Legal
Privacy Policy
Effective date: 27 June 2025 · Last updated: 27 June 2025
Austin Vows (“we”, “us”, “our”) is committed to protecting your privacy. This policy explains what personal data we collect, why we collect it, how long we keep it, and your rights under the General Data Protection Regulation (GDPR) and the Irish Data Protection Acts 1988–2018.
Who we are
Austin Vows is a wedding photography and videography studio operating across Ireland and the United Kingdom. We are the data controller for personal data collected through this website, our booking process, and our member portal.
Contact: info@austinvows.com
Data we collect
We collect personal data in the following ways:
Enquiry & contact forms
Name, email address, phone number, wedding date, venue, and any message content you submit.
Member account registration
First name, last name, email address, and password (stored as a bcrypt hash — we never store your plain-text password). Optionally: phone number, referral source.
Online shop & bookings
Name and email address submitted at checkout. Payment is processed by Stripe — we do not receive or store your card details at any point.
Loyalty programme
Points earned, events logged (e.g. booking, referral, review), vouchers claimed and redeemed.
Shop activity & analytics
Session identifiers, IP address, browser type, pages visited, and which packages or products you clicked on. This data is used solely for internal retargeting and improving our shop experience — it is never sold or shared with third-party ad platforms.
Communications
If you email us directly, we retain that correspondence.
How we use your data
- To respond to your enquiry and provide a quote
- To deliver photography and videography services you have booked
- To manage your member account, loyalty points, and vouchers
- To process online shop orders via Stripe
- To send transactional emails (booking confirmations, welcome emails, voucher codes)
- To analyse shop activity for internal retargeting and service improvement
- To comply with our legal and tax obligations
We do not use your data for automated decision-making or profiling that produces legal or similarly significant effects.
Legal basis for processing
We rely on the following lawful bases under GDPR Article 6:
- Contract — processing your booking, delivering services, and managing your account
- Legitimate interests — shop activity logging for retargeting, fraud prevention, improving our service
- Legal obligation — retaining financial records for tax purposes
- Consent — where we send optional marketing communications (you may withdraw consent at any time)
Cookies
We use the following types of cookies:
- Essential cookies — session authentication for your member account and admin access. These are required for the site to function.
- Session storage — a temporary shop session ID stored in your browser’s sessionStorage (cleared when you close the tab). Used to log shop interactions for internal analytics only.
- Referral cookies — if you arrive via a referral link (/r/[code]), a short-lived cookie records which referral brought you here so loyalty points can be credited correctly.
We do not use Google Analytics, Facebook Pixel, or any third-party advertising cookies. You can manage cookies in your browser settings. Blocking essential cookies will prevent you from signing in to your member account.
Data retention
- Enquiry data — retained for 2 years after last contact, then deleted unless a booking results
- Booking & order records — retained for 7 years to meet Irish Revenue requirements
- Member accounts — retained while your account is active. You may request deletion at any time
- Loyalty events & vouchers — retained while your account is active; deleted with your account on request
- Shop activity logs — retained for 12 months, then anonymised
Your rights
Under GDPR you have the following rights:
- Access — request a copy of the personal data we hold about you
- Rectification — request correction of inaccurate or incomplete data
- Erasure — request deletion of your data where there is no legitimate reason to retain it
- Restriction — request that we restrict processing of your data in certain circumstances
- Data portability — receive your data in a structured, machine-readable format
- Object — object to processing based on legitimate interests
- Withdraw consent — where processing is based on consent, withdraw it at any time without affecting prior processing
To exercise any right, email us at info@austinvows.com. We will respond within 30 days. You also have the right to lodge a complaint with the Irish Data Protection Commission at dataprotection.ie.
Data security
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, or disclosure:
- All data transmitted via this site is encrypted with TLS (HTTPS)
- Passwords are hashed with bcrypt — we cannot see or recover your password
- Admin and user sessions use HMAC-signed cookies with server-side verification
- Database access is restricted to our application server; no public access
- Payment data is handled exclusively by Stripe — we never see card numbers
Children
Our website and services are not directed at children under 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.
Changes to this policy
We may update this Privacy Policy from time to time. Material changes will be notified to registered members by email. The “Last updated” date at the top of this page will always reflect the most recent version.
Contact
For any privacy-related questions or to exercise your rights, contact us at:
Austin Vows