Legal

Privacy Policy

Your privacy matters to us. This policy explains how we collect, use, and protect your personal data.

Last updated: 15 January 2025 Effective: 1 February 2025
Questions? Contact us

Introduction

Rilvo Ebooks ("we", "us", "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website rilvo-ebooks.co.uk (the "Site"), use our services, purchase ebooks, or interact with us in any way.

Please read this Privacy Policy carefully. By accessing or using our Site, you acknowledge that you have read, understood, and agree to be bound by the terms of this Privacy Policy, in conjunction with our Terms of Service.

In this policy, "personal data" means any information relating to an identified or identifiable natural person. "Processing" means any operation performed on personal data.

Information We Collect

We collect information in the following ways:

Information You Provide Directly

  • Account registration details: name, email address, and password
  • Payment information: card details (processed securely by our payment provider — we do not store full card numbers)
  • Contact form submissions: name, email, topic, message content
  • Newsletter subscription: email address
  • Author submissions: name, email, manuscript content, biographical information

Information Collected Automatically

  • Device information: browser type, operating system, device type, screen resolution
  • Usage data: pages visited, time spent on pages, click patterns, search queries
  • IP address and general geographic location (country/city level only)
  • Referral source and exit pages

Information from Cookies & Similar Tech

We use cookies, local storage, and similar technologies to enhance your experience. See the Cookies & Tracking section below for full details.

How We Use Your Information

We use your personal data for the following purposes:

Order Processing

Processing purchases, deliveries, and refunds

Account Management

Creating and managing your user account

Personalisation

Book recommendations and tailored content

Communication

Order confirmations, updates, and support

Marketing

Newsletters and promotional offers (with consent)

Security

Fraud prevention and platform protection

Analytics

Improving our site and services

Legal Compliance

Meeting legal and regulatory obligations

Sharing Your Information

We do not sell your personal data to third parties. We may share your information with:

  • Payment Processors

    We use PCI-DSS compliant payment providers to process transactions. Card details are never stored on our servers.

  • Hosting & Infrastructure

    Our hosting provider stores and serves our website data securely. All data is encrypted in transit and at rest.

  • Email Service Providers

    We use email services to send order confirmations, password resets, and (with consent) marketing emails.

  • Legal Authorities

    When required by law, regulation, or valid legal process (e.g., court orders, law enforcement requests).

Cookies & Tracking Technologies

We use cookies and similar tracking technologies for the following purposes:

TypePurposeDuration
EssentialAuthentication, security, session managementSession / 30 days
FunctionalRemember preferences, language, view settingsUp to 1 year
AnalyticsUnderstanding how visitors use our siteUp to 2 years
MarketingTargeted advertising and campaign trackingUp to 1 year

You can manage your cookie preferences through your browser settings. Disabling essential cookies may affect the functionality of the Site. For more information on managing cookies, visit allaboutcookies.org.

Data Security

We implement appropriate technical and organisational measures to protect your personal data, including:

SSL/TLS encryption for all data in transit
Encrypted database storage at rest
Regular security audits and penetration testing
Access controls and principle of least privilege
Password hashing using bcrypt/argon2
Regular encrypted backups with disaster recovery

While we strive to protect your data, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security but are committed to maintaining industry-best protections.

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected:

Data TypeRetention Period
Account dataWhile your account is active + 30 days after deletion
Order history6 years (UK tax & accounting requirements)
Payment records6 years (legal requirement)
Contact form submissions12 months after resolution
Newsletter subscriptionsUntil you unsubscribe
Analytics data26 months (anonymised thereafter)

Your Rights

Under UK GDPR, you have the following rights regarding your personal data:

Right of Access

You can request a copy of the personal data we hold about you. We'll provide this within 30 days, free of charge.

Right to Rectification

You can request correction of inaccurate or incomplete personal data. You can update most data directly in your account settings.

Right to Erasure ("Right to be Forgotten")

You can request deletion of your personal data, subject to certain legal exceptions (e.g., ongoing legal obligations).

Right to Restrict Processing

You can request that we limit how we use your data in certain circumstances.

Right to Data Portability

You can request your data in a structured, machine-readable format (e.g., JSON or CSV).

Right to Object

You can object to processing based on legitimate interests, including profiling for direct marketing.

Right to Withdraw Consent

Where processing is based on consent, you can withdraw it at any time via your account settings or by contacting us. This does not affect the lawfulness of processing before withdrawal.

How to exercise your rights: Contact us at hello@rilvo-ebooks.co.uk or use the contact form. We'll respond within 30 days. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO).

Children's Privacy

Our Site and services are not directed at children under 13 years of age. We do not knowingly collect personal data from children under 13.

If you are a parent or guardian and believe your child has provided us with personal data, please contact us immediately at hello@rilvo-ebooks.co.uk and we will take steps to delete such information promptly.

While we sell children's ebooks (for ages 5–12), purchases must be made by a parent or guardian who is at least 18 years old.

International Data Transfers

Your data is primarily stored and processed within the United Kingdom and the European Economic Area (EEA).

In some cases, your data may be transferred to countries outside the UK/EEA (e.g., when using certain cloud infrastructure or analytics providers). Where this occurs, we ensure appropriate safeguards are in place, such as:

  • Adequacy decisions by the UK government
  • Standard Contractual Clauses (SCCs) approved by the ICO
  • Binding Corporate Rules where applicable

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes:

  • We will update the "Last updated" date at the top of this page
  • We may notify you by email (for registered users) or via a site notice
  • Your continued use of the Site after changes constitute acceptance of the updated policy

We encourage you to review this page periodically for the latest information on our privacy practices.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Company

Rilvo Ebooks

Address

London, United Kingdom

For data protection enquiries specifically, you can also reach our Data Protection Officer at dpo@rilvo-ebooks.co.uk.

If you are unsatisfied with our response, you have the right to lodge a complaint with the UK Information Commissioner's Office (ICO) at ico.org.uk/make-a-complaint.