Privacy Policy - richardbarettauthor.com
Last Updated: 12 January 2026
1. Introduction
Welcome to richardbarettauthor.com. This website respects your privacy. This Privacy Policy explains how we collect, use, protect, and share your personal information.
If you do not agree with our privacy practices, please do not access this website.
 
2. About Us
Website Owner: Richard Barrett, Author
Location: London, United Kingdom
Website: richardbarettauthor.com
Type: Online print-on-demand bookstore
Contact Email: info@barrettacademy.com
Contact Address: 19 Buckland Crescent, London NW3 5DH
Fulfillment Partner: Lulu Direct (operated by Lulu, Inc.)
 
3. What Information Do We Collect
3.1 Information You Provide Voluntarily

• Name and email - When you subscribe to the newsletter, contact us, or create an account

• Messages and inquiries - When you send a message through the contact form

• Account information - Username, password (encrypted), preferences

• Payment information - Name, billing address, shipping address (NOT stored; processed by payment provider)

• Order information - What books you purchase, when, and quantities

3.2 Information Collected Automatically

• IP address - Your internet identification number

• Browser and device type - Which browser you use (Chrome, Firefox, Safari, Edge)

• Pages visited - Which pages and books you access

• Time on site - How long you spend reading pages

• Shopping cart data - Items you add to cart (including abandoned carts)

• Device information - Operating system, screen resolution, language

• Referral source - How you found the website

• Cookies and tracking technologies - See Section 7 below

We collect this information to improve your experience, process orders, and understand how our website is used.
3.3 Information from Third Parties
We may occasionally receive information about you from third parties, such as:

• Newsletter providers

• Analytics services

• Payment processors

• Fulfillment partners (Lulu Direct)

We only collect information that you have authorized or that is legally permitted to be shared with us.
 
4. Types of Data We Collect (Summary)
Contact Information

• Examples: Name, email, phone, address

• Used for: Orders, newsletter, support

Account Data

• Examples: Username, password, preferences

• Used for: Account access, personalization

Payment Data

• Examples: Billing address (NOT card details)

• Used for: Processing purchases

Order History

• Examples: Books purchased, dates, quantities

• Used for: Customer service, recommendations

Shipping Data

• Examples: Shipping address, carrier information

• Used for: Order fulfillment by Lulu Direct

Technical Data

• Examples: IP address, browser type, device info

• Used for: Analytics, security, site improvement

Behavioral Data

• Examples: Pages viewed, time on site, clicks

• Used for: Understanding user interests

Cookie Data

• Examples: Cookie IDs, preferences

• Used for: Site functionality, analytics, marketing

5. Why We Collect Your Data
Essential Purposes

• ✓ Process book orders and payments

• ✓ Send order confirmations and shipping updates

• ✓ Provide customer support

• ✓ Share order information with Lulu Direct for fulfillment

• ✓ Secure the website (detect fraud, prevent attacks)

Service Improvement

• ✓ Analyze how visitors use the website

• ✓ Improve website speed and functionality

• ✓ Personalize your experience

• ✓ Fix technical issues

Communication (with your consent)

• ✓ Send newsletters about new books, promotions

• ✓ Respond to your messages

• ✓ Notify you of order updates

Legal Compliance

• ✓ Comply with tax requirements

• ✓ Maintain transaction records (7 years in UK)

• ✓ Comply with court orders

• ✓ Protect against fraud and illegal activity
   

6. Legal Basis for Processing Your Data (GDPR)
We process your personal data based on one of these legal bases:
6.1 Contract
When you make a purchase, we need your data to:

• Process the order

• Send order information to Lulu Direct for printing and shipping

• Handle returns or refunds

• Provide customer support

6.2 Consent
When you:

• Subscribe to the newsletter

• Opt-in to marketing communications

• Accept cookies (except essential)

6.3 Legal Obligation
We may process data to:

• Comply with tax laws

• Maintain transaction records (7 years in UK)

• Comply with court orders

6.4 Legitimate Interest
We process data for:

• Website security

• Fraud detection

• Analytics and improvement

• Customer service
   

7. Cookies and Tracking Technologies
This website uses Usercentrics (also known as Cookiebot) to manage cookies and obtain your consent.
How Cookie Management Works:

1. First visit: A banner appears explaining cookie usage

2. Your choice: You can accept all, reject all, or customize

3. Essential cookies: Always active (required for site to work)

4. Optional cookies: Require your permission

Types of Cookies We Use:
Essential

• Purpose: Site functionality, security, login

• Who sets it: Us

• Can reject: No (site won't work)

Analytics

• Purpose: Track visits, user behavior (anonymized)

• Who sets it: Google Analytics

• Can reject: Yes

Marketing

• Purpose: Show targeted ads across the web

• Who sets it: Advertising networks

• Can reject: Yes

Functional

• Purpose: Remember your preferences, language

• Who sets it: Us

• Can reject: Yes

Social Media

• Purpose: Share content on social platforms

• Who sets it: Facebook, Twitter, etc.

