Privacy Policy

Last updated: January 2026

Introduction

Simon Robin Stephens ("we", "our", "us") respects your privacy and is committed to protecting your personal data. This privacy policy explains how we collect, use, and safeguard your information when you visit our website simonrobinstephensart.com or make a purchase from us.

1. Information We Collect

1.1 Information You Provide

We collect information you provide directly to us when you:

  • Make a purchase
  • Subscribe to our newsletter
  • Contact us via email or contact form
  • Engage with us on social media

This information may include:

  • Name
  • Email address
  • Shipping address
  • Phone number (if provided)
  • Payment information (processed securely via SumUp)

1.2 Information Collected Automatically

When you visit our website, we may automatically collect:

  • Device information (browser type, operating system)
  • Usage data (pages visited, time spent on site)
  • IP address and location data

2. How We Use Your Information

We use the information we collect to:

  • Process orders: Fulfill and deliver your purchases
  • Communicate: Send order confirmations, shipping updates, and respond to inquiries
  • Marketing: Send newsletters and promotional emails (with your consent)
  • Improve services: Analyze website usage to enhance user experience
  • Legal compliance: Comply with legal obligations and protect our rights

3. Legal Basis for Processing (UK GDPR)

We process your personal data under the following legal bases:

  • Contract performance: To fulfill our contract with you when you make a purchase
  • Legitimate interests: To improve our services and protect our business
  • Consent: For marketing communications (you can withdraw consent at any time)
  • Legal obligation: To comply with tax and accounting requirements

4. Information Sharing

We do not sell your personal information. We may share your information with:

  • Service providers: SumUp (payment processing), Royal Mail (shipping), Resend (email delivery)
  • Legal requirements: When required by law or to protect our rights
  • Business transfers: In connection with any merger, sale, or acquisition of our business

5. Data Security

We implement appropriate technical and organizational measures to protect your personal data:

  • SSL encryption for data transmission
  • Secure payment processing via PCI-DSS compliant SumUp
  • Access controls and authentication
  • Regular security assessments

Note: No method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

6. Your Rights

Under UK GDPR, you have the following rights:

  • Right to access: Request a copy of your personal data
  • Right to rectification: Correct inaccurate or incomplete data
  • Right to erasure: Request deletion of your data (subject to legal obligations)
  • Right to restrict processing: Limit how we use your data
  • Right to data portability: Receive your data in a structured format
  • Right to object: Object to processing based on legitimate interests
  • Right to withdraw consent: Withdraw marketing consent at any time

To exercise any of these rights, please contact us. We will respond within one month.

7. Cookies

We use essential cookies to ensure our website functions properly. We do not use tracking or advertising cookies.

Essential Cookies:

  • Session management
  • Shopping cart functionality
  • Security features

You can control cookies through your browser settings, but disabling them may affect website functionality.

8. Data Retention

We retain your personal data for as long as necessary to fulfill the purposes outlined in this policy:

  • Order data: 7 years (for accounting and tax purposes)
  • Newsletter data: Until you unsubscribe
  • Contact inquiries: 2 years after last contact
  • Chat conversations: 90 days, then automatically deleted

9. AI Chatbot

We use an AI-powered chatbot to answer common questions about our artwork, shipping, and services.

Data Collected:

  • Your chat messages and bot responses
  • Session ID (random identifier, not personally identifiable)
  • Timestamp of conversation

How We Use This Data:

  • To provide customer support
  • To improve chatbot responses
  • To escalate complex inquiries to Simon

Data Storage:

  • Stored securely on Cloudflare infrastructure (UK/EU data centers)
  • Automatically deleted after 90 days
  • Not shared with third parties
  • Not used to train AI models

Your Rights: You can request deletion of your chat history at any time by contacting us.

10. Third-Party Links

Our website may contain links to third-party websites (e.g., Instagram, Facebook). We are not responsible for the privacy practices of these external sites. Please review their privacy policies before providing personal information.

11. Children's Privacy

Our website is not intended for children under 16. We do not knowingly collect personal data from children. If you believe we have collected information from a child, please contact us immediately.

12. Changes to This Policy

We may update this privacy policy from time to time. Changes will be posted on this page with an updated revision date. We encourage you to review this policy periodically. Continued use after changes constitutes acceptance.

12. Contact Information

If you have questions about this privacy policy or wish to exercise your rights, please contact:

Simon Robin Stephens

contact@simonrobinstephensart.com

Carshalton, South London, UK

Questions or Concerns?

If you have concerns about how your data is handled, you also have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK's supervisory authority for data protection.

Contact Us