Privacy Policy

Effective date: 1 March 2026
Last updated: 1 March 2026

This Privacy Policy explains how OnlyDiscovering Productions (“we”, “us”, “our”) collects, uses, shares, and protects personal data when you visit onlydiscovering.com, contact us, or work with us.

Who we are

OnlyDiscovering Productions is the data controller for personal data processed through onlydiscovering.com and our business communications. Our contact details are: legal name or trading name: OnlyDiscovering Productions; registered address in Belgium; email: onlydiscoverings@gmail.com; country of establishment: Belgium. Data protection law requires controllers to provide clear identity and contact details and other key information to individuals at the time data is collected.

Scope of this policy

This policy applies when you browse our website, submit an enquiry, request a proposal, book a call, submit a “Get Your Photos” request, purchase services, communicate with us by email, phone or social media, or otherwise engage with our photography, video, branding strategy, advertising, creative, and related services. This includes events (corporate, birthdays, nightclubs), weddings, real estate, aerial/drone photography, portraits, and brand strategy packages. If you are a client and you provide personal data to us about other people (for example, event attendees appearing in photographs or videos) for campaign delivery or similar work, you may be the controller for that data and we may act as a processor on your behalf, in which case our contract with you will govern how we process that data, including confidentiality, security, and deletion or return.

The personal data we collect

We collect personal data you choose to provide, such as your name, business name, job title, email address, phone number, website, and the content of your message or brief, including any attachments and the details you share about your objectives and requirements.

Additionally, for “Get Your Photos” requests we collect event date, location, and any other verification details you provide so that we can confirm your request against our records.

We also collect data generated during our relationship, such as project communications, proposals, statements of work, approvals, feedback, meeting notes, invoices, payment status, and client administration records. Where relevant and necessary, we may process information contained within creative assets, advertising accounts, analytics reports, and campaign outputs — including photographs and videos (and any embedded Exif metadata or GPS coordinates from drone or real-estate shoots) — in order to provide the services you request.

When you visit our site, we may automatically collect technical and usage data such as IP address, general location derived from IP, device type, browser type, operating system, language settings, pages viewed, time on page, clicks, and referrer information. We may also receive information from third parties, such as your colleagues who refer you, service providers that support our operations, and publicly available business information, for example your company website and public professional profiles.

How we use personal data and our lawful bases

We process personal data only where we have a lawful basis. The lawful bases we most commonly rely on are contractual necessity (including steps taken at your request before entering into a contract), legitimate interests, consent (primarily for non-essential cookies and certain marketing activities), and compliance with legal obligations. Data protection law requires transparent information about purposes and lawful bases, and this policy is intended to meet that requirement.

We use your information to respond to enquiries, qualify requests, prepare proposals, schedule calls, provide quotations, onboard clients, and manage communications. We use it to verify “Get Your Photos” requests against our event records and to deliver the relevant gallery links or photos (noting that inaccurate event details may prevent processing and result in no response). We use it to capture, process, edit, store, and deliver photography and video content as part of our services, including strategy, campaign planning, creative development, advertising execution, measurement, reporting, and client support. We use it for business operations such as record keeping, billing, accounting, internal administration, process improvement, quality control, and maintaining our portfolio of work.

We may also use personal data to protect our website and business, including monitoring for abuse, preventing fraud, securing systems, enforcing our terms, and establishing, exercising, or defending legal claims. We process data to comply with legal and tax obligations, respond to lawful requests, and maintain appropriate business records.

Legitimate interests and the latitude we use

Where we rely on legitimate interests, we do so to run and grow our business efficiently, to provide and improve services, to communicate with prospective and existing clients, to maintain security, to prevent misuse, to measure performance, and to develop our methods and offerings. We may also rely on legitimate interests to maintain a reasonable archive of business correspondence and project materials for continuity, quality assurance, and legal protection, including for event photography where obtaining individual consent from every attendee would be impractical. When we rely on legitimate interests, we consider necessity, reasonable expectations, the potential impact on individuals, and safeguards such as access controls, minimisation, and opt-outs.