• Can reject: Yes

Your Cookie Choices:
✓ Accept all cookies - Enable full functionality and personalization
✓ Reject all (except essential) - Minimal tracking, no targeted ads
✓ Customize - Choose exactly which cookies you accept
✓ Change anytime - Click the cookie icon in the footer to adjust preferences
Learn More About Cookies:
Visit www.allaboutcookies.org for detailed information about cookies and how to control them in your browser.
Do Not Track:
If your browser has "Do Not Track" enabled, we will honor that preference for advertising cookies. However, essential cookies will still function.
 
8. Who Has Access to Your Data
We share your data only with trusted third parties who help us operate the website:
Wix (Hosting)

• Purpose: Website hosting and platform

• Data Shared: All data needed to operate site

• Privacy: Wix Privacy Policy

Usercentrics

• Purpose: Cookie consent management

• Data Shared: Cookie preferences, consent records

• Privacy: Usercentrics Privacy

Google Analytics

• Purpose: Website visitor analysis

• Data Shared: IP address, pages visited, device type

• Privacy: Anonymized; GA Privacy

Wix Payments

• Purpose: Process book purchases

• Data Shared: Billing address, order information

• Privacy: PCI-DSS compliant; We do NOT store card details

Lulu Direct (Print-On-Demand Fulfillment)

• Purpose: Book printing and shipment fulfillment

• Data Shared: Order information, shipping address, name, email, phone

• Privacy: Lulu Privacy Policy

• Note: When you place an order, we automatically share your order details with Lulu Direct so they can print and ship your books

Important: None of these companies sell your data to third parties. All are contractually bound to protect your information.
 
9. Data Security
This website is hosted by Wix on secure servers with multiple security layers:
✓ SSL Encryption - All data transmitted to/from site is encrypted
✓ Secure Servers - Data stored in secure, restricted-access data centers
✓ Automatic Backups - Regular backups to prevent data loss
✓ Firewall Protection - Advanced security against unauthorized access
✓ PCI-DSS Compliance - Payment processing meets international security standards
✓ Regular Updates - Server software updated with latest security patches
Note: No system is 100% secure. We do everything practical to protect your data.
 
10. Payment & Card Information
Important: We do NOT store your credit card information.
When you make a purchase:

1. You enter payment details on a secure payment page

2. Your card information is processed directly by Wix

3. We receive ONLY confirmation and billing address

4. Card details are NEVER stored on our servers

This is compliant with PCI-DSS security standards for payment card data.
 
11. Order Fulfillment with Lulu Direct
When you purchase a book from our site:
Your Order Data:

• We automatically send your order information to Lulu Direct

• Data includes: Order details, shipping address, name, email

• Purpose: Lulu Direct prints your book and ships it to you

• Processing: Lulu Direct is the fulfillment partner that handles all printing and shipping

Lulu Direct's Data Handling:

• Lulu Direct processes your data according to their privacy policy

• Your data is used only for printing and shipping your order

• Lulu Direct may retain data for warranty and customer service purposes

• Review Lulu Privacy Policy for their practices

Your Rights with Lulu:

• You may have additional rights regarding data held by Lulu Direct

• Contact Lulu Direct directly for questions about their data processing
   

12. Data Retention
We keep your data only as long as necessary:
Newsletter email

• Retention: While subscribed (you can unsubscribe anytime)

• Reason: Active marketing

Contact form messages

• Retention: 1 year

• Reason: Customer support

Order information

• Retention: 7 years

• Reason: Tax requirements (UK)

Payment records

• Retention: 7 years

• Reason: Tax and legal requirements

Account data

• Retention: Until account deletion

• Reason: Account access

Website analytics

• Retention: 14 months

• Reason: Google Analytics default

Cookies

• Retention: As per your preference

• Reason: See cookie settings

Shopping cart data

• Retention: 30 days

• Reason: Recover abandoned carts

Data held by Lulu Direct:

• Lulu Direct may retain data longer for their own business purposes

• See Lulu's privacy policy for their retention practices

When data is no longer needed, we either delete it securely or anonymize it so it cannot be linked to you.
 
