Privacy Policy

Effective Date: August 22, 2025

At Antiqciaga, we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your data when you visit our website (https://antiqciaga.com), interact with our services, or make purchases. We operate as an antique gallery specializing in Chinese antiques, with all orders available for in-person collection only at our London location. Our practices comply with applicable laws, including the UK General Data Protection Regulation (GDPR) and other relevant data protection regulations.

Who We Are

Our website address is: https://antiqciaga.com.
Antiqciaga is owned and operated by Antiqciaga, located at Unit 6 Glengall Business Centre, 43-47 Glengall Road, London, SE15 6NF, United Kingdom.

Contact us at:

We are a family-run business dedicated to preserving and sharing Chinese heritage through authenticated antiques, such as Tibetan dZi Beads, ancient porcelain, jade, and agate. Our gallery is open by appointment only, and we offer private viewings and educational experiences.

What Personal Data We Collect and Why We Collect It

We collect personal data to provide our services, process inquiries and purchases, communicate with you, and improve our website. The types of data we collect depend on how you interact with us. We only collect what is necessary and obtain your consent where required (e.g., via GDPR checkboxes on forms).

Comments

When visitors leave comments on the site (if enabled), we collect the data shown in the comments form, along with the visitor’s IP address and browser user agent string to help detect spam. An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Media

If you upload images to the website (e.g., via inquiries), you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors can download and extract any location data from images on the website.

Contact Forms

We use WS Form Pro to manage forms on our site, including:

  • Contact Us Form: Collects first name, last name, email, phone, and inquiry message.
  • Appointment Form: Collects full name, company name, email, phone, number of guests, preferred date/time, job title, and message.
  • Price Enquiry Form: Collects title (optional), name, email, contact number, and message.
  • Newsletter Signup Form: Collects email address.

All forms include a GDPR consent checkbox where you agree to us storing your information to respond to your inquiry or send updates. We use this data to respond to your requests, schedule appointments, provide price information, or send newsletters about new arrivals, events, and offers. Submissions are retained for customer service purposes but not used for marketing without consent. You can unsubscribe from emails at any time by contacting us or using the unsubscribe link in emails.

Cookies

We use cookies to enhance your experience. If you leave a comment, you may opt-in to saving your name, email, and website in cookies for convenience (lasting one year). Visiting the login page sets a temporary cookie to check browser compatibility (no personal data, discarded on close). Logging in sets cookies for login info (two days) and screen options (one year), or two weeks if “Remember Me” is selected. Editing articles adds a one-day cookie with the post ID.

WooCommerce uses cookies to track cart contents, products viewed, location, IP address, and browser type for purposes like estimating taxes. These help us manage your shopping experience but do not involve shipping calculations, as all orders are for local pickup only.

Embedded Content from Other Websites

Articles may include embedded content (e.g., videos, images). This behaves as if you visited the other site, which may collect data, use cookies, or track interactions if you’re logged in there.

Analytics

We may use anonymous analytics from our hosting provider or tools like Google Analytics to understand site usage. This includes non-personal data like page views. You can opt out via browser settings or tools like Google Analytics Opt-Out (https://tools.google.com/dlpage/gaoptout). We do not collect analytics data for marketing without consent.

WooCommerce Data (Transactions)

During checkout, we collect:

  • Products viewed, location, IP address, browser type (for taxes and fraud prevention).
  • Name, billing address, email, phone, payment details (processed via Stripe), and optional account info.

This is used to: process orders, respond to requests (e.g., refunds), prevent fraud, comply with legal obligations (e.g., taxes), and improve offerings. If you create an account, we store name, address, email, and phone for future checkouts. Order data is retained for tax and accounting purposes (e.g., up to 10 years). We do not store sensitive payment details; these are handled by Stripe.

We do not collect or retain sensitive personal data like health information.

Who We Share Your Data With

We share data only as necessary:

  • With Stripe for payment processing (see Stripe Privacy Policy: https://stripe.com/gb/privacy). They receive purchase total and billing info.
  • Team members (Administrators/Shop Managers) access order and customer info to fulfill orders and provide support.
  • Third-party services like cloud hosting or email providers, bound by data protection agreements.

We do not sell or share data for marketing purposes without consent. No data is shared with advertisers.

How Long We Retain Your Data

  • Contact form submissions: Retained for 6 months for customer service, unless longer for legal reasons.
  • Newsletter emails: Until you unsubscribe.
  • Comments: Indefinitely (if enabled).
  • Analytics: Anonymized and retained for up to 1 year.
  • Order data: Up to 10 years for tax/accounting.
  • Accounts: Indefinitely, or until deletion request.

Data is deleted when no longer needed, unless required by law.

What Rights You Have Over Your Data

Under GDPR and similar laws, you have rights to:

  • Access your data.
  • Correct inaccuracies.
  • Erase data (right to be forgotten).
  • Restrict processing.
  • Object to processing (e.g., marketing).
  • Data portability.

If you have an account or left comments, request an exported file or erasure (excluding data kept for admin/legal/security). Contact us at contact@antiqciaga.com to exercise rights.

Where Your Data Is Sent

Data may be transferred to Stripe (U.S.-based), safeguarded under EU-U.S. Data Privacy Framework. We ensure transfers comply with GDPR via standard contractual clauses. Visitor comments may be checked via automated spam services.

How We Protect Your Data

We use encryption (HTTPS), firewalls, access controls, and regular updates. Staff are trained in data protection. We conduct risk assessments.

What Data Breach Procedures We Have in Place

In case of a breach, we notify affected users and authorities within 72 hours (if required). We have internal reporting and response protocols.

What Third Parties We Receive Data From

We do not receive user data from third parties like advertisers.

What Automated Decision Making and/or Profiling We Do With User Data

We do not use automated decision-making or profiling.

Industry Regulatory Disclosure Requirements

We comply with antique trade regulations but are not subject to additional privacy laws beyond GDPR.

For questions, contact our Data Protection Officer at contact@antiqciaga.com. We may update this policy; changes will be posted here.