Privacy Policy

Privacy Policy

Aurora Independent Publishing (aipbooks.com)

1. Introduction

Aurora Independent Publishing (AIP) is committed to protecting your personal data and respecting your privacy. This policy explains what personal data we collect, how we use it, the conditions under which we may disclose it to others, and how we keep it secure.

Aurora Independent Publishing is a trading name of Aurora Training Limited. For the purposes of the UK General Data Protection Regulation (GDPR) and the Data Protection Act 2018, we are the Data Controller responsible for your personal data.

Effective Date: October 7, 2025.

2. Data We Collect About You

We may collect, use, store and transfer different kinds of personal data about you, which we have grouped as follows:

• Identity Data: Includes first name, last name, username, title, and password (when creating an account).
• Contact Data: Includes billing address, delivery address, email address, and telephone numbers.
• Financial Data: Includes details about payments to and from you, but we **do not store full payment card details** (these are securely handled by our payment processors).
• Transaction Data: Includes details about products and services you have purchased from us (e.g., purchase history, digital book titles, physical book orders).
• Technical Data: Includes internet protocol (IP) address, browser type and version, time zone setting and location, operating system, and platform.

3. How and Why We Use Your Data (Legal Basis)

We rely on several legal bases under UK GDPR to process your personal data. The most common uses are:

• To register you as a new customer (Contract): Processing Identity and Contact Data to create and manage your account.
• To process and deliver your order (Contract): Processing Contact, Financial, and Transaction Data to fulfil your purchase, including sharing necessary information with our fulfilment partners (Bookfunnel and BookVault PoD).
• To manage our relationship with you (Legitimate Interest): Including notifying you about changes to our terms or policies and asking you to leave a review.
• To administer and protect our business (Legitimate Interest): Including troubleshooting, data analysis, testing, system maintenance, and fraud prevention.
• Marketing (Consent): Sending you marketing communications where you have explicitly consented to receive them.

4. Sharing Your Personal Data

We may share your data with the following third parties to perform our services:

Fulfillment and Payment Partners

• Bookfunnel (Digital): We share your Email Address and Identity Data to allow them to deliver your digital purchases and provide technical support for those files.
• BookVault Print-on-Demand (Physical): We share your Identity Data, Contact Data, and Transaction Data** (including shipping address) so they can print and dispatch your physical book order.
• Stripe (Payment Processor): We use Stripe to securely handle your Financial Data to process your payments. We do not store full payment card details ourselves.

Website Platform and E-commerce Tools

Our website runs on WordPress and uses WooCommerce for all e-commerce functionality. These tools, and their associated plugins, process data necessary for the site’s operation, security, and sales:

• WordPress & WooCommerce: Store and process all Identity, Contact, Transaction, and Technical Data related to your account creation, purchases, and order history.
• WooCommerce Tax: Uses your Billing and Shipping Address to calculate and apply correct tax rates.
• Hustle (Marketing Forms): Collects and stores Identity and Contact Data (Name and Email) you submit through opt-in forms for marketing communications (based on your consent).
• Beehive Pro (Analytics) and Google for WooCommerce: These tools help us analyse website usage and performance. They share Technical Data (IP address, browser, device, usage) and Transaction Data with third parties (e.g., Google) to track sales, measure performance, and target advertising. This data is often anonymised or aggregated where possible.
• WP Smush and Hummingbird: These performance and image optimisation plugins process website content (images, files) to speed up page loading. They primarily handle Technical Data and do not typically store personal identity information.

Content Delivery Network (CDN)

Our website uses the Stackpath Content Delivery Network (CDN) (via the Hummingbird plugin) to securely and quickly serve files and images globally. Stackpath processes some visitor data on our behalf.

• Stackpath may store web log information of site visitors, including IP addresses, User Agent (UA), referrer, location, and ISP information for up to 7 days.
• Files and images served by the CDN may be stored and served from countries outside of the United Kingdom.
• You can review Stackpath’s privacy policy for further details on their processing practices.

Other Third Parties

We may also share data with professional advisers (e.g., solicitors and accountants), government regulators (HMRC), and general website analytics providers (e.g., Google Analytics).

5. Your Legal Rights (UK GDPR)

Under UK GDPR, you have rights over your personal data. You have the right to:

• Request access to your personal data (commonly known as a “data subject access request”).
• Request correction of the personal data that we hold about you.
• Request erasure of your personal data (“Right to be Forgotten”).
• Object to processing of your personal data where we are relying on a legitimate interest.
• Request the restriction of processing of your personal data.
• Request the transfer of your personal data to you or a third party (data portability).
• Withdraw consent at any time where we are relying on consent to process your personal data (e.g., marketing).

If you wish to exercise any of the rights set out above, please contact us using the details below.

6. Data Security and Cookies

Data Security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. Access to your personal data is limited to those employees, agents, contractors and other third parties who have a business need to know.

Cookies

Our website uses cookies to distinguish you from other users. This helps us to provide you with a good experience when you browse our website and also allows us to improve our site. By continuing to browse the site, you are agreeing to our use of cookies.

7. Contact Information

If you have any questions about this Privacy Policy or our privacy practices, please contact our Data Protection Point of Contact.

Data Protection Point of Contact

Aurora Training Limited (Trading as Aurora Independent Publishing)
Email: data-contact@aipbooks.com

You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues. We would, however, appreciate the chance to deal with your concerns before you approach the ICO.

Policy effective Date: October 7, 2025.