Read more about the GDPR here https://ico.org.uk/for-organisations/resources-and-support/data-protection-self-assessment/
Learn what you need to do as a Folksy seller to be compliant here http://blog.folksy.com/2018/04/17/gdpr-need-independent-designer-maker
How long to retain data
It's worth noting that the GDPR does not set a specific period for retaining personal data. Instead, it says: "Personal data processed for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes." The ICO recommends reviewing the length of time you keep personal data and why you hold that data. It also says that if an organisation keeps personal data to comply with a legal requirement or professional guidelines – such as information needed for income tax and audit purposes – it will not be considered to have kept the information for longer than necessary.
- HMRC recommends keeping your records for at least 5 years after the 31 January submission deadline of the relevant tax year https://www.gov.uk/self-employed-records/how-long-to-keep-your-records.
- Customers have up to six after they buy an item to complain (even though they may not be entitled to a return or refund) - see here https://www.gov.uk/accepting-returns-and-giving-refunds and here https://www.moneysavingexpert.com/shopping/consumer-rights-refunds-exchange