Privacy Policy

Who we are

Haus of Graft is operated by Matt, a sole trader based in the United Kingdom. This privacy policy explains how we collect, use, and protect your personal data when you visit hausofgraft.com or purchase our digital products.

For any privacy-related questions, contact us at: [email protected]

What data we collect and why

We collect only the minimum personal data necessary to process your purchase and deliver your product.

Purchase data — when you buy a product, your payment and order are processed by Systeme.io, our third-party checkout and delivery platform. The data they collect (name, email address, payment information) is governed by Systeme.io’s privacy policy. We receive only what is necessary to fulfil your order and provide customer support.

Website analytics — we may use basic, privacy-respecting analytics to understand how visitors use this site. This data is aggregated and does not identify individual users.

Communications — if you contact us directly by email, we will use your email address solely to respond to your enquiry.

Legal basis for processing

Under UK GDPR, we process your personal data on the following legal bases:

• Contract — to fulfil your purchase and deliver the digital product you have bought
• Legitimate interests — to improve our products and website, and to prevent fraud
• Legal obligation — to comply with UK tax and accounting requirements

How we store and protect your data

We do not store payment card information. Payment processing is handled entirely by Systeme.io and their payment partners. Any personal data we hold (e.g. email correspondence) is stored securely and accessed only by Matt. We do not share data with unauthorised third parties.

Third parties

We use the following third-party services which may process your data:

• Systeme.io — checkout, product delivery, and email. Privacy policy →
• Netlify — website hosting. Privacy policy →
• Meta (Facebook/Instagram) — advertising measurement via Meta Pixel, loaded only with your consent. Privacy policy →

We do not sell, rent, or share your personal data with any other third parties for marketing purposes.

Cookies

This website uses cookies in the following categories:

• Essential cookies — required for the site to function, including session and security cookies set by Netlify (our hosting provider)
• Advertising cookies — we use the Meta Pixel (Facebook/Instagram) to measure the performance of our advertising campaigns. This cookie tracks conversions and may be used to show you relevant ads on Meta platforms. It is only set with your consent
• Third-party cookies — Systeme.io (our checkout provider) and Google Fonts (CDN) may set technical cookies during your visit

When you first visit the site, you will be asked to accept or decline advertising cookies via our consent banner. You can change your preference at any time by clearing your browser’s local storage for this site.

For more information on Meta Pixel and how Meta uses this data, see Meta’s Privacy Policy →

Your rights under UK GDPR

As a UK resident, you have the following rights regarding your personal data:

• Right of access — you can request a copy of the data we hold about you
• Right to rectification — you can ask us to correct inaccurate data
• Right to erasure — you can ask us to delete your data where there is no legal reason to retain it
• Right to restrict processing — you can ask us to limit how we use your data
• Right to object — you can object to processing based on legitimate interests
• Right to data portability — you can request your data in a portable format

To exercise any of these rights, email us at [email protected]. We will respond within 30 days.

Complaints

If you are unhappy with how we have handled your data, you have the right to lodge a complaint with the UK’s Information Commissioner’s Office (ICO) at ico.org.uk or by calling 0303 123 1113.

Data retention

We retain purchase records for 7 years in line with UK HMRC requirements. Email correspondence is retained only as long as necessary to resolve your enquiry.

Children

Our products are intended for adults. We do not knowingly collect data from anyone under the age of 16. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.

Changes to this policy

We may update this policy from time to time. The date at the top of this page will reflect the most recent update. Continued use of the site after changes constitutes acceptance of the updated policy.