Privacy Policy

1. Introduction

This Privacy Policy explains how Sophie Jane Hardy ('I', 'me', 'my') collects, uses, stores, and protects your personal data when you visit www.sophiejanehardy.com or purchase services from me.

I am committed to protecting your privacy and complying with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

If you have any questions about this policy or how I handle your data, please contact me at: sophie@sophiejanehardy.com

2. Who I Am

Data Controller: Sophie Jane Hardy

Trading as: Sophie Jane Hardy

Contact: sophie@sophiejanehardy.com

Website: www.sophiejanehardy.com

3. What Personal Data I Collect

3.1 When you sign up to my mailing list

  • Your name

  • Your email address

3.2 When you purchase a course or service

  • Your name

  • Your email address

  • Billing address

  • Payment information (processed securely by Stripe or PayPal — I do not store your payment card details)

  • Details of your purchase

3.3 When you contact me

  • Your name and email address

  • Any information you choose to share in your message

3.4 Website usage data (cookies)

My website uses cookies and similar technologies. Please see Section 8 (Cookies) for full details.

4. How I Use Your Personal Data

I use your personal data for the following purposes:

4.1 To deliver services you have purchased
Lawful basis: Performance of a contract

  • To process your order and send you access to courses or services

  • To communicate with you about your purchase or service

4.2 To send you marketing emails
Lawful basis: Consent

  • If you have signed up to my mailing list, I will send you newsletters, updates, and information about my offerings

  • You can unsubscribe at any time using the link in any email, or by contacting me directly

4.3 To respond to your enquiries
Lawful basis: Legitimate interests

  • To respond to messages or enquiries you send me

4.4 To comply with legal obligations
Lawful basis: Legal obligation

  • To maintain financial records as required by HMRC

5. Third Parties I Share Your Data With

I only share your data with trusted third-party service providers who help me run my business. These providers act as data processors on my behalf and are contractually required to protect your data.

5.1 Mailchimp (email marketing)

Your name and email address are stored in Mailchimp when you sign up to my mailing list. Mailchimp is operated by The Rocket Science Group LLC and processes data in the United States under Standard Contractual Clauses. For more information, see Mailchimp's privacy policy at mailchimp.com/legal/privacy.

5.2 ThriveCart (course sales and checkout)

When you purchase a course, your order and contact details are processed through ThriveCart. For more information, see ThriveCart's privacy policy at thrivecart.com/privacy-policy.

5.3 Stripe (payment processing)

Stripe processes your payment securely. I do not have access to your full card details. For more information, see Stripe's privacy policy at stripe.com/gb/privacy.

5.4 PayPal (payment processing)

PayPal processes your payment securely. For more information, see PayPal's privacy policy at paypal.com/uk/legalhub/privacy-full.

5.5 Squarespace (website hosting)

My website is hosted by Squarespace. Squarespace may collect technical data about your visit as part of standard website hosting. For more information, see Squarespace's privacy policy at squarespace.com/privacy.

5.6 Google Analytics (website analytics)

My website uses Google Analytics to help me understand how visitors use my site. Google Analytics uses cookies to collect anonymised data about your visit, such as pages viewed and time spent on the site. This data is aggregated and does not identify you personally. Google Analytics is operated by Google LLC and data may be processed in the United States under Standard Contractual Clauses. For more information, see Google's privacy policy at policies.google.com/privacy.

5.7 Meta Pixel (advertising)

My website uses Meta Pixel to help me understand the effectiveness of any advertising I run on Meta platforms (such as Facebook and Instagram). The Meta Pixel uses cookies and may share data with Meta Platforms Inc., which may process data in the United States. For more information, see Meta's privacy policy at facebook.com/privacy/policy.

6. How Long I Keep Your Data

  • Mailing list data: for as long as you remain subscribed. When you unsubscribe, your data will be removed from my active mailing list. Mailchimp may retain archived data; you can request deletion by contacting me.

  • Purchase and transaction records: I retain these for 7 years in line with HMRC requirements for financial record-keeping.

  • Enquiry and contact data: retained for up to 2 years unless you have become a client, in which case it may be retained for longer as part of our working relationship.

7. Your Rights Under UK GDPR

You have the following rights in relation to your personal data:

  • The right to access — you can request a copy of the personal data I hold about you

  • The right to rectification — you can ask me to correct inaccurate or incomplete data

  • The right to erasure — you can ask me to delete your personal data in certain circumstances

  • The right to restrict processing — you can ask me to limit how I use your data

  • The right to data portability — you can ask for your data in a machine-readable format

  • The right to object — you can object to processing based on legitimate interests, including direct marketing

  • The right to withdraw consent — where processing is based on consent (e.g. mailing list), you can withdraw this at any time

To exercise any of these rights, please contact me at sophie@sophiejanehardy.com. I will respond within one month.

If you are unhappy with how I have handled your data, you have the right to complain to the Information Commissioner's Office (ICO) at ico.org.uk or by calling 0303 123 1113.

8. Cookies

Cookies are small text files placed on your device when you visit a website. My website uses the following types of cookies:

Essential cookies
These are necessary for the website to function and cannot be switched off. They are usually set in response to actions you take, such as setting your privacy preferences or completing a purchase.

Analytics cookies
My website uses Google Analytics, which places cookies on your device to collect information about how visitors use my website, such as which pages are visited most often. This data is aggregated and anonymised. You can manage your cookie preferences using the cookie banner on my site.

Marketing cookies
My website uses Meta Pixel, which may place cookies on your device to help me measure the effectiveness of advertising on Meta platforms. You can manage your cookie preferences using the cookie banner on my site.

You can manage or disable cookies through your browser settings at any time. Please note that disabling certain cookies may affect the functionality of the website

9. Data Security

I take the security of your personal data seriously. Your data is stored within secure third-party platforms (Mailchimp, ThriveCart, Squarespace) which use industry-standard encryption and security measures. I do not store payment card details.

In the event of a data breach that is likely to affect your rights and freedoms, I will notify you and the ICO as required by law.

10. International Data Transfers

Some of the third-party providers I use (including Mailchimp) are based outside the UK. Where your data is transferred internationally, I ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the ICO, to protect your data in line with UK GDPR requirements.

11. Changes to This Policy

I may update this Privacy Policy from time to time. The most current version will always be available on my website. I encourage you to review this policy periodically.

12. Contact

If you have any questions about this Privacy Policy or how I handle your personal data, please get in touch:

Sophie Jane Hardy

sophie@sophiejanehardy.com

www.sophiejanehardy.com