers participating in approved certification mechanisms

9. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

Specific retention periods:

  • Contact information: Retained for up to 3 years after our last interaction
  • Contract and payment data: Retained for 10 years to comply with tax and commercial law requirements
  • Photography images: Retained for a minimum of one year after delivery, or longer with your permission for portfolio use
  • Website analytics data: Retained in anonymous form for up to 26 months

10. Your Rights Under GDPR

Under GDPR and other applicable data protection laws, you have the following rights:

  • Right to access (Art. 15 GDPR): You can request copies of your personal data
  • Right to rectification (Art. 16 GDPR): You can request correction of inaccurate or completion of incomplete data
  • Right to erasure (Art. 17 GDPR): You can request deletion of your personal data in certain circumstances
  • Right to restriction of processing (Art. 18 GDPR): You can request restriction of processing of your personal data
  • Right to data portability (Art. 20 GDPR): You can request transfer of your data to you or another controller
  • Right to object (Art. 21 GDPR): You can object to processing based on legitimate interests
  • Right to withdraw consent (Art. 7(3) GDPR): You can withdraw consent at any time where we rely on consent to process your data
  • Right to lodge a complaint: You can complain to a supervisory authority

How to Exercise Your Rights

To exercise any of these rights, please contact us using the information in the Contact section. We will respond to all legitimate requests within one month. There is no fee for exercising your rights, but we may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive.

11. Data Protection Officer

Based on the size and nature of our operations, Jason Holt Photography is not required to appoint a formal Data Protection Officer according to Art. 37 GDPR. However, for all concerns regarding data protection, please contact us directly using the information provided in the Contact section.

12. Children's Privacy

For sessions involving minors under 16, we require parental consent before collecting any personal information, in accordance with Art. 8 GDPR. Parents have the right to review and request deletion of their child's information.

13. Changes to This Policy

We may update this privacy policy periodically. Changes will be posted on this page with an updated revision date. If we make significant changes to how we treat your personal data, we will notify you through a notice on our website.

14. Contact Information

If you have any questions about this privacy policy or how we handle your personal information, please contact us at:

Email: privacy@jasonholtphotography.com
Address: See our Impressum section for full contact details

Last updated: April 7, 2025