Privacy Policy

Last updated: [01 January 2026]

PuzzleBook.Store (“we”, “us”, or “our”) respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and protect your information in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who We Are

PuzzleBook.Store is an online store operating in the United Kingdom and is the data controller for personal data collected through this website.

2. Information We Collect

We may collect the following personal data:

a) Information you provide

  • Name

  • Email address

  • Billing and shipping address

  • Payment-related information (processed securely by third parties)

  • Messages submitted through the website contact form

b) Automatically collected information

  • IP address

  • Browser type and device information

  • Anonymous website usage data

3. How We Collect Information

We collect information when you:

  • Place an order on our website

  • Contact us using the website contact form

  • Browse or interact with the website

  • Make a payment

4. Legal Basis for Processing

We process personal data under the following lawful bases:

  • Contract – to process and deliver orders

  • Consent – where you voluntarily submit information or accept cookies

  • Legitimate interests – to operate and improve our website

  • Legal obligation – for tax, accounting, or regulatory purposes

5. How We Use Your Information

We use your information to:

  • Process and fulfil orders

  • Handle payments and refunds

  • Respond to customer enquiries

  • Improve website functionality and performance

  • Prevent fraud and maintain security

We do not sell or rent your personal data.

6. Payments

Payments made through PuzzleBook.Store are processed securely by third-party payment processors. We do not store or have access to your full payment card details.

Payment providers process your data in accordance with their own privacy policies and UK GDPR requirements.

7. Cookies

This website uses cookies and similar technologies to:

  • Ensure basic website functionality

  • Collect anonymous analytics data

You can control or disable cookies through your browser settings. Continued use of the website implies consent where required.

8. Third-Party Services

We may share limited personal data with trusted third-party services, including:

  • Website hosting providers

  • Payment processors

  • Analytics providers

These third parties only process data on our instructions or under their own GDPR-compliant policies.

9. Data Retention

We retain personal data only for as long as necessary to:

  • Fulfil orders

  • Meet legal and accounting requirements

  • Resolve disputes

When data is no longer required, it is securely deleted.

10. Your Data Protection Rights

Under UK GDPR, you have the right to:

  • Access your personal data

  • Request correction of inaccurate data

  • Request deletion of your data

  • Restrict or object to processing

  • Withdraw consent at any time

You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO).

11. Data Security

We take appropriate technical and organisational measures to protect personal data against unauthorised access, loss, or misuse.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated revision date.

13. Contact

If you have questions about this Privacy Policy or your personal data, you may contact us using the website contact form.