Privacy Policy

You are here: / Privacy Policy

2. Who we are

Our website address is: https://shop.andrea-smoothlife.com.
Controller for data protection:
Kaysa Limited
Andrea Sachtleben (Director)
167-169 Great Portland Street, London, W1W 5PF, United Kingdom
Email: shop@andrea-smoothlife.com

2. What Personal Data We Collect and Why

a) Shop/Checkout Data (WooCommerce)

When you purchase tickets, we collect:

  • Name, email, billing address, phone number (to process orders and send tickets).
  • Payment information (handled by Stripe, not stored on our servers).
  • IP address (for fraud prevention and tax compliance).
b) Stripe Payments

We use Stripe to process payments. Stripe’s privacy policy applies:
👉 https://stripe.com/privacy
Only Stripe has a secure payment handler has access to card details.

c) PDF Tickets (WooCommerce PDF Invoices)
  • Your name, email, and order details are included in the PDF ticket for verification.
  • Tickets are emailed to you and stored in our order system for 6 years (UK tax law).
d) Analytics & Cookies
  • We use Google Analytics (if applicable) to track visitor behavior (anonymized IP).
    Opt-out: https://tools.google.com/dlpage/gaoptout
  • Facebook Pixel/Ads (if used): Data may be shared with Facebook for retargeting.
e) Email Marketing
  • If you opt into our newsletter (e.g., for show updates), we use Brevo to send emails.
    Unsubscribe link is included in every email.

3. Cookies (Expanded for WooCommerce)

In addition to WordPress cookies, we use:

  • WooCommerce cookies to track cart contents and checkout progress.
  • Stripe cookies for payment processing.
  • Google/Facebook cookies (if you run ads).

How to disable cookies:
Users can adjust browser settings to refuse cookies. However, some features (e.g., checkout) may not work without them.

4. Who We Share Your Data With

  • Stripe (payment processing).
  • Spam detection: Akismet (if enabled) checks comments (Privacy Policy: https://automattic.com/privacy/).
  • Hosting provider (e.g., All-inkl., SiteGround): Servers located in the EU/UK (GDPR-compliant).
  • Legal obligations: We may disclose data if required by law (e.g., tax authorities).

5. How Long We Retain Your Data

  • Order data: 6 years (UK tax law).
  • Comments: Indefinitely (unless you request deletion).
  • User accounts: Until deleted by the user.
  • Analytics data: 26 months (Google Analytics default).

6. Your Rights Over Your Data

  • Under GDPR, you can:
    1. Request a copy of your data (free of charge).
    2. Request deletion of your data* (except where legally required, e.g., tax records).
    3. Object to processing (e.g., marketing emails).
    4. Request correction of inaccurate data.

    To exercise these rights, email us at shop(a)Andrea-smoothlife.com

    Exceptions:

    • We cannot delete transaction data required for tax/auditing (UK law).
    • Anonymous data (e.g., analytics) is excluded.

7. Where We Send Your Data

  • Stripe (US, but GDPR-compliant via EU-US Data Privacy Framework).
  • Email providers (e.g., Gmail, Mailchimp) for order confirmations/newsletters.
  • Backup services (e.g., UpdraftPlus) store encrypted backups for 30 days.

8. Security Measures

  • SSL encryption (https://) for all data transfers.
  • Password-protected customer accounts.
  • Regular backups stored securely offsite.
  • Payment data is never stored on our servers (handled by Stripe).

9. Third-Party Services

10. Data Breaches

  • We will notify you within 72 hours if your data is compromised (GDPR requirement).

11. Changes to This Policy

  • We update this policy when services change. Last updated: 30. March 2026