Privacy Policy & Data Protection

Seadrift Press complies with the UK General Data Protection Regulation (GDPR) and Data Protection Act 2018. This policy outlines how we collect, store, and use your personal data to process payments and fulfill orders, in compliance with the UK General Data Protection Regulation (GDPR).

1. Data Collection

We collect the following data to process orders and deliver products - books, walks, research (please note that data collected through family history research will not be kept after it has been delivered to the customer):

  • Personal identifiers: Name, email address, billing/shipping address, and phone number.

  • Payment information: Credit/debit card details (processed securely via third-party gateway Stripe) and transaction history.

  • Order details: Product selection, purchase history, and delivery preferences.

  • Contractual necessity: Data required to fulfill your order (e.g. address for delivery, payment details for transactions).

2. Data Storage

Security measures:

  • Payment data is encrypted and stored securely by PCI-DSS-compliant third-party processors (PayPal and Stripe). We do not retain full card details.

  • Personal identifiers are stored on password-protected servers with SSL encryption.

  • Order data is retained for 6 years to comply with tax/legal obligations.

3. Data Use

Your data is used to:

  • Process payments and prevent fraud.

  • Ship orders and provide tracking updates.

  • Respond to customer service inquiries.

  • Send order confirmations and delivery notifications.

  • We never sell your data.

  • Your data is shared only with pPayment processors (PayPal and Stripe) to complete transactions and delivery partners (Royal Mail etc) to fulfill orders.

4. Your Rights

Under UK GDPR, you have the right to:

  • Access: Request a copy of your stored data.

  • Rectification: Correct inaccurate data.

  • Portability: Receive your data in a machine-readable format.

  • To exercise these rights, contact us at [email protected].

5. Security & Compliance

  • Regular security audits to protect against unauthorized access.

  • Data transfers outside the UK/EU comply with GDPR adequacy requirements.

6. Policy Updates

  • Changes will be posted on this page.

  • Last updated: 14 April 2025.

7. Contact Us