Privacy Policy

Last updated: April 2026

Who We Are

Netherton’s Ltd is a family-run greeting card publishing company based in Cornwall, England. Our website address is https://www.nethertons.com. We are committed to protecting your privacy and handling your personal data responsibly.

Contact: Netherton’s Ltd, 12 Cornelius Drive, Truro, Cornwall, TR1 1GU
Email: info@nethertons.com
Phone: 01872 496078

What Data We Collect

When you use our website, we may collect the following information:

  • When you place an order: Your name, email address, phone number, billing address, shipping address, and payment information (processed securely by Stripe — we do not store your card details).
  • When you create an account: Your name, email address, and password (encrypted).
  • When you contact us: Your name, email address, phone number, and the content of your message.
  • When you browse our site: Technical data such as your IP address, browser type, pages visited, and referring website. This is collected via cookies and analytics tools.
  • When you sign up to our newsletter: Your name and email address.

How We Use Your Data

We use the information we collect to:

  • Process and fulfil your orders, including sending dispatch notifications
  • Communicate with you about your order or enquiry
  • Manage your account if you create one
  • Send you marketing emails if you have opted in (you can unsubscribe at any time)
  • Improve our website and understand how visitors use it
  • Comply with legal obligations, such as tax and accounting requirements

Legal Basis for Processing

Under UK GDPR, we process your personal data on the following legal bases:

  • Contract: Processing necessary to fulfil your order or respond to your enquiry.
  • Legitimate interest: Improving our website, preventing fraud, and understanding our customers.
  • Consent: Sending marketing communications. You can withdraw consent at any time.
  • Legal obligation: Retaining order data for tax and accounting purposes.

Payment Security

All payments are processed securely by Stripe. Your credit or debit card details are encrypted and sent directly to Stripe — we never see, store, or have access to your full card number. Stripe is PCI DSS Level 1 compliant, the highest level of security certification available.

Who We Share Your Data With

We only share your data with trusted third parties who help us run our business:

  • Stripe — to process payments securely
  • Royal Mail / courier services — to deliver your order (name and address only)
  • WPMU DEV — our website hosting provider
  • MailOctopus — to manage our newsletter mailing list (if you subscribe)

We do not sell, rent, or trade your personal data to any third parties for marketing purposes.

Cookies

Our website uses cookies to provide essential functionality and improve your experience:

  • Essential cookies: Required for the shopping basket, checkout process, and account login to work.
  • Analytics cookies: Help us understand how visitors use our site so we can improve it. These may include Google Analytics or similar services.
  • Marketing cookies: Used by Facebook Pixel to help us show relevant advertising. You can opt out of these.

You can control cookies through your browser settings. Please note that disabling essential cookies may prevent the shop from functioning correctly.

How Long We Keep Your Data

  • Order data: Retained for 6 years to comply with UK tax and accounting regulations.
  • Account data: Retained for as long as your account is active. You can request deletion at any time.
  • Contact form messages: Retained for up to 12 months, then deleted.
  • Newsletter subscribers: Retained until you unsubscribe.
  • Analytics data: Aggregated and anonymised data may be retained indefinitely.

Your Rights

Under UK GDPR, you have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you.
  • Rectification: Ask us to correct any inaccurate or incomplete data.
  • Erasure: Ask us to delete your personal data (subject to legal retention requirements).
  • Restriction: Ask us to limit how we use your data.
  • Portability: Request your data in a portable format.
  • Objection: Object to processing based on legitimate interest or for marketing purposes.
  • Withdraw consent: Where processing is based on consent, you can withdraw it at any time.

To exercise any of these rights, please contact us at info@nethertons.com. We will respond within 30 days.

Children’s Privacy

Our website is not directed at children under the age of 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal information, please contact us and we will delete it promptly.

Links to Other Websites

Our website may contain links to other websites, including artist websites and social media platforms. We are not responsible for the privacy practices of these external sites. We encourage you to read their privacy policies.

Changes to This Policy

We may update this privacy policy from time to time to reflect changes in our practices or legal requirements. Any changes will be posted on this page with an updated date. We encourage you to review this policy periodically.

Complaints

If you are unhappy with how we have handled your personal data, please contact us first at info@nethertons.com so we can try to resolve the issue. You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK’s data protection authority.