Privacy Policy

Privacy Policy

Last Updated: November 2024

Introduction

Sally Gutteridge Books ("we", "our", "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our website or purchase our products and services.

We comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Who We Are

Data Controller: Sally Gutteridge
Trading Name: Sally Gutteridge Books
Location: Kidderminster, United Kingdom
Email: sally@sallygutteridge.com
Website: https://sallygutteridgebooks.store/

What Information We Collect

Information You Provide to Us

When you make a purchase:

  • Full name
  • Email address
  • Delivery address (for physical products)
  • Phone number (if provided)

When you contact us:

  • Name and email address
  • Content of your enquiry or message
  • Any information you choose to share

When you book services:

  • Scheduling preferences
  • Information about your dog (for consultations)
  • Any relevant background information you share

Information Collected Automatically

Website usage information:

  • IP address
  • Browser type and version
  • Device information
  • Pages visited and time spent
  • Referral source

Cookies and tracking:

  • We use cookies to improve your browsing experience
  • Analytics to understand how our website is used
  • See our Cookie Policy section below for details

Payment Information

  • Payment card details are processed by Shopify Payments
  • We do NOT store your full payment card information
  • We receive only confirmation that payment was successful
  • Card details are encrypted and handled securely by our payment processor

How We Use Your Information

To Fulfill Your Order

  • Process your purchase
  • Send you download links (digital products)
  • Ship physical products to your address
  • Send order confirmations and updates
  • Handle refunds or returns

To Provide Services

  • Schedule and conduct consultations
  • Provide community access
  • Deliver coaching sessions
  • Send appointment reminders

To Communicate With You

  • Respond to your enquiries
  • Provide customer support
  • Send important updates about your order
  • Notify you of changes to our policies (if necessary)

To Improve Our Business

  • Understand how our website is used
  • Improve our products and services
  • Ensure website security
  • Prevent fraud

Legal Basis for Processing

We process your personal data on the following legal bases:

  • Contract performance: To fulfill orders and provide services you've purchased
  • Legitimate interests: To improve our business, prevent fraud, and communicate with customers
  • Legal obligation: To comply with tax and accounting requirements
  • Consent: For marketing communications (only with your explicit consent)

Marketing Communications

Email Marketing

We will ONLY send you marketing emails if:

  • You have explicitly opted in to receive them
  • You have given us clear consent

What we send:

  • Information about new books or products
  • Updates about services
  • Educational content about dog behaviour and training
  • Special offers or promotions (occasionally)

You can unsubscribe at any time:

  • Click the "unsubscribe" link in any marketing email
  • Email us at sally@sallygutteridge.com
  • We will process your request within 48 hours

Important: You will always receive transactional emails (order confirmations, delivery updates) regardless of marketing preferences, as these are necessary to fulfill your order.

How We Share Your Information

We Do NOT Sell Your Data

We will never sell, rent, or trade your personal information to third parties for their marketing purposes.

We Share Information With:

Essential Service Providers:

  1. Shopify (E-commerce Platform)
    • Hosts our website and processes orders
    • Processes payments securely
    • Located in Canada/USA
    • Complies with GDPR
  2. Shipping Providers (Royal Mail, etc.)
    • To deliver physical products
    • Receive only name and delivery address
    • No payment or other personal information shared
  3. Email Service Providers
    • To send order confirmations and communications
    • Receive name and email address only
    • Used for transactional and marketing emails (if opted in)
  4. Analytics Providers (Google Analytics, etc.)
    • To understand website usage
    • Information is anonymized where possible
    • Helps us improve our website

Legal Requirements:

We may disclose your information if:

  • Required by law or legal process
  • To protect our rights or property
  • To prevent fraud or illegal activity
  • In response to valid requests from public authorities

Business Transfers:

If our business is sold or merged, your information may be transferred to the new owner, who must continue to protect it under this policy.

International Data Transfers

Some of our service providers (like Shopify) are based outside the UK/EU.

How we protect your data:

  • We only use providers with appropriate safeguards
  • Data transfers comply with UK GDPR requirements
  • Standard contractual clauses or adequacy decisions in place

How Long We Keep Your Information

Order information:

  • Retained for 7 years (UK tax and accounting requirements)
  • Includes transaction details, delivery information

Customer service communications:

  • Retained for 3 years after last contact
  • Deleted after resolution if no ongoing relationship

Marketing consents:

  • Retained until you withdraw consent
  • Reviewed annually for inactive subscribers

Website analytics:

  • Anonymized data retained for 26 months
  • IP addresses anonymized after processing

Right to request earlier deletion:

  • You can request deletion at any time (subject to legal obligations)

How We Protect Your Information

Security Measures

Technical safeguards:

