Monarch's Guild

Privacy Policy

This Privacy Policy explains how we collect, use, store, and protect your personal data when you visit our website or buy from us. It applies to monarchsguild.com (the “Site”).

We are committed to handling your personal data in line with the UK GDPR, the Data Protection Act 2018, the Privacy and Electronic Communications Regulations (PECR), and the Data (Use and Access) Act 2025.

1. Who we are

This Site is operated by Jacob Bodman (“we”, “us”, “our”), trading as Monarchs Guild.

  • Trading name: Monarchs Guild
  • Legal entity: Jacob Bodman, Sole Trader
  • Contact Address: 26 Kings Hill Avenue Kings Hill, West Malling, Maidstone, Kent, ME19 4AE
  • Contact email: absokith@gmail.com

For the purposes of data protection law, we are the data controller for the personal data described in this policy.

2. What personal data we collect and why

2.1 Information you give us

When you place an order, create an account, or contact us, we collect:

  • Identity and contact data: Name, billing address, delivery address, email address, and phone number.
  • Order and transaction data: Products purchased, order value, order history, and delivery details. We collect this to fulfil your order, take payment, arrange delivery, handle returns, and meet our legal and tax obligations.
  • Communications: Content of messages you send us via email or any contact form, kept so we can respond and provide customer support.

We do not store full payment card details. Card payments are processed securely by our payment processor (see Section 4). We may retain limited information such as the last four digits of a card and the transaction reference for accounting and fraud-prevention purposes.

2.2 Information we collect automatically

When you use the Site we collect technical data through cookies and similar technologies, including IP address, browser type, device information, and pages visited. We use this to keep the Site secure, make it work correctly, and (where applicable) understand how it is used. See Section 8 for cookie detail.

2.3 Lawful bases for processing

We process your personal data on the following lawful bases under the UK GDPR:

  • Contract: To take and fulfil your order, process payment, and arrange delivery.
  • Legal obligation: To keep accounting, tax, and transaction records as required by UK law.
  • Legitimate interests: To secure and operate the Site, prevent fraud, respond to enquiries, and (where you have not opted out) understand how the Site is used.
  • Consent: For non-essential cookies and any direct marketing. You can withdraw consent at any time.

3. Marketing communications

If you opt in, we may send you marketing emails about new sales, restocks, and related products. We rely on your consent, or the soft opt-in where you are an existing customer and we are marketing similar products. Every marketing email contains an unsubscribe link, and you can opt out at any time by emailing us.

4. Who we share your data with

We do not sell your personal data. We share it only with the following categories of recipient, and only as far as necessary:

  • Payment processor: Stripe. We share the data needed to take and verify your payment. Their privacy policy: https://stripe.com/gb/privacy.
  • Royal Mail: We share your name and delivery address so your order can be dispatched and delivered. Royal Mail’s privacy policy: https://www.royalmail.com/privacy-policy
  • Our website platform and hosting provider: WordPress.com and Woocommerce.com, which hosts the Site and processes data on our behalf as a data processor under contract. Their privacy policy: https://automattic.com/privacy/
  • Professional advisers and authorities: Accountants, and HMRC or other authorities where we are legally required to disclose information.

We require all processors acting on our behalf to protect your data and to use it only for the purposes we specify.

5. How long we retain your data

  • Order and transaction records: Retained for 8 years after the end of the relevant financial year, to comply with UK tax and accounting law
  • Account data: Retained for as long as your account is active, then deleted or anonymised within a reasonable period after closure (subject to the order-record requirement above).
  • Contact and customer-support messages: Retained for 24 months for service and reference purposes.
  • Marketing contacts: Retained until you unsubscribe or withdraw consent.

6. Where your data is sent (international transfers)

Some of our service providers (for example our website platform and payment processor) are based outside the UK. Where personal data is transferred outside the UK, we ensure it is protected to a standard equivalent to UK data protection law, through one of the following safeguards:

  • transfer to a country covered by UK adequacy regulations, or
  • the use of the UK International Data Transfer Agreement (IDTA) or the UK Addendum to the EU Standard Contractual Clauses, plus appropriate technical safeguards.

You can contact us for more detail on the safeguards applied to any specific transfer.

7. Your rights over your data

Under UK data protection law you have the right to:

  • Be informed about how your data is used (this policy).
  • Access the personal data we hold about you.
  • Rectification of inaccurate or incomplete data.
  • Erasure of your data (“right to be forgotten”), where there is no overriding legal reason to keep it.
  • Restrict processing of your data in certain circumstances.
  • Data portability Receive your data in a structured, machine-readable format.
  • Object to processing based on legitimate interests, and to direct marketing at any time.
  • Rights in relation to automated decision-making and profiling (see Section 11).

To exercise any of these rights, email us at Absokith@gmail.com. We will respond within one month. We may ask you to verify your identity, and in limited cases the deadline can be paused while we seek information reasonably needed to clarify your request.

8. Cookies

We use cookies to make the Site work and to improve your experience. We use:

  • Strictly necessary cookies: Required for core functions such as the shopping basket, checkout, and security. These do not require consent.
  • Functional cookies: Remember your preferences.
  • Analytics cookies: Help us understand how the Site is used.

You can manage non-essential cookies through our cookie banner and change your choice at any time. You can also block or delete cookies in your browser settings, though some parts of the Site may not work properly as a result.

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

9. How we protect your data

We use appropriate technical and organisational measures to protect your personal data, including:

  • HTTPS/TLS encryption across the Site and at checkout;
  • payment processing handled by a PCI-DSS compliant payment provider, so we do not store full card details;
  • access controls and strong authentication on the accounts and systems used to run the business;
  • keeping software, plugins, and the platform up to date.

No method of transmission or storage is completely secure, but we take reasonable steps to keep your data safe.

10. Data breach procedures

If a personal data breach occurs, we will assess the risk to affected individuals. Where the breach is likely to result in a risk to your rights and freedoms, we will report it to the Information Commissioner’s Office (ICO) within 72 hours of becoming aware of it. Where the breach is likely to result in a high risk to you, we will also notify you directly without undue delay.

11. Automated decision-making and profiling

We do not make decisions about you based solely on automated processing that produce legal or similarly significant effects.

12. Children

The Site and our products are intended for adults. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, contact us and we will delete it.

13. Complaints and contact

If you have any questions or concerns about how we handle your personal data, or you wish to make a complaint, please contact us first:

  • Email: Absokith@gmail.com
  • Postal Address: 26 Kings Hill Avenue Kings Hill, West Malling, Maidstone, Kent, ME19 4AE

We will acknowledge your complaint within 30 days, look into it without undue delay, and let you know the outcome.

If you remain dissatisfied after raising the matter with us, you have the right to complain to the UK’s data protection regulator:

  • Information Commissioner’s Office (ICO)
  • Website: https://ico.org.uk
  • Helpline: 0303 123 1113

14. Changes to this policy

We may update this Privacy Policy from time to time. The current version, with its “Last updated” date, will always be available on this page.