Privacy Policy
1. Who We Are
Operator: Sonak Media Ltd Trading as PoshPinnacle
Registered Address: Sonak Media Ltd, C/O Your E-commerce Accountant, The Keep Creech Castle, Taunton, TA1 2DX, United Kingdom
Email: info@sonakmedia.com or support@poshpinnacle.com
Phone: +44 7457408836
About Us: PoshPinnacle is an e-commerce platform hosted on Shopify, which provides the technology to sell our products securely.
2. Our Warehouse Locations
To ensure fast delivery, we use a global warehouse network. Your order is automatically routed to the nearest location:
(a) Australia: Sydney
(b) Germany: Salzburg
(c) Italy: Beati, Como, Florence, Genova, Giuseppe, Milan, Milano, Piacenza, Rome, Modena
(d) Sweden: Jönköping (Bankeryd), Jönköping, Stockholm
(e) Spain: Alicante
(f) USA: Florida, Minnesota
3. Data We Collect
We collect the following information to process orders and improve your experience:
a. Identifiers
-
Name, email, phone number, shipping/billing address – Required for order fulfilment.
b. Payment Information
Credit/debit card details – Processed securely via Shopify Payments and PayPal (we never store raw card data).
- PCI-DSS Explained: The Payment Card Industry Data Security Standard ensures your payment data is encrypted and handled securely.
c. Device and Behavioral Data
(a) IP address, browser type, time zone – Collected via cookies and analytics tools (e.g., Google Analytics).
(b) Browsing history – Helps personalise product recommendations.
d. Account Information
Username, password, preferences – Stored for registered users.
e. Customer Support Records
Emails, chat logs, and phone calls – Used to resolve issues and improve service.
Legal Basis: We process data to fulfil orders (contractual necessity), improve our services (legitimate interest), or with your consent (e.g., marketing emails).
4. How We Use Your Data
Your information is used to:
(a) Process orders (payment, shipping, returns).
(b) Prevent fraud (e.g., screening high-risk transactions).
(c) Improve our website (via analytics on user behavior).
(d) Send marketing emails (only with your consent).
5. Third-Party Sharing
We share data only with trusted partners:
|
Category |
Partners |
Purpose |
Data Shared |
|
Payment Processors |
Shopify Payments, PayPal |
Secure payment processing |
Card details (encrypted) |
|
Shipping Carriers |
FedEx, UPS, DHL |
Deliver orders and provide tracking |
Name, address, phone number |
|
Analytics |
Google Analytics |
Improve website performance |
Anonymised browsing data |
|
Customer Support |
Tidio |
Respond to enquiries |
Order details, contact info |
Note: Third-party providers (e.g., PayPal) operate under their own privacy policies. For example, US-based companies may comply with laws like the Patriot Act.
6. Data Security
We protect your data through:
(a) SSL/TLS Encryption: Secures data transmitted between your browser and our server.
(b) PCI-DSS Compliance: Ensures payment data is processed securely.
(c) Access Controls: Only authorised staff can view personal data.
7. Retention Periods
(a) Orders: 7 years (for tax/legal compliance).
(b) Accounts: Deleted after 2 years of inactivity.
(c) Marketing Data: Removed upon opt-out or after 2 years.
8. Your Rights (GDPR Compliance)
Under the General Data Protection Regulation (GDPR), you can:
(a) Access your data.
(b) Correct inaccuracies.
(c) Delete your data (unless legally required to retain).
(d) Withdraw consent (e.g., unsubscribe from emails).
Request Method: Email support@poshpinnacle.com with "Data Request" in the subject line.
9. Cookies and Tracking
We use:
(a) Essential Cookies: Required for checkout (e.g., cart functionality).
(b) Analytics Cookies: Track site usage (opt-out via Google's tool).
(c) Advertising Cookies: For personalised ads (enabled only with consent).
Do Not Track (DNT): We do not respond to DNT browser signals.
10. International Data Transfers
Data may be transferred to:
(a) Shopify Payments (US): Certified under the EU-US Data Privacy Framework.
(b) DHL (Germany): Complies with GDPR.
Safeguards (e.g., Standard Contractual Clauses) protect cross-border transfers.
11. Children's Privacy
Our services are not for users under 18. We delete any accidentally collected minor data upon request.
12. Automated Decisions
We do not use fully automated systems (e.g., AI profiling) for order approvals.
13. Third-Party Links
Links to external sites (e.g., partner brands) are not governed by this policy.
14. Data Breach Response
If a breach occurs, we will:
1. Notify affected users within 72 hours.
2. Report to the UK Information Commissioner's Office (ICO).
15. Updates & Contact
Policy Changes: Posted on our website; major updates emailed.
Questions? Email support@poshpinnacle.com