  • SSL encryption for all data transmission
  • Secure hosting infrastructure
  • Regular security updates and monitoring
  • Password protection for administrative access

Organizational safeguards:

  • Access limited to authorized personnel only
  • Staff trained on data protection
  • Confidentiality agreements with service providers

Payment security:

  • PCI-DSS compliant payment processing
  • We do not store full payment card details
  • All payment data encrypted in transit

Data Breach Procedures

In the unlikely event of a data breach:

  • We will assess the risk to your rights and freedoms
  • Report to the ICO within 72 hours (if required)
  • Notify affected individuals without undue delay (if high risk)
  • Take immediate steps to contain and remedy the breach

Your Rights

Under UK GDPR, you have the following rights:

1. Right to Access (Subject Access Request)

  • Request a copy of the personal data we hold about you
  • We will provide this within one month
  • First copy is free; subsequent copies may incur reasonable fee

2. Right to Rectification

  • Request correction of inaccurate or incomplete information
  • We will update within one month

3. Right to Erasure ("Right to be Forgotten")

  • Request deletion of your personal data
  • Subject to legal obligations (e.g., tax records)
  • We will confirm deletion within one month

4. Right to Restrict Processing

  • Request we limit how we use your data
  • Applies in specific circumstances (e.g., disputing accuracy)

5. Right to Data Portability

  • Request your data in a structured, machine-readable format
  • To transfer to another service provider

6. Right to Object

  • Object to processing based on legitimate interests
  • We will stop processing unless we have compelling legitimate grounds

7. Rights Related to Automated Decision-Making

  • Right not to be subject to purely automated decisions with significant effects
  • We do not use automated decision-making or profiling

How to Exercise Your Rights

Email us: sally@sallygutteridge.com

Include:

  • Your full name
  • Email address used for orders
  • Specific right you wish to exercise
  • Any relevant order numbers

Response time: Within one month (may extend by two months for complex requests)

Verification: We may need to verify your identity before responding to requests

No fee: Generally free, unless requests are manifestly unfounded or excessive

Cookies Policy

What Are Cookies?

Cookies are small text files stored on your device when you visit our website. They help us provide a better browsing experience.

Cookies We Use

Essential Cookies:

  • Required for website functionality
  • Enable shopping cart and checkout
  • Remember your preferences during your session
  • Cannot be disabled

Analytics Cookies:

  • Help us understand how visitors use our website
  • Provide anonymized statistics
  • Improve user experience
  • Google Analytics (anonymized IP)

Marketing Cookies:

  • Track effectiveness of marketing campaigns
  • Understand which sources bring visitors
  • Only set with your consent

Managing Cookies

You can control cookies through:

  • Your browser settings (block all or specific cookies)
  • Cookie consent banner on our website
  • Opting out of Google Analytics: tools.google.com/dlpage/gaoptout

Note: Disabling essential cookies may affect website functionality.

Third-Party Cookies

Some cookies may be set by third-party services we use (e.g., payment processors, social media plugins). These are subject to the third parties' privacy policies.

Children's Privacy

Our products and services are not directed at children under 16.

  • We do not knowingly collect information from children under 16
  • If you believe we have collected such information, contact us immediately
  • We will delete it promptly upon verification

If you are under 16, please ask a parent or guardian before using our website or making purchases.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect:

  • Changes in our practices
  • Legal or regulatory requirements
  • New products or services

How we notify you:

  • Updated date at the top of this page
  • Material changes may be emailed to customers
  • Continued use after changes means acceptance

Review regularly: Please check this page periodically for updates

Your Right to Complain

If you're unhappy with how we handle your personal data:

1. Contact us first:

2. Contact the supervisory authority:

Information Commissioner's Office (ICO)
Website: ico.org.uk
Helpline: 0303 123 1113
Address: Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

You have the right to lodge a complaint with the ICO at any time.

Links to Other Websites

Our website may contain links to third-party websites.

Important:

  • We are not responsible for their privacy practices
  • This policy does not apply to external websites
  • Review their privacy policies before providing information

Contact Us About Privacy

If you have questions about this Privacy Policy or how we handle your data:

Email: sally@sallygutteridge.com
Subject Line: "Privacy Query" or "Data Protection"

Response time: Within 5 working days for general queries, within one month for formal rights requests

Legal Information

Data Controller: Sally Gutteridge, trading as Sally Gutteridge Books

Supervisory Authority: Information Commissioner's Office (ICO), United Kingdom

Legal Framework: UK GDPR and Data Protection Act 2018

This Privacy Policy is effective as of the date stated above and applies to all information collected through our website and in connection with our products and services.

Last Updated: November 2024

Sally Gutteridge Books
Kidderminster, United Kingdom
sally@sallygutteridge.com