Last Updated: 3rd November 2025

1. Introduction

Welcome to www.27businessideas.co.uk. Your privacy is very important to us. This policy explains what personal data we collect from you, how we use it, and what your rights are.

This policy is written in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. Who We Are

• Website: www.27businessideas.co.uk

• Data Controller: Rollercoaster Publishing Ltd

• Contact Email: hello@27businessideas.co.uk

• Address: 122 Lovell Road, Cambridge, United Kingdom, CB4 2QP

We are the "data controller" for any personal information you provide to us.

3. What Information We Collect

We may collect the following types of personal data:

• Personal Identification Information: Your name and email address, which you provide when purchasing a product, contacting us, or signing up for our newsletter.

• Transaction Data: Details about payments to and from you, including the products you have purchased. (Note: We do not store your full payment card details; these are processed by our third-party payment processors, [e.g., Stripe, PayPal]).

• Technical Data: Internet protocol (IP) address, browser type and version, time zone setting, operating system, and platform.

• Usage Data: Information about how you use our website, such as which pages you visit.

4. How and Why We Use Your Data (Lawful Basis)

We only use your personal data when the law allows us to. Most commonly, we use it in the following circumstances:

Purpose/Activity

Type of Data

Lawful Basis for Processing

To process and deliver your order (i.e., sell you a Digital Product)

Name, Email, Transaction Data

Performance of a contract with you.

To manage our relationship with you (e.g., respond to your enquiries, ask for feedback)

Name, Email

Legitimate interests (to provide good customer service and improve our products).

To send you marketing communications (e.g., our newsletter with new product alerts or tips)

Name, Email

Consent. You must actively opt-in to receive this, and you can unsubscribe at any time.

To improve our website (e.g., through analytics)

Technical Data, Usage Data

Legitimate interests (to understand how our website is used and make it better).

To comply with a legal obligation

Name, Transaction Data

Legal obligation (e.g., for tax and accounting records).

5. Data Sharing (Third Parties)

We will never sell your personal data. We may have to share your data with the following trusted third parties to run our business:

• Payment Processors: Stripe, PayPal to securely process your payments.

• Email Service Providers: Systeme.io to send you order confirmations and (if you consent) marketing newsletters.

• Website Analytics: Such as Google Analytics, to help us understand website traffic.

• Website Host: Systeme.io

• Government Bodies: Such as HMRC, if required by law for tax purposes.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law.

6. Cookies

Our website uses cookies. Cookies are small text files placed on your computer to collect standard internet log information and visitor behaviour information.

• Essential Cookies: These are necessary for the website to function (e.g., to keep items in your shopping basket).

• Analytics Cookies: These help us understand how visitors use our site (e.g., Google Analytics).

• Marketing Cookies: These are used to track visitors across websites to display relevant ads.

When you first visit our website, you will be shown a cookie banner asking for your consent to use non-essential cookies. You can manage your cookie preferences at any time.

7. Data Security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorised way. Access to your data is limited to those who have a business need to know.

8. Data Retention

We will only keep your personal data for as long as is necessary to fulfil the purposes for which it was collected, including to satisfy any legal, accounting, or reporting requirements.

For example, by law, we have to retain basic customer information (including Contact and Transaction Data) for 6 years after they stop being customers for tax purposes.

9. Your Legal Rights

Under UK data protection law, you have rights regarding your personal data:

• Right to be Informed: To know how we use your data (which is the purpose of this policy).

• Right of Access: To request a copy of the data we hold about you.

• Right to Rectification: To have any inaccurate data corrected.

• Right to Erasure: To ask us to delete your data (this is not an absolute right).

• Right to Restrict Processing: To ask us to limit how we use your data.

• Right to Data Portability: To receive your data in a portable format.

• Right to Object: To object to our processing your data (e.g., for marketing).

To exercise any of these rights, please contact us at [Your Privacy Email Address].

10. How to Complain

If you have any concerns about our use of your personal data, you can contact us at hello@27businessideas.co.uk

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO), which is the UK's supervisory authority for data protection issues.

• Website: www.ico.org.uk

• Helpline: 0303 123 1113

11. Changes to this Policy

We may update this policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last Updated" date.