top of page

Privacy Policy

Last updated: [17/12/2025]

This Privacy Policy explains how [Your Company Name] ("we", "us", "our") collects, uses, stores, and protects your personal data when you visit or use our website [yourwebsite.co.uk] (the "Website").

We are committed to protecting your privacy and handling your personal data in an open and transparent way, in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who We Are

  • Company name: [Your Company Name]

  • Registered address: [Your registered business address]

  • Email: [Your contact email]

  • Data Controller: [Your Company Name]

If you have any questions about this Privacy Policy or how we handle your data, you can contact us using the details above.

2. Personal Data We Collect

As part of running our e-commerce Website, we may collect and process the following types of personal data:

a) Information you provide to us

  • Name

  • Email address

  • Phone number

  • Billing and delivery address

  • Account login details

  • Order details and purchase history

  • Payment information (payments are processed securely by third-party payment providers; we do not store full card details)

  • Any information you submit through contact forms, reviews, or customer support communications

b) Information collected automatically

  • IP address

  • Browser type and version

  • Device and operating system information

  • Pages viewed, products viewed, and time spent on the Website

  • Shopping cart activity

  • Referring and exit URLs

This information is collected using cookies and similar tracking technologies.

3. How We Use Your Personal Data

As an e-commerce business, we use your personal data for the following purposes:

  • To create and manage customer accounts

  • To process and fulfil orders, including delivery and returns

  • To take payments and prevent fraudulent transactions

  • To communicate with you about your orders, account, or customer service enquiries

  • To send important service messages (such as order confirmations and delivery updates)

  • To personalise your shopping experience

  • To improve our products, services, and Website functionality

  • To comply with legal, tax, and regulatory obligations

4. Lawful Bases for Processing

Under UK GDPR, we rely on the following lawful bases to process your personal data:

  • Contract: Where processing is necessary to perform a contract with you

  • Consent: Where you have given clear consent

  • Legal obligation: Where processing is required by law

  • Legitimate interests: Where processing is necessary for our legitimate business interests and does not override your rights

5. Cookies

We use cookies and similar technologies to enhance your browsing experience.

You can manage or disable cookies through your browser settings. For more information, please see our Cookie Policy [insert link if applicable].

6. Sharing Your Personal Data

For the purposes of operating our e-commerce Website, we may share your personal data with:

  • Payment processors (such as card payment providers, PayPal, or similar services)

  • Delivery and logistics providers

  • E-commerce platform providers

  • Website hosting and IT service providers

  • Analytics and marketing service providers

  • Professional advisers (including legal, financial, and accounting services)

  • Law enforcement or regulatory authorities where required by law

All third parties are required to respect the security of your personal data and to process it lawfully and only for specified purposes.

7. International Transfers

If we transfer your personal data outside the UK, we will ensure appropriate safeguards are in place, such as adequacy regulations or standard contractual clauses.

8. Data Security

We have implemented appropriate technical and organisational measures to protect your personal data against loss, misuse, unauthorised access, alteration, or disclosure.

9. Data Retention

We will only retain your personal data for as long as necessary to fulfil the purposes for which it was collected, including legal, accounting, or reporting requirements.

10. Your Data Protection Rights

Under UK data protection law, you have the right to:

  • Access your personal data

  • Request correction of inaccurate data

  • Request erasure of your data

  • Restrict processing of your data

  • Object to processing

  • Request data portability

  • Withdraw consent at any time

To exercise your rights, please contact us at [your contact email].

11. Complaints

If you are unhappy with how we handle your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO):

12. Third-Party Links

Our Website may contain links to third-party websites. We are not responsible for the privacy practices or content of those websites.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page, and where appropriate, notified to you.

14. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact:

[Grand Gesture Gifts]
Email: [info@grandgesturegifts.com]

bottom of page