Privacy Policy

Last updated: 25th September 2025

The Peace Tree respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and protect your information when you visit our website, purchase our services, or interact with us online.

1. Information We Collect

We may collect and process the following personal data when you use our website or services:

  • Identity Data: name, title, date of birth.

  • Contact Data: billing address, delivery address, email address, telephone number.

  • Financial Data: payment card details (processed securely by our payment providers, not stored by us).

  • Transaction Data: details of payments made, services purchased, and order history.

  • Technical Data: IP address, browser type, operating system, cookies, and browsing behaviour on our website.

  • Marketing & Communications Data: preferences for receiving marketing and communication.

2. How We Use Your Information

We use your personal data for:

  • Processing and fulfilling your orders.

  • Managing payments and preventing fraud.

  • Providing customer support and responding to enquiries.

  • Sending important service and account updates.

  • Marketing (only if you have opted in).

  • Improving our website, products, and services.

We will only use your personal data where the law allows us, such as:

  • To perform a contract with you.

  • To comply with legal obligations.

  • Where it is in our legitimate interests and your rights do not override these.

  • With your consent (e.g. marketing communications).

3. Payments & Security

We do not store or have access to your full payment card details. Payments are processed securely through Stripe, which complies with PCI-DSS standards.

4. Cookies

Our website uses cookies to improve your browsing experience and track site performance. You can control or disable cookies through your browser settings.

5. Data Sharing

We do not sell your data. We may share personal data with:

  • Service providers (e.g. payment processors, IT hosting).

  • Professional advisors (lawyers, accountants, auditors).

  • Regulators and authorities where required by law.

All third parties are required to respect the security of your data and treat it in accordance with the law.

6. Data Retention

We keep personal data only for as long as necessary to fulfil the purposes we collected it for, including satisfying any legal, accounting, or reporting requirements.

7. Your Data Protection Rights

Under UK GDPR, you have the right to:

  • Access the personal data we hold about you.

  • Request correction of inaccurate data.

  • Request deletion of your data.

  • Object to or restrict processing of your data.

  • Request transfer of your data to another service.

  • Withdraw consent at any time (where processing is based on consent).

To exercise these rights, please contact us.

8. Data Security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used, altered, disclosed, or accessed without authorisation.

9. International Transfers

If we transfer your personal data outside the UK/EEA, we will ensure appropriate safeguards (such as Standard Contractual Clauses) are in place.

10. Contact Us

If you have any questions about this Privacy Policy or how we handle your personal data, please contact us:

If you are not satisfied, you also have the right to complain to the UK’s data protection authority, the Information Commissioner’s Office (ICO): www.ico.org.uk.