Privacy Policy


Users are responsible for maintaining the confidentiality of any account they initiate or maintain, and for restricting related access to  computers and/or mobile devices signed into accounts. Users agree to accept responsibility for all activities that occur in relation to accounts or passwords subject to their control, including but not limited to submitting information for printing and delivery. Users who choose to include sensitive information in Content, such as phone numbers, postal addresses, emails, ID numbers or other information that could be used to identify any person, do so at their own risk. CCT reserves the right to refuse service, limit service or terminate any account in its sole discretion.

CCT is responsible for maintaining the security of the data associated with user accounts and will strive to safeguard users’ personal information in strict accordance with legal requirements and industry best practices. We are committed to compliance with privacy laws and regulations throughout our global community, including but not limited to the EU General Data Protection Regulation and The UK’s Data Protection Act. All data received via CCT user accounts, or data which is processed in the course of creating Products for users, is protected by studious implementation and continued optimization of current security technology.

Data We Collect, How and Why

CCT collects personal identifying information typically associated with e-commerce activities: names, emails, physical addresses, phone numbers, Internet Protocol addresses, payment data. Additionally, order related information is retained as well, including a record of our customers’ orders and the CCT Products related to such orders.

We obtain the personal information listed above from the following sources:

  • Directly from the user. For example, from the forms the user completes on our website.
  • Indirectly from the user. For example, from observing user actions on our website through the use of cookies.

User data will be processed to process the order, to supply products and to provide customer support.

Data retention

CCT will retain users personal data only during the required period to carry out the purposes for which they were collected, while not revoking the consents granted when applicable. Subsequently, if necessary, the information will be blocked by the legally established deadlines.

In the case of the personal data provided to CCT, the data will be stored for five years from the date of the capture. After this period, the data will be deleted, unless users indicate otherwise.

CCT’s Precautions and Users’ Rights Protecting Personal Information

Users always have the right, within 30 days of their request, to view records of their orders, including associated personal information, or to delineate limits on transmission and retention of such information, by making such requests via

CCT at all times will respect any users right to demand compliance with the laws governing personal privacy in their jurisdiction and to be free from retaliation or discrimination resulting from doing so.

Data We Share

CCT DOES NOT SELL USER DATA TO ANYONE. Where we provide personal information to any third party, we generally do so as a matter of operational necessity in utilising print manufacturers, transaction service providers, technology vendors and other associates we trust to maintain the integrity and security of our operations. We do not otherwise share user data, personal or otherwise except where 1) we are explicitly authorised by a user to share specific information and 2) such dissemination is otherwise lawful, or 3) where we are required to disclose personal information in response to lawful requests by public authorities based on law enforcement or national security requirements.

Data shared on an as-needed basis with trusted providers of printing, shipping and merchant bank services includes personally identifiable Content items as outlined above as well as customers’ mailing address, telephone number, and order specifications.

Here are the details of CCT’s main third-party service providers, and what data they collect or we share with them, where they store the data and why they need it:

Service provider Data collected or shared Purpose Place of processing
E-Commerce Site: (Example:
  • Billing Name and address
  • Shipping Name and address
  • Email Address
  • Phone Number
CCT uses our ecommerce site to enable users to register and/or  authenticate to identify them and give them access to dedicated services. The collected data is collected and stored for registration or identification purposes and for the provision of the services requested by the users.


EU West (Ireland)
Stripe, Inc.
  • User details (address, name, phone number, e-mail)
  • Financial information (card number)
  • Cookies
CCT uses Stripe for the processing of the payments.


EU and US
Intuit Inc. (Mailchimp) If Opt-in on site confirmed:
  • Full Name
  • Email Address
  • Address
CCT uses Mailchimp as email address management and message  sending service, following what services customers have agreed to


HP Pimienta Platform Shipping and Order information need to process fulfilment of order CCT licences the use of the HP Pimienta platform to manage  orders and  share information with Print Service  Providers (PSPs) to  fulfil orders


EU West (Ireland)
Print Service Provider (PSP) Shipping and Order information need to process fulfilment of order CCT uses PSPs to print and ship books to customers


US and UK
Fresh Desk
  • Order number
  • Full Name
  • Email Address
CCT uses the Freshdesk platform to manage support tickets from the various live websites


Data Centres are in the US, EEA, IND and AU


Rights of access, rectification, erasure, or objection

Users will be able to exercise user rights of access, rectification, erasure, or objection at any time, as well as the rights of restriction of processing and the right to data portability under the GDPR regarding users personal data, by sending a written communication attaching a copy of the identity card or another document proving the identity and stating the right the user wants to exercise to the following address:

EU-U.S. Privacy Shield Framework

The Court of Justice of the European Union issued a decision on July 16, 2020 invalidating the Privacy Shield self-certification for privacy compliance due to an issue that is unlikely to affect our customers, namely that US governmental authorities’ potential access to EU residents’ personal data under certain circumstances would not comply with the General Data Protection Regulation. Users should know that creating an account or placing an order with us theoretically poses a risk to user data privacy under the GDPR, should the US Government impose its authority to demand access to user data.

In every other respect Privacy Shield has established the gold standard for the security of data transferred from the EU to the US, and we will continue to collect, process and store customer data using that framework, ensuring that data users share with CCT continues to be as private as it always has been. CCT will continue to monitor this evolving situation and take every step available to ensure continued protection of users personal data and compliance with EU regulations.

Our Data Protection policies are in accordance with the Data Protection Act 2018, which is the UK’s implementation of the General Data Protection Regulation (GDPR). Please note we treat users' personal information under UK Law in accordance with the EU-U.S. Privacy Shield Framework set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union to the United States. CCT has certified to the U.S. Department of Commerce that it adheres to the Privacy Shield Principles and is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC). If there is any conflict between the terms in this Privacy Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit

Independent Recourse Mechanism for Privacy Shield matters

In compliance with the Data Protection Act 2018 and the Privacy Shield Principles, CCT commits to resolve complaints about the collection or use of personal information.

EU individuals with inquiries or complaints regarding the Privacy Shield policy should first contact CCT at  Users who do not receive a timely response to an inquiry or request may contact the UK Data Protection Authorities (“UK DPAs”) and EU  Data Protection Authorities (“EU DPAs”) for more information or to file a complaint. The services of the EU DPAs are provided at no cost. Under certain conditions, where dispute resolution procedures have not produced a satisfactory result (more specifically described at, EU individuals may be entitled to invoke binding arbitration.


Users shall indemnify and hold harmless CCT, its contractors and licensors, and their respective directors, officers, employees and agents from and against any and all claims and expenses, including attorneys’ fees, arising out of users’ use of the CCT websites and Services, or other resources and Services provided by CCT, including but not limited to claims arising out of users’ violation of these Terms of Service.


By visiting any website provided by CCT and utilising the related Services, users confirm their agreement that the laws of England and Wales, UK, without regard to principles of conflict of laws, will govern these Terms of Service and any dispute with CCT that might arise. Users further agree that in the event any user is engaged in a dispute with CCT which cannot be resolved through informal negotiation, before seeking resolution in any court of law, either party to that dispute must first attempt to resolve the matter cost effectively by retaining a mutually acceptable provider of mediation services for up to four hours of mediation sessions. Otherwise, where these more informal measures are not effective, the parties may seek traditional legal and equitable remedies in the appropriate courts in England and Wales.

The following are the sole exceptions to the above legal venue and dispute resolution terms: In situations where CCT is required to seek an injunction or restraining order, or where a customer has not met payment obligations to CCT, CCT may seek legal remedies without prior negotiation or mediation. Also, privacy related matters affecting users residing in the European Union are governed by the above provisions regarding the Privacy Shield Framework and related Recourse Mechanisms.


If any of these terms are deemed invalid or unenforceable for any reason, then the invalid or unenforceable provision will be severed from these Terms and the remaining Terms will continue to apply. Failure of CCT to  enforce any of the provisions set out in these Terms of Service, or failure to limit or terminate any user’s Services access for any length of time, shall not be construed as waiver of such provisions and shall not affect the validity of these Terms of Service, or the right thereafter to enforce each and every provision. These Terms of Service shall not be amended, modified, varied or supplemented in the absence of written notification by CCT.


CCT reserves the right to change these Terms of Service and related Privacy Policy from time to time as it sees fit. Users continued use of the Services and websites will signify acceptance of any adjustment to these terms. Users are advised to regularly review our Terms of Service and Privacy Policy.

Where appropriate, users addressing privacy matters may request direct contact with CCT via email

Mail should be sent to:

124 Finchley Road, London NW3 5JS