Privacy Policy | Piegin UK

1. PERSONAL INFORMATION WE COLLECT

Device Information

When you visit the Site, we automatically collect:

Web browser information
IP address
Time zone
Cookies installed on your device
Individual web pages or products you view
Websites or search terms that referred you to the Site
Information about how you interact with the Site

We refer to this as “Device Information.”

Order Information

When you make a purchase, we collect:

Name
Billing address
Shipping address
Payment information (including credit card numbers)
Email address
Phone number

We refer to this as “Order Information.”

Personal Information Definition

“Personal Information” refers to both Device Information and Order Information.

2. HOW WE USE YOUR PERSONAL INFORMATION

Order Information Usage

We use Order Information to:

Fulfil orders placed through the Site
Process payment information
Arrange for shipping
Provide invoices and/or order confirmations
Communicate with you
Screen orders for potential risk or fraud
Provide information or advertising relating to our products or services (when in line with your preferences)

Device Information Usage

We use Device Information to:

Screen for potential risk and fraud (in particular, your IP address)
Improve and optimise our Site
Generate analytics about how customers browse and interact with the Site
Assess the success of our marketing and advertising campaigns

Legal Compliance

We may share your Personal Information to:

Comply with applicable laws and regulations
Respond to a subpoena, search warrant, or other lawful request for information
Protect our rights

3. WHO WE SHARE YOUR DATA WITH

We share your Personal Information with third parties to help us use your Personal Information as described above.

Third-Party Service Providers

E-commerce Platform: WooCommerce
Payment Processors: Stripe, PayPal
Shipping Partners: For order fulfilment within the UK
Analytics Providers: To understand site usage

Legal Obligations

We may share your Personal Information to comply with applicable laws and regulations, respond to lawful requests for information, or protect our rights.

4. YOUR DATA PROTECTION RIGHTS (UK-GDPR)

If you are a UK resident, under UK data protection laws (including UK-GDPR), you have the following rights:

Your Rights Include

The right to be informed about how your data is being used
The right of access to the personal data we hold about you
The right to rectification of inaccurate personal data
The right to erasure (the ‘right to be forgotten’)
The right to restrict processing
The right to data portability
The right to object to certain types of processing

Exercising Your Rights

To exercise any of these rights, please contact us through the contact information provided below.

If you have an account on this site, you can request to receive an exported file of the personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

5. DATA RETENTION

User Account Data

For users that register on our website, we store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except username). Website administrators can also see and edit that information.

Comments

If you leave a comment, the comment and its metadata are retained indefinitely. This allows us to recognise and approve any follow-up comments automatically.

Order Data

Order information is retained for as long as necessary to fulfil legal and accounting obligations:

Transaction records: 7 years (UK tax law requirement)
Order history: Available in your account for 7 years (legal requirement). After this period, archived and available upon request
Payment details: Stored securely by our payment processors, not by us
Shipping information: 2 years for customer service purposes

After Legal Retention Period:

You may request deletion of your order data after the 7-year legal retention period has expired by contacting us at in**@*******co.uk.

Invoices and Receipts:

Available in your account for 7 years (legal requirement)
Can be downloaded or emailed at any time during this period
After 7 years, archived and available upon request
Can be permanently deleted after 7-year retention period upon request

6. COOKIES & COOKIE CONSENT

What Are Cookies

Cookies are small text files placed on your device to help the Site provide a better user experience.

Cookie Consent Banner

When you first visit our website, you will see a cookie consent banner that allows you to:

Accept all cookies
Reject non-essential cookies
Customise your cookie preferences

Managing Your Cookie Preferences:

Change settings anytime by clicking “Cookie Settings” link in website footer
Manage cookies through your browser settings
Blocking certain cookies may affect website functionality

Types of Cookies

Essential Cookies: Required for website to function (cannot be disabled)
Performance Cookies: Help us understand how visitors use our site (can be disabled)
Functional Cookies: Remember your preferences (can be disabled)
Marketing Cookies: Track your browsing for advertising purposes (can be disabled)

Specific Cookies We Use

Temporary Cookies:

Set when you visit our login page to determine if your browser accepts cookies
Contains no personal data and is discarded when you close your browser

Login Cookies:

