Privacy Policy

1. Introduction

Hossam Abbas Photography ("we," "us," or "our") respects your privacy. This policy explains how we collect, use, disclose, and safeguard your personal data when you visit our website ([website URL]), book photography services, or purchase prints. By using our services, you consent to the practices described herein.

2. Information We Collect

A. Data You Provide
Contact Information: Name, email, phone number, and shipping address when you book a session or order prints.

Payment Details: Credit card information (processed securely via Stripe/PayPal – we do not store full card numbers).

Project Preferences: Shoot location, desired style, and other session-specific requests.

B. Automatically Collected Data

Usage Data: IP address, browser type, pages visited, and session duration (via Google Analytics).

Cookies: Small text files for site functionality (e.g., shopping cart) and analytics (see Cookie Policy).

C. Third-Party Data

Social media interactions (e.g., Instagram messages if you contact us through platforms).

3. How We Use Your Data

Service Delivery: Process orders, schedule shoots, and deliver prints.
Communication: Respond to inquiries and send booking confirmations/invoices.
Marketing: Send promotional emails (only with consent; opt-out anytime via unsubscribe link).
Improvements: Analyze website traffic to enhance user experience.

4. Data Sharing & Disclosure

We never sell your data. Limited sharing occurs with:
Service Providers: Print labs, couriers, and payment processors (strictly for order fulfillment).
Legal Compliance: If required by law (e.g., court subpoena).

5. Data Security

Encryption: SSL/TLS for all data transmissions.
Access Controls: Password-protected systems with limited staff access.
Retention: Personal data is stored only as long as necessary (e.g., tax records for 7 years).

6. Your Rights

Depending on your location (GDPR/CCPA), you may:
Request access to or deletion of your data.
Correct inaccuracies in your information.
Withdraw consent (e.g., unsubscribe from emails).
Lodge complaints with your local data protection authority.

7. International Transfers

Data may be processed outside your country (e.g., U.S. servers) but is protected via standard contractual clauses.

8. Children’s Privacy

Our services are not directed at children under 16. We do not knowingly collect their data.

9. Policy Updates

Changes will be posted here with an updated "Last Revised" date.

Key Compliance:

GDPR (EU): Explicit consent for data collection/processing.

CCPA (California): Right to opt out of data sales (though we do not sell data).

PIPEDA (Canada): Transparency about data handling.

Optional Add-Ons:

Data Processing Agreement (DPA): For commercial clients requiring GDPR compliance.

Cookie Banner: Link to detailed Cookie Policy for EU visitors.

Need to customize further for:

Client Galleries (password-protected image delivery)?

Testimonials (consent to display names/photos)?

Workshops (attendee data handling)?

Let me know!