Data Security Policy for Hazeydays.co.uk

HazeyDays.co.uk is committed to safeguarding the personal and financial data of our customers and maintaining the highest standards of data security. This policy outlines how we handle, protect, and manage data on our WordPress WooCommerce website and integrated Viva Wallet payment gateway.

1. Scope

This policy applies to all personal, transactional, and sensitive data collected through HazeyDays.co.uk and its associated systems, including WordPress, WooCommerce, and Viva Wallet integrations.

2. Data Collection

We collect and process the following types of data:

  • Personal Data: Name, email address, phone number, billing and shipping address.
  • Transactional Data: Order details, payment method, transaction ID (via Viva Wallet).
  • Device Data: IP address, browser type, and cookies for website functionality and analytics.

3. Data Storage

  • Website Data: Stored in a secure database hosted on Next Theme LTD. Access is restricted to authorized personnel only.
  • Payment Data: Handled exclusively by Viva Wallet. No credit card or sensitive payment information is stored on our servers.
  • Backup Policy: Website and database backups are encrypted and stored offsite.

4. Security Measures

  • Encryption: All data transmitted between the website and users is encrypted using SSL/TLS protocols.
  • Access Controls: Admin access to WordPress and WooCommerce is restricted to essential personnel, using strong, unique passwords and two-factor authentication (2FA).
  • Regular Updates: WordPress core, plugins, and themes are regularly updated to mitigate vulnerabilities.
  • Firewall and Malware Scanning: Implemented via [Insert Security Plugin/Service, e.g., Wordfence or Sucuri].

5. Payment Security

  • Viva Wallet Integration: Payments are processed securely through Viva Wallet, which complies with PCI DSS standards.
  • No Payment Data Storage: All payment data is handled externally and not retained on HazeyDays.co.uk.

6. Data Sharing

We do not sell, rent, or share customer data with third parties except as required for:

  • Processing orders (e.g., courier services for shipping).
  • Compliance with legal or regulatory obligations.

7. User Rights

Customers have the right to:

  • Access their personal data.
  • Request corrections to their data.
  • Request data deletion, subject to legal and transactional record-keeping requirements.

To exercise these rights, contact us at tom@hazeydays.co.uk

8. Data Breach Protocol

In the event of a data breach:

  1. Affected systems will be isolated immediately.
  2. An investigation will be conducted to determine the scope and impact.
  3. Relevant authorities (e.g., Information Commissioner’s Office) and affected customers will be notified within 72 hours if personal data is involved.
  4. Remedial action will be taken to prevent future breaches.

9. Cookies and Tracking

HazeyDays.co.uk uses cookies to enhance user experience and analyze site usage. Users can manage their cookie preferences through our [Cookie Consent Manager].

10. Policy Review

This policy is reviewed annually or when significant changes to our systems or processes occur.

Contact Information

For questions or concerns about this policy, contact:
Email: tom@hazeydays.co.uk
Phone: 07860665801

By using HazeyDays.co.uk, you agree to the terms outlined in this Data Security Policy.