Privacy Policy

Our website address is: https://shop.findthesparkwithin.com Find The Spark Within Shop is operated by Emilia S., based in London, UK. For privacy-related concerns, contact: emilia@findthesparkwithin.com

What Personal Data We Collect and Why We Collect It

We collect the following types of data:

Personal data:

  • Name, email address, shipping/billing address, phone number (used for order fulfilment and customer service).
  • Payment information (processed securely via third-party gateways; we do not store this).

Technical data:

  • IP address, browser type, location, and device information (used for analytics and fraud prevention).
  • Cookies (used for functionality, preferences, and marketing).

Legal basis:

  • Consent (for marketing, cookies)
  • Contract (for fulfilling purchases)
  • Legal obligations (e.g. tax record-keeping)
  • Legitimate interests (fraud prevention, service improvement)

Comments

When visitors leave comments, we collect the data shown in the comments form, IP address, and browser user agent to detect spam. An anonymized hash of your email may be sent to the Gravatar service. See Gravatar’s policy: https://automattic.com/privacy/.

Media

If you upload images, avoid including location data (EXIF GPS). Visitors may extract this data from uploaded images.

Contact Forms

Data collected via contact forms includes name, email, and your message. We retain this data for up to 6 months for customer service and do not use it for marketing unless you opt in.

Cookies

  • If you leave a comment, you may opt in to save your details in cookies (1 year).
  • Temporary cookies on the login page determine browser compatibility (deleted on close).
  • Login and display cookies: Login cookies last 2 days, display preferences 1 year. ‘Remember Me’ extends login for 2 weeks.
  • Editing posts stores an ID-based cookie (1 day).

WooCommerce Cookies:

  • Basket contents and login status
  • Recently viewed products and shipping estimate details

Embedded Content from Other Websites

Articles may include embedded content (e.g. YouTube, Instagram). These sites may collect data, use cookies, embed third-party tracking, and monitor your interaction with the embedded content.

Analytics

We use Google Analytics or equivalent tools to understand usage. Data is anonymized.

  • Opt out here: https://tools.google.com/dlpage/gaoptout

Who We Share Your Data With

We share data with trusted services to operate our shop:

  • Payment processors: PayPal, Stripe (for secure transactions). PayPal Policy, Stripe Policy
  • Marketing tool: Kit (to send updates/offers when you opt-in)
  • Shipping providers
  • Hosting & analytics services

Your IP may be included in password reset emails.

How Long We Retain Your Data

  • Comments and metadata: indefinitely (for follow-up comments)
  • Registered users: personal info stored in user profile
  • Order records: 7 years (legal compliance)
  • Analytics: 12 months
  • Contact form entries: 6 months

What Rights You Have Over Your Data

You can request:

  • A copy of your personal data
  • Data correction or deletion
  • Data portability
  • That we stop processing your data (where legally allowed)

Email: emilia@findthesparkwithin.com

Where Your Data Is Sent

  • Visitor comments may be checked via Akismet or similar spam detection tools
  • Third-party services may transfer data outside the UK/EU. We ensure GDPR-compliant safeguards (e.g., SCCs, DPA agreements).

How We Protect Your Data

  • SSL encryption
  • Secure, GDPR-compliant third-party providers
  • Strong passwords and access limits
  • Regular security updates and plugin audits.

What Data Breach Procedures We Have in Place

  • Monitoring and detection tools
  • Immediate reporting internally and to regulators within 72 hours
  • Affected users will be notified as required.

What Third Parties We Receive Data From

We may receive transaction confirmations from payment providers. No unsolicited third-party data is integrated.

What Automated Decision Making and/or Profiling We Do with User Data

We do not perform automated decision-making or profiling that significantly affects users.

Industry Regulatory Disclosure Requirements

We are not a regulated financial or healthcare entity, but we follow best practices for data privacy and ethical digital service delivery.

Contact Information

Data Controller: Find The Spark Within Shop /Emilia S.
Email: emilia@findthesparkwithin.com