Marketing communications

We may contact you about our services, updates, and opportunities where permitted by law. You can opt out of direct marketing at any time by using the unsubscribe link where provided or by contacting us using the details in this policy. Where consent is required for a particular type of marketing, we will request it, and you can withdraw consent at any time.

Portfolio, case studies, and showcasing work

We may showcase our photography and video work to demonstrate our capabilities, including on our website and in proposals, presentations, or pitches. We aim to use anonymised or aggregated information where possible. If showcasing could reasonably identify an individual (including third-party subjects in event, wedding, or portrait photography), or if the nature of the project requires it, we will use appropriate safeguards such as minimising what is shown, removing personal identifiers, restricting access, or requesting permission where needed. If you are a client and your agreement with us includes confidentiality terms, those terms will govern what we can publish.

Cookies and similar technologies

We use cookies and similar technologies to provide essential site functionality and security and, where enabled, to understand usage and measure performance. Some technologies that store information on, or access information from, your device may require consent unless they are strictly necessary for the service you request. If we use optional analytics or advertising cookies, we will present choices through a consent mechanism where required.

Who we share personal data with

We may share personal data with service providers who help us operate and deliver services, such as website hosting, email, analytics, scheduling, invoicing, payments, cloud storage, security, gallery or album hosting providers (to facilitate delivery of photo links), and professional advisers like accountants, insurers, and legal counsel. We may also share data with advertising and social platforms when running campaigns, measuring performance, or integrating lead flows, either on our own behalf where lawful or on a client’s instructions where we are acting as a processor. We may disclose information where required by law, where necessary to protect rights and safety, or in connection with a business sale, merger, reorganisation, or transfer, in which case data may be shared with relevant parties subject to appropriate safeguards.

International transfers

We may use suppliers and tools that process data outside the UK or European Economic Area. Where transfers require safeguards, we use recognised mechanisms such as adequacy decisions or standard contractual clauses, and we apply appropriate technical and organisational measures.

Data retention

We keep personal data only for as long as necessary for the purposes described in this policy. In practice, this means we retain enquiry and “Get Your Photos” records for a reasonable period to manage follow-ups and maintain a history of discussions (or until verification and delivery are complete); we retain client and project records, including photographs and videos, for the duration of the relationship and for a period afterwards to support continuity, handle disputes, comply with legal and tax obligations, and maintain business records; and we retain security logs for as long as needed to protect systems and investigate incidents. Where we cannot specify a single retention period, we determine retention based on the nature of the data, the purpose for which it was collected, contractual requirements, legal limitation periods, and the need to maintain accurate business records. Data protection rules require controllers to inform individuals about retention periods or the criteria used to set them.

Security

We apply appropriate technical and organisational measures designed to protect personal data, including access controls, least privilege access, secure storage practices, and processes for handling suspected incidents. No method of transmission or storage is guaranteed to be completely secure, but we work to prevent unauthorised access, disclosure, alteration, or loss.

Your rights

Depending on your location and applicable law, you may have rights to access, correct, delete, restrict, or port your personal data, and to object to certain processing, particularly processing based on legitimate interests and direct marketing. Where processing is based on consent, you can withdraw consent at any time without affecting the lawfulness of processing before withdrawal. We may need to verify your identity before acting on a request. In some circumstances, data protection law allows a controller to charge a reasonable fee or refuse a request if it is manifestly unfounded or excessive, and any decision will be explained.

To exercise your rights, contact us using the details in the “About” section and include enough information for us to locate your data and understand your request.

Complaints

If you have concerns, please contact us first and we will try to resolve them. You also have the right to lodge a complaint with the Belgian Data Protection Authority (Autorité de protection des données / Gegevensbeschermingsautoriteit). Their contact details and complaint process are available on their website.

Children

Our website and services are not directed at children under 16, and we do not knowingly collect personal data from children. This is particularly relevant for family-oriented services such as portraits, weddings, and birthday events, where parental consent may be required for image processing.

Third party links

Our website may contain links to third party websites or services. We are not responsible for their privacy practices, and you should review their privacy information before providing personal data.

Changes to this policy

We may update this policy from time to time. We will post the updated version on this page and update the “Last updated” date above.

Contact

For privacy questions, requests, or concerns, contact OnlyDiscovering Productions at: onlydiscoverings@gmail.com