Privacy Policy
Last Updated: 19/01/2026. We are committed to protecting your personal information and your right to privacy. This Privacy Policy applies to all information collected through www.stephaniedavies.co.uk and any related services, sales, marketing or events. If you have any questions or concerns about this Privacy Policy or how we handle your personal data, please contact us at info@stephaniedavies.co.uk. If you do not agree with the terms of this Privacy Policy, please discontinue use of our website and services.
Privacy POLICY
Stephanie Davies
Email: info@stephaniedavies.co.uk
Website: www.stephaniedavies.co.uk
For the purposes of data protection law, we are the data controller responsible for your personal data under UK GDPR and the Data Protection Act 2018.
Who We Are
We collect personal data that you voluntarily provide to us when you place an order, Cceate a customer or member account, contact us by email, subscribe to marketing communications (where applicable). This may include your name, billing and shipping address, email address, phone number, order details and purchase history, account login details, and payment information (processed securely by third-party payment providers). All personal information you provide must be accurate, complete and kept up to date.
Personal Data
Data collected automatically (website visitors) :When you visit our website, certain information is collected automatically, including browser type and version, device and operating system, IP address, pages visited and interactions (such as clicks, scrolling and searches), referring URLs, date and time of visits. This data is used to operate the website, analyse performance and understand user behaviour. We share this information with Squarespace, our website hosting and analytics provider, who processes this data in a de-personalised or aggregated form where possible.
Data Collected Automatically
We use cookies and similar technologies to ensure the website functions correctly, analyse traffic and improve user experience.
Where required by law, non-essential cookies are only used with your consent. You can manage your cookie preferences through our cookie banner and browser settings.
cookies
Lawful bases for processing personal data: Under UK GDPR, we must have a lawful basis to process your personal data. We rely on the following: Contract – to process orders, payments, deliveries, returns and customer accounts, Legal obligation – to comply with accounting, tax and regulatory requirements, Legitimate interests – to provide customer service, improve our website, manage accounts and prevent fraud, Consent – for marketing emails and non-essential cookies (where applicable)
You may withdraw your consent at any time.
LAWFUL BASES
Orders, Customers & Accounts
Customers: When you place an order, we collect personal data necessary to fulfil the contract, including billing and delivery details.
Customer and member accounts on this website are managed using MemberSpace. When you create or access an account, personal data such as your name, email address, login credentials and account activity is processed to authenticate users and provide secure access to account areas or member-only content. This processing is carried out on the basis of contract and legitimate interests. We also share relevant customer information with Squarespace to enable website and ecommerce functionality.
Emails & Communications
Transactional emails: We may send emails that are necessary for the performance of a contract, including: Order confirmations, Dispatch notifications, Account or password updates, Important service messages. These emails cannot be unsubscribed from. Marketing emails: We may send marketing emails where permitted by law. You can unsubscribe at any time by clicking the link included in the email or by contacting us directly.
Third-Party Services
We only share personal data with trusted third-party service providers where necessary to operate our business, including: Squarespace – website hosting, ecommerce, analytics and transactional emails, MemberSpace – customer and member account management and secure login functionality, Payment processors (such as Stripe or PayPal) – to process payments securely, Delivery providers – to fulfil orders, Google Fonts and Adobe Fonts – to display website fonts (these services may receive limited technical data such as IP address and browser information) Some third-party providers may process data outside the UK. Where this occurs, appropriate safeguards are in place to ensure compliance with UK GDPR. We do not sell personal data to third parties.
Storage periods
We retain personal data only for as long as necessary: Order and invoice data: 6 years (to comply with UK tax law), Customer and member account data: for as long as the account remains active or until deletion is requested, Marketing data: until consent is withdrawn, Analytics data: anonymised or retained for a limited period
Data Security
We take reasonable technical and organisational measures to protect personal data against loss, misuse, unauthorised access or disclosure.
Under UK GDPR, you have the right to: Request access to your personal data, Request correction of inaccurate or incomplete data, Request deletion of your data (where applicable), Restrict or object to processing, Withdraw consent at any time, Request data portability. To exercise any of these rights, please contact us at info@stephaniedavies.co.uk.
Your Data Protection Rights
Complaints
If you are unhappy with how we handle your personal data, you have the right to lodge a complaint with the UK supervisory authority:
Information Commissioner’s Office (ICO)
Website: https://ico.org.uk
Changes to This Policy
We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated revision date.