Privacy Policy

Last Updated:

29/06/2026 [DD/MM/YYYY]

This Privacy Policy explains how danielwhitesman.com (“we”, “us”, “our”, “the website”) collects, uses, stores, and protects your personal information when you visit, make a purchase from, or otherwise interact with this website. We are committed to protecting your privacy and handling your data in an open and transparent manner.

This website is operated from the United Kingdom and complies with UK data protection law, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. Because the website is accessible globally and sells to customers in multiple jurisdictions, we also outline below how we address the rights of visitors in the European Union and the United States.

1. Who We Are

danielwhitesman.com is owned and operated by Soundvine, a web design agency based in the United Kingdom, which also designed and maintains the website.

For the purposes of UK and EU data protection law, the data controller is Soundvine.

2. Information We Collect

We may collect and process the following types of information:

  • Order and payment information: when you make a purchase, we collect your name, billing address, shipping address, email address, telephone number, and order details. Payments are processed through Stripe via WooCommerce (see Section 6). We do not store or have access to your full card details — these are handled directly and securely by Stripe.
  • Information you provide directly: such as your name, email address, and message content when you complete the customer service form or otherwise correspond with us.
  • Technical information collected automatically: such as your IP address, browser type and version, device information, operating system, referring website, and pages visited.
  • Cookies and similar technologies: as described in the Cookies section below.

3. How We Use Your Information

We use the information we collect to:

  • Process and fulfil your orders, including taking payment and arranging delivery;
  • Provide customer service and respond to your enquiries;
  • Manage your account, where applicable;
  • Send order confirmations, transactional messages, and, where you have opted in, marketing communications;
  • Operate, maintain, secure, and improve the website;
  • Detect and prevent fraud and comply with our legal and accounting obligations.

4. Legal Basis for Processing (UK & EU)

Under the UK GDPR and EU GDPR, we rely on the following legal bases to process your personal data:

  • Contract: to process and fulfil your orders and provide the products and services you request.
  • Consent: where you have given clear consent, for example by opting in to marketing or accepting non-essential cookies.
  • Legitimate interests: where processing is necessary for our legitimate business interests, such as preventing fraud, improving the website, and ensuring its security, provided these do not override your rights.
  • Legal obligation: where we are required to process and retain data to comply with the law, including tax and accounting requirements.

5. Cookies

This website uses cookies and similar technologies to function correctly and to understand how visitors use the site. Cookies are small text files stored on your device.

  • Essential cookies: necessary for the website and shopping functionality (such as your basket and checkout) to operate.
  • Analytics cookies: help us understand how visitors interact with the site [e.g. Google Analytics — remove if not used].
  • Functional cookies: remember your preferences and choices.

You can control or disable cookies through your browser settings. Where required by law, we will request your consent before placing non-essential cookies.

6. Third-Party Services

We use trusted third-party services that process data on our behalf in order to operate the website and fulfil orders:

  • WooCommerce: the e-commerce platform that powers our online store.
  • Stripe: our payment processor. When you make a payment, your card details are submitted directly to Stripe, which is certified to PCI-DSS standards. We receive confirmation of payment but do not store your full card information. Stripe’s handling of your data is governed by its own privacy policy.
  • Website hosting: danielwhitesman.com is hosted via hostinger.com

These providers are only permitted to use your data as necessary to provide their services to us and are required to keep it secure.

7. International Data Transfers

As this website is accessible globally and uses service providers that may operate internationally (including Stripe), your information may be transferred to, stored, or processed in countries outside the United Kingdom or European Economic Area. Where this occurs, we take steps to ensure your data is protected by appropriate safeguards, such as Standard Contractual Clauses or transfers to countries deemed to provide an adequate level of protection.

8. Your Rights

If you are in the UK or EU

Under the UK GDPR and EU GDPR, you have the right to:

  • Access the personal data we hold about you;
  • Request correction of inaccurate or incomplete data;
  • Request erasure of your data (“right to be forgotten”), subject to legal retention requirements;
  • Restrict or object to processing;
  • Data portability;
  • Withdraw consent at any time;
  • Lodge a complaint with a supervisory authority — in the UK, the Information Commissioner’s Office (ICO).
If you are in the United States

Depending on your state of residence, you may have rights under laws such as the California Consumer Privacy Act (CCPA/CPRA) or similar state legislation. These may include the right to know what personal information we collect, the right to request deletion, the right to opt out of the “sale” or “sharing” of personal information, and the right not to be discriminated against for exercising your rights. We do not sell your personal information.

To exercise any of these rights, please contact us using the customer service form (see Section 13).

9. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected. Order and transaction records are kept for as long as required to meet our legal, tax, and accounting obligations. When data is no longer needed, we securely delete or anonymise it.

10. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, misuse, or alteration. Payment processing is handled securely by Stripe, and sensitive payment data does not pass through or get stored on our own systems. However, no method of transmission over the internet is completely secure, and we cannot guarantee absolute security.

11. Children’s Privacy

This website is not intended for children under the age of 13 (or the equivalent minimum age in your jurisdiction). We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us so we can remove it.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. Any changes will be posted on this page with an updated “Last updated” date.

13. Contact Us

If you have any questions about this Privacy Policy, wish to exercise your data protection rights, or have any other concerns about how we handle your personal data, please get in touch using the customer service form on our contact page.

Website owned and maintained by Soundvine, United Kingdom.