Privacy Policy


D&H Photo Services (“Starlight Studios”) is a controller of your personal data. We gather and uses certain information about individuals in order to provide products and services. We respect your data and your privacy is important to us.

This privacy policy explains what personal data we collect, how we use it and your rights. Our registered address of business is D&H Photo Services, 59 Cowgate, Kirkintilloch, G66 1HW.

What data we gather

We collect information when you purchase something using our loyalty card, or when you contact us. We keep information that you give to us directly, such as your name, e-mail address and telephone number. In addition, we also collect information such as frequency of visits to our store, details of purchases and where you take advantage of our promotional offers.

If you communicate with us via our web site, we may capture your IP address, as well as information about the pages on our web site that you visit or engage with. If you post information online about us, we may keep a record.

We keep a record of any communication you send to us, such as complaints, feedback, you receive compensation or enter a competition. This will include your details as well as related information, such as letters, e-mails and records of telephone calls.

From time to time, we might receive your information from a third-party, such as when someone purchases a gift card for you, we may receive your name and e-mail address.

How we use this data

Collecting this data helps us understand what you are looking from the company, enabling us to deliver improved products and services, including for marketing, research, feedback and enquiries. We also use the data for safety and security purposes, such as preventing fraud.

We are allowed to use your data only if we have a proper reason to do so, such as:

  • to fulfil a contract we have with you;

  • when it is in our legitimate interest;

  • when you consent to it;

  • or to comply with the law.

A legitimate interest is when we have a business or commercial reason to use your data. We make an assessment of when we can rely on our legitimate interests. You can obtain more information about this by contacting us. Our legitimate interests include keeping our records up to date, fulfilling our legal, compliance and contractual duties, working out which of our products and services may be of interest to you, improving our products and services, telling you about our products and services, and carrying out market research.

When you give consent, you are able to withdraw your consent at any time. You can do this by e-mailing You can also contact us at this e-mail address if you wish to obtain a copy of your data, or you need to make changes such as corrections, updates or restrict what data we use.

We monitor our telephone calls, web sites and social media platforms. If you comment or post on our pages, we may capture this information, contact you or use the information to improve our products and services. We run competitions and promotions and track which offers seem of interest to you. We also analyse your purchases and frequency of purchases to better understand you as a customer and to send you e-mails, including offers and promotions tailored to your perceived preferences.

You can unsubscribe from our marketing communications at any time. Whenever we send you an e-mail, you can follow the ‘Unsubscribe’ link at the bottom of each e-mail. You can also update your preferences by visiting our web site – – or by e-mailing

To prevent, investigate and/or report fraud, misrepresentation, security incidents or crime, including where we are required by law, we may:

  • monitor our loyalty cards, review CCTV, telephone call logs and e-mails;

  • use third party organisations to check the validity of payment details, such as credit or debit cards.

  • Keep records and pass your data to our insurers when necessary.

  • Keep records to comply with health and safety requirements.

Data Sharing

We use third party providers to assist with the running and management of our business. We use third-party providers for:

  • sending marketing communications, such as promotional offers, news and discounts.

  • Managing our loyalty scheme, gift cards and transactions.

  • Insurance

  • IT development, including our web site.

  • Payments processing enabling you to pay by credit or debit card.

  • CCTV.

Personal data may be shared with government authorities and/or law enforcement officials for the prevention or detection of crime, if required by law or if required for a legal or contractual claim.

Cookies and how we use them

What is a cookie?

A cookie is a small file placed on your computer's hard drive. It enables our website to identify your computer as you view different pages on our website.

Cookies allow websites and applications to store your preferences in order to present content, options or functions that are specific to you. They also enable us to see information like how many people use the website and what pages they tend to visit.

How we use cookies

We may use cookies to:

  • Analyse our web traffic using an analytics package. Aggregated usage data helps us improve the website structure, design, content and functions.

  • Identify whether you are signed in to our website. A cookie allows us to check whether you are signed in to the site.

  • Test content on our website. For example, 50% of our users might see one piece of content, the other 50% a different piece of content.

  • Store information about your preferences. The website can then present you with information you will find more relevant and interesting.

  • To recognise when you return to our website. We may show your relevant content, or provide functionality you used previously.

Cookies do not provide us with access to your computer or any information about you, other than that which you choose to share with us.

Controlling cookies

You can use your web browser’s cookie settings to determine how our website uses cookies. If you do not want our website to store cookies on your computer or device, you should set your web browser to refuse cookies. However, please note that doing this may affect how our website functions. Some pages and services may become unavailable to you.

Unless you have changed your browser to refuse cookies, our website will issue cookies when you visit it. To learn more about cookies and how they are used, visit All About Cookies.

Data Retention

We always look to keep your data for the minimum time in line with data protection principles and our processes. For example, we keep:

  • Information about our loyalty scheme members.

  • Records of payment information in line with tax law and audit requirements.

  • Customer feedback and correspondence with our customer services teams for up to 1 year, depending on the nature of the interaction and any applicable law, such as health and safety. This enables us to respond to any questions or complaints.

  • Information to maintain records according to rules that apply to us.

If you unsubscribe from marketing communications we keep a record of this request indefinitely to ensure we do not send you direct marketing again.

We may keep your data for longer if we cannot delete it for legal, regulatory or technical reasons.

Your Rights

You have rights over your personal data.

You can:

  • ask for a copy of your information;

  • ask for information to be corrected;

  • ask for information to be erased or deleted;

  • ask for us to limit or restrict processing;

  • object to us processing your data, in particular where we use the data for direct marketing, including profiling for direct marketing purposes. The right to object does not apply if we must process the data to meet a contractual or legal requirement;

  • ask us to send you a copy in a structured digital format or ask for us to send it to another party.

Some rights, however, may be limited. We may be obliged by law or regulation to keep information. We must respect other people’s privacy as well, which means we may need to redact or remove information where it includes personal data about someone else, even if it is connected to your data.

On occasion there may be a compelling legitimate interest to keep processing data.

If you want a copy of your data, to object to how we use your data, or ask us to delete it or restrict how we use it or, please contact us by e-mailing To process a request from you, we may need to confirm your identity to ensure we’re accessing the right data.

You have a right to complain to an EU data protection authority. This can be where you live, work or where the matter occurred. In the UK, the authority is the Information Commissioner’s Office (the “ICO”).


We will always hold your information securely.

To prevent unauthorised disclosure or access to your information, we have implemented strong physical and electronic security safeguards. We also follow stringent procedures to ensure we work with all personal data in line with legislation.

Links from our site

Our website may contain links to other websites.

Please note that we have no control of websites outside the domain. If you provide information to a website to which we link, we are not responsible for its protection and privacy.

Always be wary when submitting data to websites. Read the site’s data protection and privacy policies fully.