Privacy Policy & Data Protection
Seadrift Press complies with the UK General Data Protection Regulation (GDPR) and Data Protection Act 2018. This policy outlines how we collect, store, and use your personal data to process payments and fulfill orders, in compliance with the UK General Data Protection Regulation (GDPR).
1. Data Collection
We collect the following data to process orders and deliver products:
Personal identifiers: Name, email address, billing/shipping address, and phone number.
Payment information: Credit/debit card details (processed securely via third-party gateway Stripe) and transaction history.
Order details: Product selection, purchase history, and delivery preferences.
Legal basis:
Contractual necessity: Data required to fulfill your order (e.g., address for delivery, payment details for transactions).
Consent: For marketing communications (e.g., newsletters), obtained via explicit opt-in checkboxes during checkout.
2. Data Storage
Security measures:
Payment data is encrypted and stored securely by PCI-DSS-compliant third-party processors (PayPal and Stripe). We do not retain full card details.
Personal identifiers are stored on password-protected servers with SSL encryption.
Retention period:
Order data is retained for 6 years to comply with tax/legal obligations.
Marketing data is retained until consent is withdrawn.
3. Data Use
Your data is used to:
Process payments and prevent fraud.
Ship orders and provide tracking updates.
Respond to customer service inquiries.
Send order confirmations and delivery notifications.
We never sell your data. It is shared only with:
Payment processors (PayPal and Stripe) to complete transactions.
Delivery partners (Royal Mail, FedEx) to fulfill orders.
4. Your Rights
Under UK GDPR, you have the right to:
Access: Request a copy of your stored data.
Rectification: Correct inaccurate data.
Erasure: Request deletion of non-essential data (e.g., marketing profiles).
Portability: Receive your data in a machine-readable format.
Withdraw consent: Unsubscribe from marketing emails via links in every message.
To exercise these rights, contact us at [email protected].
5. Security & Compliance
Regular security audits and staff training to protect against unauthorized access.
Data transfers outside the UK/EU comply with GDPR adequacy requirements.
6. Policy Updates
Changes will be posted on this page.
Last updated: 22 March 2025.
7. Contact Us
For privacy-related inquiries, please email [email protected].