Privacy Policy

Last updated: 20.11.25

The Heath Bookshop (“we”, “our”, “us”) is committed to protecting your personal information and being transparent about how we collect, use, and safeguard it. This Privacy Policy explains what data we collect when you visit our website, how we use that information, and the rights you have over your personal data.

By using our website, you agree to the practices described in this policy.

1. Information We Collect

We collect both personal and non-personal information in the following ways:

Information you provide directly

When you interact with our website—such as creating an account, making a purchase, contacting us, or subscribing to our email updates—we collect information you voluntarily provide. This may include:

  • Name
  • Email address
  • Postal address
  • Phone number
  • Account login details
  • Communication preferences
  • Any other information you submit through forms, orders, reviews, or correspondence

Automatically collected information

When you browse our website, certain information is collected automatically, including:

  • Internet Protocol (IP) address
  • Browser type and version
  • Device and connection information
  • Pages visited and length of visit
  • Page response times
  • Interaction data such as clicks and scrolling
  • How you navigate away from pages

We may use analytics tools to help us understand user behaviour and improve website performance.

Payment Information

Payments on our website are processed through Stripe.
We do not receive or store your credit or debit card details. All payment information is handled securely by Stripe in accordance with PCI-DSS standards.

Email Subscription Information

Our email newsletter and subscription list are managed through Octopus. If you sign up, we store your email address and communication preferences within Octopus for the sole purpose of sending updates and marketing communications you have opted in to receive.

2. How We Use Your Information

We use the information collected for the following purposes:

  • To provide, operate, and maintain our website and online shop
  • To process and fulfil your orders
  • To provide customer support and respond to enquiries
  • To send service-related notifications, including order updates
  • To send marketing communications where consent has been given
  • To improve our website, services, and user experience
  • To generate anonymised statistics to understand website performance
  • To comply with legal obligations and regulatory requirements

We only use your personal information for the purposes for which it was collected unless we reasonably consider that we need to use it for another related reason and that reason is compatible with the original purpose.

3. Data Storage and Security

Our website is hosted on the WordPress platform. WordPress-related hosting services store your data on secure servers protected by firewalls and industry-standard security measures.

Stripe securely handles all payment transactions and does not allow us to access your full payment details.

Octopus securely stores email subscription information and complies with relevant email and data protection standards.

While no system can guarantee perfect security, we take reasonable measures to protect your data from unauthorised access, misuse, or disclosure.

4. Communication With You

We may contact you for reasons including:

  • Account-related updates
  • Order confirmations and service notices
  • Troubleshooting and customer support
  • Resolving disputes or billing issues
  • Sending surveys or requests for feedback
  • Sharing news, updates, or promotional content (where you have consented)

You may be contacted via email, telephone, SMS, or postal mail depending on the nature of the communication.

You can opt out of marketing emails at any time by using the unsubscribe link in our messages or contacting us directly.

5. Your Data Rights

You have the right to:

  • Access the personal data we hold about you
  • Request corrections or updates
  • Request deletion of your data (“right to be forgotten”)
  • Withdraw consent where processing is based on consent
  • Object to certain types of processing
  • Request a copy of your data in a portable format

To exercise any of these rights, please contact us at:

hello@theheathbookshop.co.uk

6. Changes to This Privacy Policy

We may update this policy from time to time. Any changes will be posted on this page, and the “Last updated” date will be revised accordingly.

If significant changes are made, we will take reasonable steps to notify you so that you are aware of how your information is used and protected.

We encourage you to review this policy regularly.

7. Contact Us

If you have questions, concerns, or requests relating to this Privacy Policy or your personal data, please contact us at:

hello@theheathbookshop.co.uk