Privacy policy
Hollow Rocks Ltd Privacy Policy – Merchandise Sales
Last updated: 14/11/2025
1. PRIVACY STATEMENT
Hollow Rocks Ltd greatly respects your privacy. As a result, we take the task of protecting your personal data such as name, date of birth, address, email address telephone number, etc. very seriously and in accordance with the General Data Protection Regulation and Data Protection Act.
The principles require data to be fairly and lawfully processed; accurate and kept up to date; adequate; relevant and not excessive; kept no longer than necessary; processed in accordance with the rights of data subjects; held securely; and not transferred to countries without adequate protection. We will observe the principles of data avoidance and data minimization. That means we will collect, process and use as little data as possible.
The personal information which you provide through the Hollow Rocks Ltd website and app is collected, stored and processed by Hollow Rocks Ltd.
Hollow Rocks Ltd is committed to ensuring the privacy of your information. We understand that the privacy of your information is very important to you. We are careful about the information we ask you to provide and only use your information to process orders and to provide you with in-app notifications of special offers which may be of interest to you.
We have set out below details of the information we will collect about you, how we ensure the security of your information and how we will use your information.
This Privacy Policy explains how we collect, use and protect your information when you purchase merchandise from us. By buying our products or interacting with our website, you agree to the practices described below
2. PERSONAL DATA AND CONTENT
We will collect, process and use your personal data only if this is necessary for substantiating, implementing or terminating a contractual customer relationship or similar. Data includes information such as your Full name, Email address, Phone Number, Billing and Delivery address, Order & Usage information, Products purchased, Order history.
In the remainder of cases, we will only collect, process and use your personal data following your prior consent. Your personal data will only be used for the purpose and to the extent to which you have consented. For example, we will only inform you of our products and offers once your consent has been received.
2A. Payment Information
- Payment details are processed securely by our payment provider (e.g., Stripe, PayPal).
- We do not store or have access to your full card details.
You can withdraw your consent with future effect at any time. On receipt of your withdrawal request your data will be deleted. Requesting the withdrawal of your data should be sent to the following email address: admin@hollowrocks.com
3. AUTOMATICALLY GENERATED DATA
While using the pages on our website, personal data may be automatically processed. Typically, this relates to the name of your internet provider, your IP address, the browser you are using, your operating system, the web pages you visited on our website and the website from which you accessed our website. In all the above-mentioned cases the processing of such data is carried out anonymously, it is impossible to assign and therefore identify any individual person from this data.
4. COOKIES
A cookie is a small data file that certain web sites write to your hard drive when you visit them. The only personal information a cookie can obtain is information a user supplies themselves. A cookie cannot read data from your hard disk or read cookie files created by other sites. Cookies, however, enhance our website performance in several ways, including providing a secure way for us to verify your identity during your visit to our website and personalising your experience on our site, making it more convenient for you.
This website uses cookies so that we can serve you better. This site uses visitor tracking software that will use cookies to track information about how visitors come.
Should you wish to do so, you can refuse cookies by disabling them in your web browser's settings, and you do not need to have cookies turned on to successfully use our service. Most browsers are defaulted to accept and maintain cookies and you can set your browser to notify you when you receive a cookie, giving you the chance to decide whether to accept it or not. Please consult the support documentation for your web browser, which can be found online, for more information.
5. HOW WE STORE YOUR PERSONAL INFORMATION
Your personal information is used to enable us to: process and deliver your merchandise orders, communicate order updates or issues, handle returns, exchanges or customer support, improve our website, service, and product offerings, comply with legal or tax obligations, verify your identity and to help Hollow Rocks Ltd provide the best possible service. The Hollow Rocks Ltd website and app store your data on a trusted third-party system. Hollow Rocks Ltd may also use your information to provide information about offers, products, discounts and any services available at Hollow Rocks. Hollow Rocks Ltd will make no further use of your information.
The Hollow Rocks Ltd website and app adhere to strict security procedures in the storage and disclosure of information, which you have given us, to prevent, unauthorised access or improper use. Your data is stored on a secured server which is password protected so that no data is left in its paper form on the premises. Our security procedures mean that we may occasionally request proof of identity before we are able to disclose sensitive information to you. We have a strict internal policy, which members of staff must comply with as a condition of employment and no external access to the system is permitted.
6. SHARING YOUR INFORMATION
We may share your personal information with carefully selected and trusted third-party service providers. We only disclose information where it is necessary for them to deliver their services to us, and only to the extent required for that specific purpose. All third-party partners are contractually obligated to keep your information secure, confidential, and to process it only in accordance with our instructions and applicable data protection laws (including the UK GDPR).
We may share your data with the following categories of third parties:
6A. PAYMENT PROCESSORS
We use external payment providers to securely handle transactions made through our website or any other sales channel. These providers process your payment information—such as your card details, billing address, and transaction amount—solely for the purpose of completing the purchase. We do not store or have access to full card details. Payment processors may conduct fraud-prevention checks or identity verification as part of their security protocols.
6B. DELIVERY, COURIER, AND LOGISTICS SERVICES
When you place an order, we share relevant delivery information—such as your name, delivery address, email address, and telephone number—with our chosen delivery partners. This allows them to process, ship, and deliver your order, provide tracking updates, and contact you if required to complete delivery.
