Privacy Policy

This Privacy Policy explains how Charlies Chapters collects, uses, stores and protects your personal information when you use our website, place an order, contact us, or use our services.

We are committed to protecting your privacy and handling your personal data responsibly, fairly and lawfully.

1. Who We Are

This website is operated by Charlies Chapters.

Business name: Charlies Chapters
Website: www.charlieschapters.co.uk
Contact: Please contact us using the contact form on our website
Business address: 81 Balmoral Drive, Southport, PR9 8QH
Company number: 06386895
VAT number: GB 920245361
ICO registration number: C1927550

Charlies Chapters is a family-run UK bookseller trusted since 2007.

2. What Personal Information We Collect

We may collect and process the following information:

your name;
billing address;
delivery address;
email address;
telephone number, where provided;
order details;
payment status and transaction reference;
customer account details, if you create an account;
messages you send to us through our contact form or customer service;
delivery and tracking information;
IP address;
device and browser information;
website usage data;
cookie preferences;
marketing preferences, if you choose to receive marketing.

We do not store full card payment details on our website. Payments are processed securely by the payment provider shown at checkout, such as PayPal or any other available payment option.

3. How We Collect Your Information

We collect personal information when you:

place an order;
create a customer account;
contact us through our website;
subscribe to marketing emails, if available;
browse or use our website;
accept or manage cookies;
communicate with us about an order, return or refund.

Some information is provided directly by you. Other information may be collected automatically through website systems, cookies, analytics tools or security services.

4. Why We Use Your Personal Information

We use your personal information to:

process and fulfil your order;
take payment and prevent fraud;
send order confirmations and updates;
arrange delivery;
handle returns, refunds, cancellations and replacements;
respond to customer service enquiries;
manage customer accounts;
keep records for tax, accounting and legal purposes;
maintain website security;
improve our website and customer experience;
manage cookie and privacy preferences;
send marketing emails, if you have agreed to receive them;
comply with legal obligations.

5. Lawful Basis for Using Your Information

Under UK data protection law, we must have a lawful basis for using your personal information.

We may use your personal information on the following lawful bases:

Purpose	Lawful basis
Processing orders, payments and delivery	Contract
Customer service, returns and refunds	Contract / legitimate interests
Fraud prevention and website security	Legitimate interests
Accounting, tax and legal record keeping	Legal obligation
Improving our website and services	Legitimate interests
Sending marketing emails where you have opted in	Consent
Non-essential cookies and analytics, where required	Consent

Where we rely on consent, you can withdraw your consent at any time.

6. Payment Information

Payments are processed by third-party payment providers, such as PayPal or other providers shown at checkout.

We may receive limited payment information, such as payment status, transaction reference, payment method and fraud checks, but we do not store full card numbers or full payment card security details.

Payment providers process your information according to their own privacy policies.

7. Delivery and Courier Information

To deliver your order, we may share necessary information with couriers, postal services, fulfilment partners or delivery service providers.

This may include your name, delivery address, email address, telephone number where needed, order reference and parcel details.

We only share information needed to complete the delivery or resolve delivery issues.

8. Who We Share Your Information With

We may share personal information with trusted service providers who help us operate our business, including:

website platform provider, such as BigCommerce;
payment providers, such as PayPal;
couriers, postal services and delivery partners;
IT, hosting and security providers;
email and communication service providers;
analytics providers, such as Google Analytics, where used;
accounting, tax, legal or professional advisers;
law enforcement, regulators or government bodies where required by law.

We do not sell your personal information.

9. Marketing Communications

We will only send marketing emails where you have agreed to receive them or where the law otherwise allows.

You can unsubscribe from marketing emails at any time by using the unsubscribe link in the email or by contacting us.

We will still send important service emails about your order, payment, delivery, account, return or refund. These are not marketing emails.

10. Cookies and Analytics

Our website uses cookies and similar technologies to make the website work, support basket and checkout functions, improve security, remember preferences and understand how the website is used.

Some cookies are essential for the website to work. Others, such as analytics or marketing cookies, may require your consent.

Please read our Cookie Policy for more information.

The ICO says cookie rules are covered by PECR, and if cookie data is not anonymous, data protection law can also apply.

11. How Long We Keep Your Information

We only keep personal information for as long as necessary.

We may keep order, payment and customer service records for a period needed to deal with orders, returns, disputes, fraud prevention, accounting, tax and legal obligations.

As a general guide:

Type of information	How long we may keep it
Order and transaction records	Up to 6 years for tax/accounting purposes
Customer service messages	As long as needed to resolve the enquiry and keep business records
Account information	While your account remains active, or until deletion is requested where possible
Marketing preferences	Until you unsubscribe or withdraw consent
Cookie preferences	For the period set by the cookie consent system
Website security logs	For a limited period needed for security and fraud prevention

If we do not have a fixed retention period, we decide how long to keep information based on the reason it was collected, legal requirements, business record needs and whether it may be needed to resolve disputes.

The ICO says privacy notices should explain retention periods or, where there is no fixed period, the criteria used to decide retention.

12. How We Protect Your Information

We use reasonable technical and organisational measures to protect personal information from unauthorised access, loss, misuse or disclosure.

These may include secure website technology, access controls, payment provider security, account protection and limiting access to personal information to those who need it for business purposes.

No website or online system can be guaranteed to be completely secure, but we take privacy and security seriously.

13. International Transfers

Some of our service providers may process personal information outside the UK.

Where this happens, we will take steps to ensure appropriate safeguards are in place, such as using providers with recognised data protection protections, contracts or transfer safeguards required by law.

14. Your Data Protection Rights

Under UK data protection law, you have rights over your personal information.

These may include the right to:

access the personal information we hold about you;
ask us to correct inaccurate information;
ask us to delete your information in certain circumstances;
ask us to restrict how we use your information;
object to certain uses of your information;
ask for a copy of your information in a portable format;
withdraw consent where we rely on consent;
complain to the Information Commissioner’s Office.

The ICO says privacy notices should tell people about their rights, including access, rectification, erasure, restriction, objection and data portability.

15. How to Contact Us About Your Data

If you have any questions about this Privacy Policy or want to exercise your data protection rights, please contact us using the contact form on our website.

Please include enough information for us to identify you and respond to your request.

16. Complaints

If you are unhappy with how we handle your personal information, please contact us first so we can try to resolve the issue.

You also have the right to complain to the Information Commissioner’s Office, the UK data protection regulator.

ICO website: www.ico.org.uk

17. Links to Other Websites

Our website may contain links to other websites. We are not responsible for the privacy practices, security or content of other websites.

You should read the privacy policy of any third-party website you visit.

18. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our website, services, legal requirements or business operations.

The latest version will always be published on this page.