The General Data Protection Regulation (GDPR) has been applicable since May 25, 2018. We are committed to upholding the highest standards of data security and transparency for all our clients and customers.

* * *

Our Commitment to Data Security

We assure you that any personal details you share with us are handled with the utmost security and discretion. Our policy is to engage in data minimisation, collecting only the essential information required to fulfil our service. All collected data is secured using specialised software protected by multiple unique passwords and advanced encryption protocols.

* * *

Processing Personal Data (Online Shop)

Data Collection

When a purchase is completed through our online shop, payment processing and primary data storage are managed by Shopify, which utilises highly secured, encrypted databases. By transacting on our platform, you acknowledge that the collection and security of this data are governed by Shopify’s robust data policies. If you choose to make a purchase via email or telephone, data is provided directly to us by you.

Data Minimisation and Retention

We do not store, and have never stored, sensitive financial information such as credit card details, dates of birth, or passwords. For purchase fulfilment, we collect: (1): Your name (of your choosing); (2): The delivery address for your order; (3): Contact details (primarily your email address for order confirmation and communication regarding issues with your order).

We do not run newsletters or marketing subscriptions, ensuring your email address is never automatically added to any mailing list. Data used to generate invoices is stored securely in two ways: online via the password-protected and encrypted KashFlow system, and offline in a password-protected and encrypted Excel file. We may retain this data for a period of at least ten (10) years to comply with legal and financial obligations.

Data Sharing with Third Parties

We take your privacy extremely seriously and do not sell your data to third-party organisations for marketing purposes. Data sharing occurs only in scenarios necessary for us to provide our services:

1. Delivery and Postage Providers: Necessary to dispatch your documentation and orders.
2. Law Enforcement and Legal Requirements: We will only share personal data with law enforcement agencies or regulatory bodies when we are legally required to do so under a valid Court Order.

* * *

Website Cookies

We have completed a comprehensive website cookies audit and only deploy strictly necessary cookies required for website functionality and security. We have a policy against the use of advertising, tracking, or re-targeting cookies on our website.