6C. IT, HOSTING, AND WEBSITE SERVICE PROVIDERS
To operate our website and internal systems, we partner with providers who offer hosting, data storage, analytics, customer support tools, and general IT infrastructure. These partners may have access to personal data such as IP addresses, device information, account details, and user interactions with our website. Access is provided strictly for maintenance, security monitoring, platform functionality, troubleshooting, or analytical insights to improve our services.
6D. PROFESSIONAL ADVISORS (IF APPLICABLE)
We may share limited personal information with legal advisors, accountants, auditors, and insurers where required for compliance, legal claims, risk management, or financial reporting purposes. These parties are bound by professional confidentiality obligations.
6E. REGULATORY OR LEGAL AUTHORITIES
In rare circumstances, we may need to share information with law enforcement, regulatory bodies, or government authorities when legally required to do so—for example, to comply with a court order, prevent fraud, or protect the rights and safety of our business or customers.
We do not sell your personal data to any third party.
All partners only receive the minimum necessary information to perform the service they provide, and they are prohibited from using it for their own marketing or any other unrelated purpose.
7. HOW WE PROTECT YOUR DATA
We take the security of your personal information seriously and implement a range of technical and organisational measures to protect it from unauthorised access, loss, misuse, or disclosure. These measures are regularly reviewed and updated to ensure an appropriate level of protection for the type of data we process.
Our data protection practices include, but are not limited to:
7A. TECHNICAL SECURITY MEASURES
Secure, encrypted payment processing: All payment transactions are handled through PCI-compliant payment processors who use industry-standard encryption and security protocols. We do not store your full payment card details on our systems.
Encrypted data transmission: Any information sent between your browser, and our website is encrypted using HTTPS and SSL/TLS technology to prevent interception by unauthorised parties.
Secure servers and firewalls: We host our systems on secure servers protected by firewalls, intrusion detection systems, and continuous security monitoring.
Data minimisation and pseudonymisation (where appropriate): We collect only the information necessary for our purposes and apply additional protection to sensitive data.
7B. ORGANIZATIONAL SECURITY MEASURES
Restricted access to personal data: Only authorised staff and service providers who need access to fulfil their role or provide support are allowed to handle your data. Access is granted on a strict “need-to-know” basis.
Staff training: All employees handling personal information receive training on data protection, confidentiality, and security best practices.
Policies and procedures: We maintain internal policies governing data handling, retention, access control, and breach response.
Regular security assessments: We periodically review our systems, processes, and suppliers to ensure compliance with data protection requirements.
7C DATA BREACH PROCEDURES
In the unlikely event of a personal data breach, we have procedures in place to detect, respond to, and mitigate the impact. Where legally required, we will notify the relevant supervisory authority and affected individuals without undue delay. To reduce the risk of breaches we use regular system monitoring to detect suspicious behaviour, security threats, or unauthorised access attempts., routine security updates and maintenance, including software patching, vulnerability scanning, and malware protection. periodic reviews or our security protocols, ensuring they remain effective and aligned with current best practices and ongoing risk assessments, to evaluate potential threats and strengthen defences across our systems and processes.
8. YOU HAVE A RIGHT TO ACCESS THE INFORMATION THAT HOLLOW ROCKS LTD HOLDS ABOUT YOU
You can request a copy of the personal information held by us and have any inaccuracies corrected. We will request proof of identity before processing such a request. Please make any requests for information to Hollow Rocks Ltd at the address below. We will delete your personal data when the relevant legal data protection regulations call for this. For instance, we will delete the data collected for a competition if you have not consented to your data being collected, processed and used for any other purpose. In cases of consent being given, we will delete your data following the retraction of your approval or the discontinuation of the purpose of your consent.
If requested, we will totally block or partially block your personal data. Regarding this arrangement, you are to inform us of the extent and the duration that this should be carried out for. If this is technically possible, you will be able here to exclude your data from being processed and used for certain purposes.
9. THIRD PARTY ACCESS TO YOUR PERSONAL DATA
Hollow Rocks Ltd will not disclose your information to any third parties if you have requested not to. We may pass on some general statistical information about our customers, sales figures, traffic patterns and related matters to reputable third parties, but these details will not include any personally identifying information. We may also disclose information about you if required to do so by law.
10. CHANGES TO THE PRIVACY POLICY
We keep this Data Protection Notice constantly up to date. As a result, it may be necessary to adapt this Data Protection Notice to accommodate any factual or legal changes to the basic conditions. By using our websites, you have accepted these adaptations.
11. CONTACT
If you have any queries or concerns about the privacy of your information, please contact Hollow Rocks Ltd at admin@hollowrocks.com, or via post at Hollow Rocks, 29-31 Essex Road, London, N1 2SA, UK.
12. ADVICE
You are more than welcome to contact us at any time should you have questions relating to the collection, processing and utilisation of your personal data. We will also gladly provide you with general information regarding data protection. For this purpose, please contact us using the following email address: admin@hollowrocks.com
12. DATA PROTECTION OFFICER
Our Data Protection Officer is Anthony Klein. If you wish to contact our Data Protection Officer, please email: admin@hollowrocks.com