Set when you log in to save your login information and screen display choices
Last for two days (or two weeks if you select “Remember Me”)
Screen options cookies last for a year
Removed when you log out

Editing Cookies:

Saved when you edit or publish an article
Contains no personal data, only the post ID
Expires after 1 day

Comment Cookies:

Save your name, email address, and website if you opt-in
Last for one year
Allow you to avoid re-entering details for future comments

Third-Party Cookies

We may use third-party cookies from:

Analytics providers (e.g., Google Analytics) – to understand site usage
Payment processors (Stripe) – to process payments securely
Advertising networks (if applicable) – to show relevant ads

You can opt-out of third-party cookies through your cookie preferences or browser settings.

7. MEDIA AND EMBEDDED CONTENT

Uploaded Images

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Embedded Content from Other Websites

Articles on this site may include embedded content (e.g., videos, images, articles). Embedded content from other websites behaves the same way as if the visitor has visited the other website.

These websites may:

Collect data about you
Use cookies
Embed additional third-party tracking
Monitor your interaction with embedded content

8. COMMENTS

When visitors leave comments on the site, we collect:

The data shown in the comments form
The visitor’s IP address
Browser user agent string (to help with spam detection)

An anonymised string created from your email address (a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/

After approval of your comment, your profile picture is visible to the public in the context of your comment.

9. SPAM DETECTION

Visitor comments may be checked through an automated spam detection service.

10. WHERE YOUR DATA IS SENT

Your data may be sent to:

Payment processors for transaction processing
Shipping partners for order fulfilment within the UK
Analytics providers for site improvement
Spam detection services for comment moderation
Other third-party service providers as necessary to operate our business

All data transfers are conducted in accordance with UK data protection laws.

11. DATA PROCESSING LOCATIONS

Where Your Data Is Processed

We are committed to protecting your personal data and ensuring it is processed securely and in compliance with UK-GDPR.

UK & EU Processing

The majority of your personal data is processed and stored within the United Kingdom and European Union:

Service	Purpose	Location	Data Protection
Website Hosting	Store site data	EU servers	UK-GDPR compliant
WooCommerce	E-commerce platform	EU servers	GDPR certified
Order Database	Store order history	UK servers	UK-GDPR compliant
Email Service	Communications	EU servers	GDPR compliant

International Data Transfers

Some of our service providers process data outside the UK/EU:

Payment Processing (Stripe)

Stripe Inc. is a US-based payment processor that handles your payment information.

What data is transferred:

Payment card details (encrypted)
Transaction information
Billing address

Safeguards in place:

✓ Standard Contractual Clauses (SCCs) – UK ICO approved
✓ Stripe is certified under UK-GDPR adequacy frameworks
✓ Data Processing Agreement in place
✓ Your payment data is encrypted end-to-end
✓ Stripe does not store complete card details

Your rights remain protected:

All UK-GDPR rights apply
Right to object to processing
Right to request UK-only processing (may limit payment methods)

Stripe Privacy Policy: https://stripe.com/privacy

Stripe’s UK-GDPR Compliance: Stripe maintains UK-specific data processing facilities and complies with:

UK Data Protection Act 2018
UK-GDPR requirements
Standard Contractual Clauses approved by UK ICO
Regular security audits and certifications (PCI-DSS Level 1)

Data Residency Options: While Stripe processes some data in the US for fraud detection and global payment networks, they maintain UK/EU data centers for primary storage. Transaction data is encrypted and protected under international data transfer mechanisms.

Website Analytics (Google Analytics)

Google Analytics helps us understand how visitors use our website.

What data is transferred:

Anonymised browsing behavior
Device and browser information
Anonymised IP addresses (last octet removed)

Safeguards in place:

✓ IP anonymization enabled (UK location hidden)
✓ Data retention limited to 14 months
✓ No personally identifiable information shared
✓ Google Analytics 4 (GDPR-compliant version)
✓ Standard Contractual Clauses (SCCs)

Your rights:

Opt-out via cookie settings
Request analytics data deletion
Object to analytics processing

Google Privacy Policy: https://policies.google.com/privacy

Google Analytics UK-GDPR Compliance: Google has implemented specific measures for UK data protection:

