1.1 Types of Data Collected

We may collect several types of information from and about users of our website and services, including:

• Personal Identifiers: Name, postal address, email address, telephone number.
• Payment Information: Credit card details, bank account information (for payment processing only).
• Service Data: Information about the memorial services you request, including details about your loved ones.
• Technical Data: Internet protocol (IP) address, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform.
• Usage Data: Information about how you use our website and services.

1.2 Methods of Collection

We collect this information through various methods, including:

• Direct interactions when you fill in forms on our website or correspond with us.
• Automated technologies or interactions as you navigate through our website.
• Third parties or publicly available sources, such as business partners, analytics providers, or search information providers.

1.3 Legal Basis for Collection

We collect and process your personal data on the following legal grounds:

• Consent: Where you have given clear consent for us to process your personal data for a specific purpose.
• Contract: Where processing is necessary for the performance of a contract with you.
• Legal Obligation: Where processing is necessary for compliance with a legal obligation.
• Legitimate Interests: Where processing is necessary for our legitimate interests or those of a third party.

2.1 Purpose of Data Processing

We use the information we collect about you for the following purposes:

• To provide and maintain our services, including processing your orders and payments.
• To communicate with you about your orders, inquiries, or requests.
• To notify you about changes to our services or policies.
• To improve our website, products, and services.
• To administer and protect our business and website.
• To deliver relevant content and advertisements to you.
• To measure or understand the effectiveness of the advertising we serve to you.

2.2 Duration of Data Storage

We will only retain your personal data for as long as necessary to fulfill the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure, the purposes for which we process your personal data, and whether we can achieve those purposes through other means.

2.3 Legitimate Business Interests

We may process your personal data for our legitimate business interests, which include:

• Providing and improving our services.
• Ensuring the security of our website and operations.
• Managing our relationship with you.
• Understanding how our customers use our products and services.
• Developing new products and services.
• Marketing our products and services to existing customers.

3.1 Security Measures

We have implemented appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorized way, altered, or disclosed. These measures include:

• Secure Socket Layer (SSL) encryption for all data transmission.
• Regular security assessments and vulnerability testing.
• Firewalls and intrusion detection systems.
• Regular backups to prevent data loss.
• Physical security measures at our premises.

3.2 Staff Training and Access

We limit access to your personal data to those employees, agents, contractors, and other third parties who have a business need to know. They will only process your personal data on our instructions and are subject to a duty of confidentiality.

All our staff receive regular training on data protection and information security to ensure they understand their responsibilities when handling personal data.

3.3 Data Encryption Details

We use industry-standard encryption technologies to protect your data:

• All data transmitted between your browser and our servers is encrypted using TLS (Transport Layer Security).
• Sensitive personal information, such as payment details, is encrypted at rest using AES-256 encryption.
• We maintain PCI DSS compliance for all payment processing activities.

4.1 Types of Cookies Used

Our website uses cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and also allows us to improve our site. We use the following types of cookies:

• Strictly Necessary Cookies: Required for the operation of our website. They include, for example, cookies that enable you to log into secure areas of our website or use a shopping cart.
• Analytical/Performance Cookies: Allow us to recognize and count the number of visitors and to see how visitors move around our website. This helps us to improve the way our website works.
• Functionality Cookies: Used to recognize you when you return to our website. This enables us to personalize our content for you and remember your preferences.
• Targeting Cookies: Record your visit to our website, the pages you have visited, and the links you have followed. We may use this information to make our website and the advertising displayed on it more relevant to your interests.

4.2 Cookie Management Options

You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of this website may become inaccessible or not function properly.

Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.aboutcookies.org or www.allaboutcookies.org.

4.3 Third-Party Cookies

Please note that third parties (including, for example, advertising networks and providers of external services like web traffic analysis services) may also use cookies, over which we have no control. These cookies are likely to be analytical/performance cookies or targeting cookies.

5.1 Data Sharing Circumstances

We may share your personal data with the following categories of third parties:

• Service providers who provide IT and system administration services.
• Professional advisers including lawyers, bankers, auditors, and insurers.
• HM Revenue & Customs, regulators, and other authorities who require reporting of processing activities in certain circumstances.
• Third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets.
• Local authorities and cemeteries when processing permits and installations.

5.2 Partner Selection Criteria

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We carefully select our partners based on the following criteria:

• Compliance with relevant data protection laws and regulations.
• Implementation of appropriate security measures.
• Clear data processing agreements that define responsibilities.
• Reputation and track record in data handling.
• Transparency about their own data practices.

5.3 Data Transfer Safeguards

We do not transfer your personal data outside the European Economic Area (EEA) unless adequate safeguards are in place. These safeguards may include:

• Standard contractual clauses approved by the European Commission.
• Binding corporate rules for transfers within a corporate group.
• Compliance with approved codes of conduct or certification mechanisms.
• Explicit consent from you for the proposed transfer (in limited circumstances).

Under data protection laws, you have rights in relation to your personal data. You have the right to:

If you wish to exercise any of these rights, please contact us using the details provided in the "Contact Us" section below. You will not have to pay a fee to access your personal data or to exercise any of the other rights. However, we may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive.