Free UK Shipping*
5% off Pre-Orders*
0% interest with Clearpay
Teenage Mutant Ninja Turtles
Biker Mice From Mars
Nacelle
Vintage Toys
Teenage Mutant Ninja Turtles
Biker Mice From Mars
Nacelle
Vintage Toys

Cart

Your cart is currently empty.

Continue shopping
Total
£0.00

Interlude Data Retention Policy

Last Updated: 28/11/25

At Interlude, we care about your privacy. This policy explains how we store, manage, and protect your data, as well as how long we keep it.

TL;DR

  • No card details stored: payments handled by Stripe, Google Pay, Apple Pay, PayPal and Clearpay (online), and SumUp (trade shows).
  • Transaction records: kept for up to 6 years, customer support records for 1 year.
  • Data disposal: Securely deleted or anonymised when no longer needed.
  • Security measures: 2FA & password managers protect access.
  • Need data removed? Email team@interludeshop.co.uk.

 

Data Retention Policy in Full

Purpose of this policy

At Interlude, we take data security and privacy seriously. While we do not store or process payment card details, we handle order and transaction records as part of running our eCommerce store and in-person sales. This policy ensures that we keep only what's necessary and securely remove outdated data.

Data We Keep

Transactional

We store transaction records related to customer orders, including:

  • Order details (e.g., items purchased, shipping address, contact information).
  • Payment status (e.g., successful, pending, refunded).
  • Sales history for business reporting and customer service.
  • All online payments are handled securely by Stripe, Google Pay, Apple Pay, PayPal and Clearpay.
  • In-person payments at trade shows are processed through SumUp.

All of these providers are PCI DSS-compliant.

Marketing & Communication Data

  • If you have opted into marketing emails, we retain your contact details for as long as you remain subscribed.
  • You can unsubscribe at any time, and we will remove your data from our mailing list.

How Long We Keep Data

We only retain order and transaction records for as long as necessary for legal, tax, and business purposes in compliance with UK regulations. Our retention periods are:

  • Transaction records: Retained for up to 6 years for accounting and legal compliance.
  • Customer support records: Retained for up to 1 year unless needed for ongoing assistance.

After these periods, data is securely deleted — at which point, we only retain anonymised, aggregate data for business insights and reporting.

How We Secure & Delete Data

  • Automated deletion: We rely on our platforms (Shopline and our payment providers) to manage data retention and securely remove outdated records.
  • Manual review: Every 3 months, we review stored data and securely delete anything exceeding the retention period.
  • Exported data handling: If reports are downloaded, they are stored securely and deleted once no longer needed.

Storage, Processing, and Transmission of Cardholder Data

Our business does not store cardholder data. We use trusted third-party payment providers (Stripe, Google Pay, Apple Pay, PayPal, Clearpay and SumUp) to handle all transactions:

  • Stripe is used for processing online payments on our eCommerce site. Customers enter their payment details directly into Stripe's secure payment gateway, which is integrated into our website. We access transaction information via Stripe's login portal.
  • SumUp Solo Terminal is used at trade shows for in-person transactions. Payments are processed securely through SumUp's system, and we access transaction records via the SumUp login portal.

As all payment processing is handled by PCI DSS-compliant third-party providers, we do not store, process, or transmit cardholder data directly.

Business Premises Type and Locations for PCI DSS Assessment

  • Fulfilment Location: One physical location where orders are processed and fulfilled. This location also provides access to the eCommerce site and payment provider services.
  • Workspace Location: An additional private workspace used by the team to access the eCommerce site and payment provider services.

Security Measures

To protect customer data and business accounts, we enforce two-factor authentication (2FA) for access to key platforms (e.g., Shopline, Stripe, SumUp). Additionally, we use secure password management tools to maintain strong and unique passwords across all systems.

Access & Privacy

  • Only authorised team members can access transaction records.
  • Customer information is never shared, except as required by law or with secure service providers (e.g., for shipping or payment processing).

Requesting Data Deletion

If you would like us to delete your personal data, you can contact us at team@interludeshop.co.uk.

  • We will aim to respond to your request within one month. If your request is particularly complex, we may extend this by up to two additional months and will inform you if so.
  • We will review your request and confirm which data can be deleted, based on legal and business requirements.
  • For compliance purposes, transaction records may be retained for up to 6 years for tax and legal obligations, but we can remove marketing and non-essential data upon request.
  • Once processed, we will confirm the deletion of any applicable data.

 

See You Later, All My Data!

Got questions about how we handle your info? Want something deleted? Just fancy a chat about data retention? Drop us a message at team@interludeshop.co.uk.