GDPR Overview

GDPR

GDPR (General Data Protection Regulations) came into force on May 25th 2018.  It's purpose is to ensure that organisations have strict policies and practices in place for managing and handling personal data. In light of the coming changes in data protection regulation, we have been conducting a full audit of our processes. To view our latest GDPR regulations, please Click Here.

General Data Protection Regulation

1. Active Photo are unique in the way we 
produce online orders. Every image is stored on our secure, in house server managed and maintained by Microsoft Azure. Only when a 14 unique code is entered does the proof image become available to view.

2. Our server is located within our secure laboratory; this includes a electronic fob entry and is monitored through Yale’s alarm system, along with monitored gates and security camera system to the premises.

3. Our images are not stored on any cloud-based software.
4. When parents wish to view and order their child’s photograph they log in using a unique access code, consisting of 14 letter/numbers. 
5. Access to personal data is protected and only available to key staff members.
6. Active Photo are fully registered with Data Protection Services. Notification number ZA352681
7. Active Photo take privacy seriously and will only use personal information to administer our customer’s accounts and provide the products and services they have requested.
8. Direct to home orders are dispatched containing no relatable order information. All order details are kept in our secure laboratory for support queries only.
9. Active Photo website includes a bank level secure SSL certificate.
10. Hard copies of all sensitive data are stored securely within the laboratory and shredded after support use.
11. Personal data / Digital image removed if requested in writing.

 
We have also updated our Privacy Policy and Terms and Conditions, these can be found below.