STEWART READING-BROWN

Privacy

I keep this simple.

I only collect what’s needed — to process your order, reply to your message, or keep the site functioning. Your data is never sold, and it’s never shared with anyone who doesn’t need it.

What I collect

Contact enquiries. If you get in touch, I collect your name, email address, enquiry type, and message. Nothing else. It’s only used to reply to you.

Orders. When you place an order, I collect your name, email address, and delivery address, along with details of what you’ve ordered. Payment card details go directly to Stripe — I never see them, and they’re never stored here.

Cart data. Anything you add to your cart stays on your device, in your browser’s local storage. It’s not sent anywhere until you go to checkout.

Why I use it

Your order data exists to fulfil your order. That’s the only reason I hold it.

If you send me a message, I use what you share to reply to it. Nothing more.

Third parties

I work with a small number of services to keep this site running. None of them use your data for advertising, and none of them receive more than they need.

  • Stripe handles payments. Your card details are entered directly into their secure form — they never pass through this site. Stripe operates under its own privacy policy.
  • Supabase stores order records — your name, email, address, items, and payment status — so I can fulfil and track orders. Data is held in the EU. Supabase operates under its own privacy policy.
  • Resend sends transactional emails — your order confirmation, and any reply to a contact enquiry. Resend operates under its own privacy policy.
  • Google Fonts serves the typefaces used across the site. When you visit a page, your browser requests them from Google’s servers, which may include your IP address. Google operates under its own privacy policy.

Cookies and storage

No tracking or analytics cookies are set on this site.

Your cart is held in your browser’s local storage. It stays on your device until you clear it, and it isn’t sent anywhere unless you go to checkout.

Stripe may use session cookies on the checkout page for fraud prevention. Those are there to keep your payment secure — nothing else.

How long I keep it

Order records are kept for six years, as required for UK tax and accounting purposes.

Contact enquiries are deleted once they’ve been dealt with and there’s no further reason to keep them.

Your rights

Under UK GDPR, you can ask to see what data I hold about you, have it corrected, or have it deleted. You can also ask me to stop using it, or limit how I do. Just get in touch at stewart@srb.photos.

If you think something’s been handled wrongly, you can raise it with the Information Commissioner’s Office at ico.org.uk.