13. International Data Transfers
Your data may be processed and stored in different countries:
Data Storage Locations

• United States - Wix servers, Google services

• European Union - Backup servers, some services

• Israel - Wix corporate servers

• Other countries - Through third-party service providers (including Lulu Direct)

Protecting Your Data
Even when transferred internationally, we ensure protection through:

• Data Privacy Framework - EU-US, UK-US, and Swiss-US frameworks

• Standard Contractual Clauses - Legal agreements ensuring data protection

• Adequacy Assessments - Verification that destination countries provide adequate protection

Lulu Direct transfers:

• Lulu Direct may store and process data in multiple countries

• See Lulu Privacy Policy for their data transfer practices
   

14. Sensitive Personal Data
We do NOT intentionally collect sensitive personal data (race, religion, health, biometric data, etc.).
If we accidentally collect sensitive data, we:

• Do NOT use it for marketing

• Do NOT share it with third parties for advertising

• Secure it with enhanced protections

• Delete it promptly
   

15. Your Rights as a Data Subject
Under GDPR (EU) and UK GDPR, you have the right to:
✓ Access - Request a copy of all your personal data
✓ Correct - Update or fix inaccurate information
✓ Delete - Request removal of your data ("Right to be Forgotten")
✓ Restrict - Limit how we use your data
✓ Portability - Get your data in a portable format (e.g., CSV)
✓ Object - Oppose certain types of processing
✓ Withdraw Consent - Stop any processing based on your consent
✓ Opt-out of Marketing - Stop receiving newsletters anytime
How to Exercise Your Rights:
Send an email to info@barrettacademy.com with:

• Your full name

• Email address associated with account

• Clear description of your request

• Proof of identity (if requesting data)

Response time: We will respond within 30 days (may extend to 90 days for complex requests).
 
16. Verification of Data Requests
To protect your privacy, we verify all data requests to ensure:

• Requests come from the actual data subject or authorized agent

• Identity is legitimate

• Prevention of unauthorized access to your data

Verification process:
We will match information you provide with our records. For most requests, matching name, email, and order history is sufficient.
 
17. Authorized Agents
You can authorize another person (lawyer, family member) to make a data request on your behalf.
Requirements:

• Written authorization from you

• Proof of authorization

• Authorized agent's contact information
   

18. Non-Discrimination
We do NOT discriminate against you for exercising your data protection rights.
You will receive the same service and pricing whether or not you request data, delete information, or opt-out of marketing.
 
19. Complaints and Appeals
Right to Complain to Authorities:
If you believe we have violated your privacy rights, you can lodge a complaint with:
UK (if resident):

• Information Commissioner's Office (ICO)

• ico.org.uk

EU (if resident):

• Your national data protection authority

• European Data Protection Board

You are not required to contact us first; you can complain directly to authorities.
Appealing Our Decision:
If we deny your data request and you disagree:

1. Reply to our decision within 30 days

2. Include reason you believe we should reconsider

3. We will review and respond within 30 days

If still dissatisfied, you can:

• Complain to the data protection authority (see above)

• Seek legal advice

• Contact a data protection attorney
   

20. Children's Privacy
This website is NOT intended for children under 16 years old.
We do NOT knowingly collect data from children under 16. If we discover we have, we will delete it immediately.
Parents/guardians concerned about their child's data should contact us at info@barrettacademy.com.
 
21. Third-Party Links
This website may contain links to other websites (e.g., payment processors, book publishers).
We are NOT responsible for their privacy practices. Please review their privacy policies separately. We recommend reading policies for:

• Payment processors

• Lulu Direct (fulfillment partner)

• Shipping companies

• Analytics services

• Any linked websites
   

22. Changes to This Privacy Policy
We may update this policy if:

• Laws change

• Our practices change

• We add new services

• Third-party relationships change

Material changes will be announced by:

• Email notification (if you have an account)

• Banner notification on the website

• Update to the "Last Updated" date

Last Updated: 12 January 2026
 
23. Contact Information
If you have any questions or concerns about our use of your personal data, please contact us at info@barrettacademy.com or at the following address: 
‍Barrett Academy for the Advancement of Human Values, 
19 Buckland Crescent, London NW3 5DH.
 
24. Glossary of Terms
Personal Data - Any information that can identify you directly or indirectly (name, email, IP address, etc.)
Processing - Any action taken with personal data (collecting, using, storing, sharing, deleting)
Controller - The person or organization that decides HOW and WHY data is processed (us, Richard Barrett)
Processor - A person or organization that processes data on behalf of the controller (Wix, Google Analytics, Lulu Direct)
Consent - Your clear, voluntary agreement to specific processing
Data Subject - The person whose data is being processed (you)
GDPR - General Data Protection Regulation (EU law)
UK GDPR - UK version of GDPR (applies to UK residents)
CCPA - California Consumer Privacy Act (US law for California residents)
Sensitive Personal Data - Special category data (race, religion, health, biometric, political views)
Data Breach - Unauthorized access, loss, or misuse of personal data
Data Protection Authority - Government agency that enforces privacy laws
Print-On-Demand - Books are printed after purchase, not kept in inventory
Fulfillment - The process of receiving, printing, and shipping orders
This Privacy Policy is written to be clear and understandable. If you have questions, please contact us.