Privacy Policy
- Who we are
“Little Gift Hut”, “we”, “our” and “us” and we are the company that collects your personal data and controls how it will be used the “data controller”.
- Scope of this policy
We are committed to respecting your privacy and protecting the personal data you share with us and that we collect about you. This policy tells you about how we use the personal data we collect about you when you use our website or purchase our products through an account we have with a third party site (such as Amazon and eBay). It also provides more information about your privacy rights and how the law protects you.
- How do we collect your personal data, what do we collect and what do we do with it?
We have set out below the personal data we may collect from you during your use of our website or any third party site where you purchase our products from us and how this is used by Little Gift Hut.
How and what personal data do we collect? |
What do we do with it? |
We collect your full name, title, address, email address and phone number when you register for an account with us. |
· register your account with us · store your details so it is easier for you to login/order on your next visit · process and deliver any orders you place with us · send you updates about our services (including updates to our terms and policies) · where requested, to send our latest information and news to you by email. |
We collect your email address when you register to receive our news and latest information by email. |
· to ensure you receive all the latest news and information about our new product releases and season lines, offers and discounts. |
We collect your full name, title, delivery address, billing address, email address, phone number and payment details when you order products from our website or any third party site where we offer our products for sale. |
· to process your order and payment · deliver this to you and deal with any returns, refunds or customer services enquiries · where requested, we will also use your email address to send you our latest news and information by email. |
Your name, email address and any other information you include in your message when you send us a message with a comment or question on our website, by post, email, phone or on any of our social media pages (Facebook, Twitter, Instagram or Pinterest). |
· to deal with your comment/question and contact you about this, if necessary. |
Technical information about your computer, tablet or phone (including your IP address, web browser type and version, operating system and a list of URLs starting with a referring site, your activity on the website and the site you exit to (this is all automatically collected)) |
· to enable you to store your preferences on your device (so you can, for example, save your login details and your preferred language) · to improve our website so it is easier to use for our customers. |
We may also collect, use and share data relating to you which is not “personal data”, such as demographic data or details of your typical use of our website. You can’t be identified from this information. We will use this information, for example, to improve our website, tailor our marketing strategy and help us stock products we think you will like.
- Our lawful basis for what we do with your personal data
We will never use your personal data unlawfully. We have set out below our lawful basis for the various ways we use your personal data.
Our use of your personal data |
Our lawful basis |
Creating and maintaining your account. |
Performing our contract with you. Some of this information will also be required for legal reasons such as fraud prevention. |
Processing and delivering orders to you and dealing with returns, refunds and other customer service queries. |
Performance of our contract with you (we need to do this to provide our products to you).
Some of this information will also be required for legal reasons such as fraud prevention and for our legitimate interests of defending against any claims made against us. |
Sending you details of our products and offers by email. |
Your consent. |
Dealing with your comments/questions (where these are not related to a specific order). |
Our legitimate interests of ensuring we provide the best possible customer service. |
Improving and securing our website. |
Legal requirement of preventing fraud and our legitimate interests of ensuring that our website works effectively and is secure. |
- Marketing
Where you have confirmed that you wish to receive marketing messages from us, you can stop us sending you these messages at any time by following the opt-out link in any marketing messages we send to you or by contacting us using the details below. Where you opt-out of receiving these messages, this will not apply to personal data provided to us as a result of us supplying our products to you.
- Sharing of Personal Data
We do not sell your personal data to any third parties. We may share your personal data with our carefully selected third party service providers who help us provide our services to you, including:
- Our website host, Shopify
- Our logistics/warehouse service provider.
- Our couriers and similar delivery companies.
- Our payment provider, PayPal.
- Our professional partners, including our marketing agencies.
- Our search engine providers.
- Our IT and technical service providers.
In certain circumstances we may also need to share your personal data with our legal advisers, bankers, auditors and insurers and our regulators, including HM Revenue & Customs and with any third parties to who we choose to sell or transfer any part of our business or assets.
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third party service providers to use your personal data for their own purposes and only permit them to use your personal data for specified purposes and in accordance with our instructions.
- International Transfers
Some of our third party service providers (including our website hosts, Shopify) are based outside the European Economic Area (EEA) so their processing of your personal data will involve a transfer of data outside the EEA.
Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
- We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission.
- Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe.
- Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US.
Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.
- Data Security
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know such information. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
Our website may include links to third-party websites, plug-ins and apps. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites, are not responsible for their privacy statements and are in no way responsible for the content thereof. When you leave our website, we encourage you to read the privacy notice of every website and app you visit.
- How long will we keep your information for?
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting or reporting requirements.
We will retain your name, email address, address, phone number, [date of birth, gender,] which we collect when you hold an account with us for such time as you continue to hold an account with us.
We will retain your name, email address, delivery address and billing address which you provide to us when you make a purchase on our website but choose not to register for an account with us for two years following your last purchase.
We will retain your payment information for seven years from your last purchase for accounting purposes.
Where you register to receive details of our latest news and products, we will keep your email address for such time as you wish to continue to receive such updates from us – this will either be until you “opt-out” or if you have not opened or clicked through any of our communications or made a purchase on our website in at least the previous 24 months. We may need to retain your personal data for other purposes, e.g. operating your account or dealing with any enquiry you have made.
We will retain your name, email address and phone number for 6 months after we have completed dealing with any enquiry/comment you made on our website.
- Your legal rights
Under certain circumstances, you have rights under data protection laws in relation to your personal data, including the following:
- The right to request access to personal data we are holding about you.
- The right to request that the personal data we are holding about you be updated/corrected.
- The right to request erasure of the personal data we hold about you.
- The right to object to our processing of your personal data on the basis of our legitimate interests.
- The right to object to processing for direct marketing.
- The right to request that we restrict our processing of your personal data.
- The right to request that your personal data be transferred to you or another provider.
- The right to withdraw your consent to our processing (where we are relying on your consent).
If you wish to exercise any of the rights set out above, please contact us at Little Gift Hut, c/o CJ Roberts & Partners Ltd, 160 Elliott Street, Manchester M29 8DS
You also have the right to make a complaint to your data protection regulator (in the UK, this will be the Information Commissioner’s Office) but please contact us first before escalating your complaint.
- Contacting us
If you have any questions about this policy or the personal data we collect about you, please contact us at info@littlegifthut.co.uk.
Our data protection manager is Stephanie Foy who can be contacted at info@littlegifthut.co.uk.
- Changes to this Policy
We may change this policy from time to time to reflect how we are processing your personal data so you should review this policy regularly. If we make any significant changes to the policy we will contact you to let you know.