This Privacy Policy explains how Sir Studios ("Provider," "we," "us," or "our") collects, uses, protects, and handles your personal information when you use The Vault+, Cult of Sir, Sir Store, and all associated services, platforms, and websites (collectively, the "Services"). By accessing or using the Services, you acknowledge that you have read, understood, and agree to the practices described in this Policy.
Sir Studios is committed to protecting your privacy and handling your data with transparency and care. We operate as an independent, sole-proprietor business based in Glasgow, Scotland, and we are committed to compliance with applicable data protection laws to the best of our ability and knowledge.
When you create an account, make a purchase, or interact with our Services, you may provide us with: full name; email address; physical address (for merchandise orders); Discord user ID and username; account credentials; and any other information you voluntarily submit through forms, communications, or support requests.
Payment transactions are processed securely by Stripe, our third-party payment processor. We do not directly store your full credit card number, CVV, or other sensitive payment credentials on our servers. Stripe may provide us with limited transaction information such as the last four digits of your card, card type, billing address, and transaction history for record-keeping and fraud prevention purposes. Stripe's handling of your payment data is governed by their own privacy policy and PCI-DSS compliance standards.
When you access our Services, we automatically collect certain technical information, including: IP address; browser type and version; device type and operating system; referring URLs; pages visited and navigation patterns; date and time of access; and general geographic location derived from IP address.
We operate proprietary internal monitoring systems to understand how our Services are used and to improve the user experience. These systems collect anonymised usage data points including: content accessed; session duration; playback metrics such as listening time and engagement patterns; feature usage; and general interaction data. This monitoring is strictly for service improvement and quality assurance purposes. No personally identifiable information is associated with these analytics data points.
Our Services are strictly for individuals aged 18 years or older. By using the Services, you confirm that you meet this age requirement. We may collect age verification information as part of account creation or at any point during your use of the Services.
We use your information to: create and manage your account; process transactions and fulfil orders; provide access to content and features; deliver merchandise to your address; respond to inquiries and provide customer support; and communicate important service updates.
We analyse usage patterns and engagement data to: improve content offerings and user experience; identify and fix technical issues; develop new features and services; optimise platform performance; and understand aggregate user behaviour and preferences.
With your consent where required, we may use your email address to send: transactional emails (order confirmations, account updates, password resets); service announcements and important notices; and marketing communications about new content, products, or promotions. You may opt out of marketing communications at any time by using the unsubscribe link in any email or by contacting us directly.
We use collected information to: detect and prevent fraudulent activity; enforce our Terms and Conditions; protect the security of our Services and users; and comply with legal obligations.
Your personal information is never sold, rented, traded, or otherwise transferred to third parties for their marketing or commercial purposes. This is absolute and without exception.
Sir Studios operates as an independent, sole-proprietor business. We have no affiliates, parent companies, subsidiaries, or commercial partners with whom we share user data.
We work with a limited number of trusted third-party service providers who assist us in operating our Services. These providers only receive the minimum information necessary to perform their specific functions and are contractually obligated to protect your data. Our service providers include:
Stripe: Payment processing. Stripe handles all payment transactions securely and is certified to PCI Service Provider Level 1, the most stringent level of certification in the payments industry.
Loops: Email marketing and transactional email delivery. Used to send account notifications and, where you have opted in, marketing communications.
Google Analytics: Website analytics to understand aggregate traffic patterns and user behaviour. Data is anonymised and used solely for service improvement.
Discord: Community platform integration. Your Discord ID is used to verify membership and provide access to community features.
We may disclose your information if required to do so by law, court order, or governmental request, or if we believe in good faith that such disclosure is necessary to: comply with legal obligations; protect and defend the rights or property of Sir Studios; prevent or investigate possible wrongdoing; protect the personal safety of users or the public; or protect against legal liability.
Your data is stored on secure servers located in Helsinki, Finland, within the European Union. Our hosting infrastructure is provided by a private, vetted provider operating in full compliance with EU data protection regulations including GDPR.
We implement appropriate technical and organisational measures to protect your personal information against unauthorised access, alteration, disclosure, or destruction. These measures include: TLS/SSL encryption for all data transmitted between your device and our servers; encryption of sensitive data at rest using industry-standard AES-256 encryption; secure, access-controlled server infrastructure with regular security audits; strong password requirements and secure authentication protocols; regular software updates and security patches; access controls limiting data access to essential personnel only; and secure backup procedures with encrypted off-site storage.
We retain your personal information for as long as your account remains active or as needed to provide you with Services. We also retain data as necessary to comply with legal obligations, resolve disputes, enforce agreements, and for legitimate business purposes such as fraud prevention and record-keeping. When data is no longer required, it is securely deleted or anonymised.
While we implement robust security measures, no method of transmission over the Internet or electronic storage is completely secure. We cannot guarantee absolute security of your data, though we are committed to protecting it to the highest standard reasonably achievable for an independent business.
We use essential cookies that are strictly necessary for the operation of our Services. These include: session cookies to maintain your logged-in state; security cookies to prevent fraud and protect your account; and preference cookies to remember your settings and choices. These cookies do not require consent as they are essential to service functionality.
We use Google Analytics to collect anonymised information about how visitors use our websites. This helps us understand traffic patterns and improve our Services. Google Analytics cookies collect information such as pages visited, time spent on site, and general geographic region. You can opt out of Google Analytics by installing the Google Analytics Opt-out Browser Add-on.
Our proprietary internal monitoring system tracks usage patterns within The Vault+ platform, including content accessed, listening duration, real-time engagement metrics, and feature usage. This system operates independently of third-party tracking and is used exclusively for service quality improvement and content development. No personally identifiable information is collected by this system; all data points are anonymised and aggregated.
We do not use third-party tracking pixels, retargeting technologies, or cross-site tracking mechanisms beyond Google Analytics as described above. We do not participate in advertising networks or sell advertising space on our platforms.
You may access and update certain account information directly through your account settings. For other inquiries about your personal data, please contact us using the details provided below.
You may request deletion of your personal data at any time by contacting us at hello@sirdominic.scot. Upon verification of your identity and request, we will delete your personal information within 30 days, except where retention is required for legal compliance, fraud prevention, or other legitimate purposes as described in this Policy. Please note that deletion of your data will result in termination of your account and loss of access to all Services.
Data export or portability is not available. Due to the nature of our Services and proprietary systems, we are unable to provide copies of your data in a portable format.
You may opt out of marketing communications at any time by clicking the unsubscribe link in any marketing email or by contacting us directly. Please note that even if you opt out of marketing communications, we may still send you transactional or service-related messages.
Most web browsers allow you to control cookies through their settings. You can typically choose to block all cookies, accept all cookies, or receive a notification when a cookie is set. Please note that blocking essential cookies may impair the functionality of our Services.
Our Services are operated from the United Kingdom with data stored in the European Union. If you access our Services from outside these regions, please be aware that your information may be transferred to, stored, and processed in locations where data protection laws may differ from those in your jurisdiction. By using our Services, you consent to such transfer, storage, and processing.
Our Services are strictly for adults aged 18 years and older. We do not knowingly collect personal information from anyone under the age of 18. If we become aware that we have inadvertently collected data from a minor, we will take immediate steps to delete such information. If you believe we may have collected information from a minor, please contact us immediately.
We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make material changes, we will notify you by posting the updated Policy on our platforms with a revised "Last Updated" date. Your continued use of the Services after any changes indicates your acceptance of the updated Policy.
For any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:
Email: hello@sirdominic.scot
We aim to respond to all privacy-related inquiries within 14 days.
