Who we are
Our website address is: http://goldcoastportrait.com.
What personal data we collect and why we collect it
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
Who we share your data with
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Where we send your data
Visitor comments may be checked through an automated spam detection service.
We design and administer our web services to limit the amount of data collected. We endeavour to protect users and their data when we process data collected.
It is helpful to us to know how our websites are used.
To undertake analysis of how our site is used, we use Google analytics and Facebook pixels to see statistics in relation to our website use, for the following purposes:
- To know how many visitors per day visit site
- To know how much traffic we are sending outbound
- To know which items on our site are being downloaded (e.g. PDFs, long-form, reports, short items)
- To identify items not found, i.e. 404s so that we can fix them
- To identify the types of operating systems being used and browsers so we can design our site accordingly
- To identify the time of day when our site is most used in case we want to do syncs and repairs (that result in our site being down temporarily)
- To identify the percentage of the traffic that is going our over our Tor service.
These statistics are only available to us only
We use social media and social networking services to advance our work. These applications require the use of third party service providers. Notably, we have a Facebook page, Twitter feed, articles published on Medium, and a YouTube channel.
The Facebook page is administered by Facebook, in accordance with Facebook’s Data Policy available here, and is accessible by Facebook users who have already consented to Facebook’s Data Policy. The Group page is managed by Privacy International staff members. We do not export information on our followers from the Facebook platform.
We use direct messaging over social media on occasion, when individuals and organisations contact us on Facebook by leaving messages in our Inbox or by sending us Direct Messages on Twitter. We aim to delete these messages as soon as we have responded to the queries.
We will continue to push social media companies for stronger privacy protections for all their users.
Your contact information
All contact information submitted via contact forms are used to email you as requested. Through the email opt in, your first and last name, along with an optional phone number is collected for our use only, to contact you as requested. This email address may also be used to keep in contact with you every few months. This data is kept on our file and in cloud storage until you opt out. There is always an unsubscribe option
How we protect your data
Your Boudoir Studio/ Vanessa van Straaten Photographer/ Gold Coast Portrait strongly believes that you have the right to control the use of your personal information, and that your privacy must be respected. We strictly limit the collection and processing of your personal data, and to the best of our abilities we will work only with other organisations who do the same. We will not use personal data that you provide to us in a manner inconsistent with the purposes for which you provided it to us, as set out below.
We do not sell, rent or lease personal data.
We will vigorously challenge any attempts by government agencies or private sector organisations to gain access to any information that you give us.
What automated decision making and/or profiling we do with user data
Emails received through firstname.lastname@example.org are reviewed by one staff member, sent onwards when necessary to other staff members, and deleted as quickly as possible. Similarly, emails sent to our other general addresses, e.g. email@example.com, are reviewed and deleted as quickly as possible. We do not disclose the names of senders to others outside of Privacy International, i.e. third parties, without your permission.
Industry regulatory disclosure requirements
You have rights under data protection law over your personal data.
You are entitled, to request access to, rectification of, or erasure of your personal data. You are also entitled, to request restriction of collection and/or processing of, or object to certain types of collection and/or processing of your personal data. You have the right to ask us not to collect and/or process your personal data for marketing purposes; we currently require your consent by opting-in, and you can change your preferences at any time. We will usually inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. You may also, in some circumstances, have a right to data portability.
We will provide you with a response to your requests in accordance with Australian data protection law. Requests can be submitted at any time by email to firstname.lastname@example.org, or by post to the physical address set out below. You also have the right to lodge a complaint with the corresponding data protection supervisory authority in your country of residence