top of page

GDPR Compliance

At GalaxEye, we take your privacy seriously. This page explains how we collect, use, and protect your personal data in line with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

1. Who We Are

GalaxEye is a photography and art business based in Whitstable, UK. We create unique eye photography artwork for individuals, families, and groups.

Business Address:
Hut 13, Whitstable Harbour, Market CT5 1AB, United Kingdom

If you have any questions about this policy or your data, you can contact us at:

+447587345900

Galaxeyephotography@gmail.com

2. What Data We Collect

We may collect and process the following types of personal data when you interact with our website, book a session, or purchase a product:

  • Identity details: Name, contact details (email, phone number).

  • Booking information: Date and time of your session, preferences, order details.

  • Payment information: Processed securely via our payment provider (we never store card details).

  • Technical data: IP address, browser type, cookies, and analytics information.

  • Marketing preferences: Your consent to receive updates, promotions, or newsletters.

3. How We Use Your Data

We only use your data for specific purposes, including:

  • To process and confirm bookings and purchases.

  • To create and deliver your personalised artwork.

  • To communicate with you regarding your order or enquiries.

  • To send you marketing updates (only if you’ve opted in).

  • To improve our website and services through analytics.

4. Legal Basis for Processing

We process your data based on:

  • Contract: When you book a session or purchase from us, we need your data to fulfil our services.

  • Consent: When you sign up for newsletters or agree to marketing.

  • Legitimate interests: To improve our services and maintain site security.

  • Legal obligations: Where we must keep certain records for tax or accounting purposes.

5. Sharing Your Data

We never sell your personal data. We may share it with trusted third parties only when necessary, such as:

  • Payment providers (to securely process your order).

  • Delivery services (to send your artwork).

  • Website and IT service providers (to help us run our website securely).

All partners are GDPR-compliant.

6. How Long We Keep Your Data

We only keep your personal data for as long as necessary:

  • Booking and order details: Up to 6 years (for legal and tax purposes).

  • Marketing data: Until you unsubscribe or request deletion.

  • Technical/cookie data: As per our Cookie Policy.

7. Your Rights

Under GDPR, you have the following rights regarding your personal data:

  • Access – Request a copy of the data we hold about you.

  • Correction – Ask us to correct inaccurate or incomplete data.

  • Erasure – Request deletion of your data (“right to be forgotten”).

  • Restriction – Limit how we process your data.

  • Portability – Request your data in a machine-readable format.

  • Objection – Opt out of certain types of processing (e.g., marketing).

To exercise your rights, contact us at Galaxeyephotography@gmail.com

8. Cookies & Tracking

Our website uses cookies to:

  • Improve your browsing experience.

  • Analyse site performance and visitor behaviour.

  • Remember your preferences.

For more details, see our Cookie Policy.

9. Data Security

We use technical and organisational measures to protect your data against loss, misuse, or unauthorised access. This includes secure payment gateways, SSL encryption, and restricted access to personal data.

10. Changes to This Policy

We may update this GDPR Policy from time to time. Any changes will be posted on this page, with the date of the last update clearly shown.

Last updated: 04/09/2025

bottom of page