Privacy Policy

Last updated: 22 February 2026

This Privacy Policy explains how Surface & Soul (“we”, “us”, or “our”) collects, uses, stores, and protects your personal data when you use our website [yourdomain.com].

We are committed to protecting your privacy and handling your personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who We Are

Business name: Surface & Soul
Website: www.surfaceandsoul.co.uk
Email: hello@surfaceandsoul.co.uk
Country: United Kingdom

For the purposes of data protection law, Surface & Soul is the data controller of your personal data.

2. What Personal Data We Collect

We may collect and process the following personal data:

a) Information you provide to us

  • Name

  • Email address

  • Billing address

  • Purchase and order details

  • Messages sent via contact forms or email

Payment information is processed securely by third-party payment providers. We do not store full payment card details.

b) Automatically collected information

  • IP address

  • Browser type and version

  • Device information

  • Pages visited and interactions with the website

  • Referring website

This data is collected using cookies and analytics tools.

3. How We Use Your Personal Data

We use your personal data to:

  • Provide and deliver digital products and services

  • Process payments and manage purchases

  • Communicate with you regarding orders, services, or support

  • Send marketing emails where you have given consent

  • Improve our website, content, and services

  • Analyse website usage and performance

  • Comply with legal and regulatory obligations

4. Legal Bases for Processing

Under UK GDPR, we process your personal data on the following legal bases:

  • Contract – to fulfil purchases and provide services

  • Consent – for email marketing and non-essential cookies

  • Legitimate interests – to operate and improve our business

  • Legal obligation – for tax, accounting, and compliance purposes

5. Email Marketing

If you sign up to our mailing list, we may send you marketing emails about products, services, updates, or insights from Surface & Soul.

  • You will only receive marketing emails if you have actively opted in

  • You can unsubscribe at any time using the link in every email

  • We use MailerLite as our email marketing platform

By subscribing, you acknowledge that your information will be transferred to MailerLite for processing in accordance with their privacy practices and UK GDPR requirements.

6. Analytics

We use analytics tools to understand how visitors use our website. These tools collect information such as:

  • Pages visited

  • Time spent on pages

  • Device and browser information

This data helps us improve the performance, usability, and effectiveness of our website.

7. Cookies

Our website uses cookies and similar technologies.

  • Essential cookies are necessary for the website to function properly

  • Non-essential cookies, including analytics and marketing cookies, are only used with your consent

You can manage or withdraw your cookie preferences through our cookie banner or your browser settings at any time.

8. Payments

All payments are processed securely by trusted third-party payment providers. Surface & Soul does not store or process full payment card details.

9. Sharing Your Data

We may share your personal data with trusted third parties where necessary, including:

  • Website hosting and infrastructure providers

  • Payment processors

  • Email marketing services (MailerLite)

  • Analytics providers

  • Professional advisers (legal or accounting)

All third parties are required to process your data securely and in compliance with data protection laws.

10. International Data Transfers

Some service providers may process data outside the United Kingdom. Where this occurs, we ensure appropriate safeguards are in place, such as:

  • UK adequacy regulations

  • Standard contractual clauses or equivalent legal protections

11. Data Retention

We retain personal data only for as long as necessary to:

  • Provide our services

  • Fulfil contractual and legal obligations

  • Resolve disputes or enforce agreements

When personal data is no longer required, it is securely deleted or anonymised.

12. Your Data Protection Rights

Under UK GDPR, you have the right to:

  • Access your personal data

  • Request correction of inaccurate data

  • Request deletion of your data

  • Restrict or object to processing

  • Withdraw consent at any time

  • Request data portability

  • Lodge a complaint with the Information Commissioner’s Office (ICO)

ICO website: https://www.ico.org.uk

13. Data Security

We take appropriate technical and organisational measures to protect your personal data against loss, unauthorised access, or misuse.

14. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be published on this page with an updated “Last updated” date.

15. Contact Us

If you have any questions about this Privacy Policy or how your data is handled, please contact:

Email: hello@surfaceandsoul.co.uk
Business name: Surface & Soul