✨ Ritual Reads is NOW OPEN!

Privacy Policy

Last Updated: October 30, 2025

1. Introduction

Welcome to Ritual Reads. We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, store, and protect your personal data when you visit our website or make a purchase from our bookshop.

Data Controller: Ritual Reads
Victoria House, 46a High Street
Whitchurch, England
SY13 1EQ
Email: ritualreadsuk@gmail.com 

If you have any questions or concerns about this policy or our practices regarding your personal information, please contact us using the details above.

By using our website or services, you agree to the collection and use of information in accordance with this Privacy Policy.

2. What Personal Data We Collect

We collect personal information that you voluntarily provide to us when you:

  • Create an account on our website
  • Place an order for books or other products
  • Subscribe to our newsletter or marketing communications
  • Contact us with enquiries or customer service requests
  • Participate in surveys, competitions, or promotions
  • Visit our website (automatically collected data)

The types of personal data we may collect include:

Identity Data: First name, last name, title

Contact Data: Billing address, delivery address, email address, telephone number

Financial Data: Payment card details (note: we do not store complete payment card information; this is processed securely by our payment service provider)

Transaction Data: Details of purchases, order history, payment amounts

Technical Data: IP address, browser type and version, device type, operating system, time zone setting, browser plug-in types and versions, geographic location

Usage Data: Information about how you use our website, products, and services

Marketing and Communications Data: Your preferences for receiving marketing communications and your communication preferences

3. How We Collect Your Personal Data

We collect personal data through:

Direct Interactions: You provide data when filling in forms on our website, creating an account, placing orders, subscribing to newsletters, requesting information, or contacting us

Automated Technologies: As you navigate our website, we automatically collect Technical Data about your equipment, browsing actions, and patterns using cookies and similar technologies

Third Parties: We may receive personal data from third-party payment processors, delivery companies, and analytics providers

4. Legal Basis for Processing Your Data

Under UK GDPR, we must have a lawful basis for processing your personal data. We process your data based on:

Contract Performance: Processing is necessary to fulfill our contract with you (e.g., processing and delivering your book orders, managing your account)

Consent: You have given explicit consent for us to process your data for specific purposes (e.g., sending marketing emails, using non-essential cookies)

Legitimate Interests: Processing is necessary for our legitimate business interests (e.g., fraud prevention, improving our website and services, analyzing customer behavior), provided these interests do not override your fundamental rights

Legal Obligation: Processing is necessary to comply with legal obligations (e.g., maintaining financial records for tax purposes)

5. How We Use Your Personal Data

We use your personal data for the following purposes:

  • Order Fulfillment: To process your orders, arrange delivery, and provide customer service
  • Payment Processing: To process payments and prevent fraudulent transactions
  • Account Management: To create and manage your customer account
  • Communication: To send order confirmations, delivery updates, and respond to your enquiries
  • Marketing: To send you newsletters, special offers, and information about new books and events (only with your consent)
  • Website Improvement: To analyze website usage and improve our services, user experience, and product offerings
  • Legal Compliance: To comply with legal obligations, including tax and accounting requirements
  • Business Operations: To manage our business operations, including data analysis, audits, and security monitoring

You have the right to opt out of marketing communications at any time by clicking the "unsubscribe" link in our emails or contacting us directly.

6. Data Sharing and Third Parties

We do not sell, rent, or trade your personal data to third parties for their marketing purposes.

We may share your personal data with the following categories of third parties who process data on our behalf:

Payment Processors: To securely process your payments (e.g., Stripe, PayPal, Square)

Delivery Partners: To fulfill and deliver your orders (e.g., Royal Mail, courier services)

Email Service Providers: To send communications (only if you use email marketing services)

Website Hosting and Cloud Services: To host and maintain our website and data

Analytics Providers: To analyze website usage and improve our services (e.g., Google Analytics)

Accounting and Legal Services: To maintain financial records and ensure legal compliance

Law Enforcement or Regulatory Authorities: When required by law or to protect our legal rights

All third-party service providers are required to keep your personal data secure and confidential and may only process it according to our specific instructions.

7. International Data Transfers

Your personal data is primarily stored and processed within the United Kingdom. If we transfer data outside the UK, we ensure appropriate safeguards are in place, such as:

  • Adequacy decisions by the UK government
  • Standard Contractual Clauses approved by the ICO
  • Binding Corporate Rules

8. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected and to comply with legal, accounting, or reporting requirements.

Customer Account Data: Retained for as long as your account is active, plus a reasonable period to allow for order history access

Transaction Data: Retained for 7 years to comply with UK tax and accounting requirements

Marketing Data: Retained until you withdraw consent or we no longer have a legitimate interest

Technical/Usage Data: Typically retained for 12-24 months for analytics purposes

When we no longer need your personal data, we will securely delete or anonymize it.

9. Your Rights Under UK GDPR

Under UK data protection law, you have the following rights:

Right of Access: Request a copy of the personal data we hold about you

Right to Rectification: Request correction of inaccurate or incomplete data

Right to Erasure (Right to be Forgotten): Request deletion of your personal data in certain circumstances

Right to Restrict Processing: Request that we limit how we use your data

Right to Data Portability: Request transfer of your data to another service provider in a structured, commonly used format

Right to Object: Object to processing based on legitimate interests or for direct marketing purposes

Right to Withdraw Consent: Withdraw consent at any time for processing based on consent (without affecting the lawfulness of processing before withdrawal)

Right to Complain: Lodge a complaint with the Information Commissioner's Office (ICO) if you believe your data protection rights have been violated

To exercise any of these rights, please contact us at ritualreadsuk@gmail.com,  We will respond to your request within one month.

10. Data Security

We implement appropriate technical and organizational security measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • SSL/TLS encryption for data transmitted through our website
  • Secure payment processing (we do not store complete payment card details)
  • Restricted access to personal data on a need-to-know basis
  • Regular security assessments and updates
  • Secure backup procedures
  • Staff training on data protection

While we strive to protect your personal data, no method of transmission or storage is 100% secure. We cannot guarantee absolute security, but we take all reasonable precautions to safeguard your information.

11. Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies to improve your browsing experience and analyze website usage.

For detailed information about the cookies we use and how to manage your preferences, please see our Cookie Policy [link to Cookie Policy page].

You can control cookie settings through our cookie consent banner and your browser settings. Note that blocking certain cookies may affect website functionality.

12. Children's Privacy

Our services are not directed to individuals under the age of 16. We do not knowingly collect personal data from children under 16 without parental consent. If you are a parent or guardian and believe your child has provided us with personal data, please contact us so we can delete it.

13. Third-Party Websites

Our website may contain links to third-party websites, including book publishers, authors, and review sites. We are not responsible for the privacy practices or content of these external sites. We encourage you to review their privacy policies before providing any personal information.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or business operations. We will notify you of significant changes by:

  • Posting the updated policy on our website with a new "Last Updated" date
  • Sending an email notification (for material changes)

Your continued use of our website and services after changes are posted constitutes acceptance of the updated Privacy Policy.

15. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or how we handle your personal data, please contact us:

Ritual Reads
Victoria House, 46a High Street
Whitchurch, England
SY13 1EQ
Email: ritualreadsuk@gmail.com 

To contact the UK data protection authority:
Information Commissioner's Office (ICO)
Wycliffe House
Water Lane
Wilmslow
Cheshire SK9 5AF
Phone: 0303 123 1113
Website: www.ico.org.uk