Data Processing Amendment for UK customers
Standard Contractual Clauses (UK version)
Binding Corporate Rules
Google Cloud UK region available for data storage
Anonymization and pseudonymization techniques

How We Minimize Data Collection:

IP addresses anonymized before processing
User IDs are not collected
Remarketing and advertising features disabled
Demographics and interests reports disabled
Data sharing with Google disabled

Your Rights Regarding International Transfers

Under UK-GDPR, you have specific rights regarding international data transfers:

Right to be Informed

This section provides full transparency
We list all international transfers
Updated whenever processors change

Right to Object

Email in**@*******co.uk to object to specific transfers
We’ll explain impact on services
Alternative options provided where possible

Right to Request UK-Only Processing

Contact us to discuss UK-only processing options
May limit available services (e.g., payment methods)
We’ll clearly explain any limitations

Right to Lodge Complaint

UK Information Commissioner’s Office (ICO)
Website: https://ico.org.uk/make-a-complaint/
Phone: 0303 123 1113

Data Protection Safeguards

All international transfers include:

✓ Standard Contractual Clauses (SCCs)

UK ICO approved contract templates
Legally binding data protection obligations
Regular compliance audits

✓ Data Processing Agreements (DPAs)

Written contracts with all processors
Specify data protection requirements
Regular security assessments

✓ Adequacy Decisions

We prioritize processors in “adequate” countries
Automatic compliance with UK standards

✓ Ongoing Monitoring

Regular review of processor compliance
Immediate action if standards not met
Alternative processors identified

Transparency Commitment

We promise to:

✓ Notify you of any new international transfers (30 days notice)
✓ Update this policy immediately when processors change
✓ Respond to data location inquiries within 7 days
✓ Provide evidence of safeguards upon request

Last Updated: December 2024
Next Review: March 2025 (or when processors change)

Questions About Data Transfers?

Email: in**@*******co.uk
Subject: “Data Transfer Inquiry”
Response Time: Within 7 business days

We’ll provide:

Detailed information about specific transfers
Copies of Standard Contractual Clauses
Evidence of adequacy decisions
Options for limiting international transfers

12. DATA PORTABILITY

Under UK-GDPR, you have the right to receive your personal data in a structured, commonly used, and machine-readable format.

What Data You Can Export

You can request an export of:

Your account information (name, email, address)
Order history and purchase records
Comments and reviews you’ve left
Preferences and settings
Communication history with customer service

Note: We cannot export payment card details (these are securely stored by Stripe).

How to Request Your Data

Step 1: Send an email to in**@*******co.uk with subject line “Data Portability Request”

Step 2: Include in your email:

Your full name
Email address associated with your account
Order number (if applicable) for verification
Specific data you want to export (or “all available data”)

Step 3: We will verify your identity (may require photo ID for security)

Step 4: You will receive your data within 30 days (typically within 10 business days)

Data Format

Your data will be provided in:

CSV format (for order history, transactions)
JSON format (for account data, preferences)
PDF format (for invoices, receipts)

All files will be sent via secure encrypted email or available for download via a secure link.

Transmitting Data to Another Service

If you want us to send your data directly to another service provider:

The receiving service must have technical capability to receive the data
You must provide written authorization
We will make reasonable efforts to facilitate the transfer

No Fee: We do not charge for data portability requests.

13. CONTACT INFORMATION

For more information about our privacy practices, questions, or to make a complaint or exercise your data protection rights, please contact us:

Email: in**@*******co.uk

Postal Address:
Hall Vision LTD
275 New North Road
Islington #1913
London, N1 7AA
United Kingdom

Phone: +44 7830 742091

Response Times:

Business days: Within 24-48 hours (Monday-Friday)
Weekends/UK bank holidays: Next business day
Peak periods (November-December): Within 48-72 hours
Data protection inquiries: Within 7 business days (UK-GDPR requirement: 30 days maximum)

Business Hours: Monday to Friday, 9:00 AM to 6:00 PM (GMT/BST)
Closed: Weekends and UK bank holidays

We are committed to protecting your privacy and handling your data in an open and transparent manner. This policy is regularly reviewed to ensure compliance with current data protection legislation.

Browse

Want to chat?

Social

COMPANY INFORMATION