Privacy Policy

Privacy Policy – Olivia & Grace London (United Kingdom)

This Privacy Policy explains how Olivia & Grace London (“we”, “us”, “our”) collect, use, disclose and protect your personal information when you visit our website, make a purchase, or interact with us in any way (the “Services”).
By using our Services, you agree to this Policy.

Who We Are (Data Controller)

Olivia & Grace London
Email: supportoliviagrace.com

We are the data controller for personal data processed in connection with our Services.

Changes to This Policy

We may update this Policy from time to time for operational, legal or regulatory reasons.
The latest version will always be available on our website and will state the date of the most recent update.

What Data We Collect

Information You Provide Directly

  • Contact details (name, email, phone, billing/shipping address)

  • Order details (items purchased, delivery info, payment confirmation from our payment provider)

  • Account details (if you create one): username, password

  • Customer service messages and any information you share with us

Information Collected Automatically

  • Device and usage data (IP address, browser type, device identifiers, pages viewed, time on site)

  • Cookies and similar technologies for functionality, analytics and personalisation (see Cookies below)

Information from Third Parties

  • E-commerce and payment platforms (e.g. Shopify, PayPal, Stripe)

  • Delivery partners/couriers (fulfilment status and tracking)

  • Marketing and analytics providers (aggregated insights)

How and Why We Use Your Data (Legal Bases)

We process personal data only where we have a legal basis under UK GDPR:

  • To provide our Services: process orders, take payment, deliver products, manage returns and customer support (contract)

  • To communicate with you: service emails (order confirmation, shipping updates), responses to queries (contract / legitimate interests)

  • To improve our Services: troubleshooting, analytics, testing, developing new features (legitimate interests)

  • Marketing: send offers and updates where you have consented or where permitted by law (consent / legitimate interests). You can opt out at any time.

  • Security & fraud prevention: verify accounts/transactions, detect or prevent fraudulent activity (legitimate interests / legal obligation)

  • Legal compliance: keep records required by law, respond to lawful requests (legal obligation)

Cookies

We use cookies and similar technologies to operate our site, remember your preferences, analyse traffic, and improve performance.
You can manage or disable cookies in your browser settings; some features may not function without certain cookies.
Where required, we display a cookie banner to capture consent for non-essential cookies.

Sharing Your Information

We share personal data only as needed to provide our Services, with:

  • Service providers acting on our instructions (e.g. website/e-commerce hosting, payment processors, customer service tools, couriers, IT and analytics partners)

  • Professional advisors (legal/accounting) where necessary

  • Authorities where required by law or to protect our rights or users’ safety

We do not sell your personal information.

International Data Transfers

Some of our service providers may process data outside the UK (and EEA).
Where this occurs, we ensure appropriate safeguards are in place (e.g. UK International Data Transfer Agreement / Standard Contractual Clauses or an adequacy decision) to protect your data.

Data Retention

We keep your data only as long as necessary for the purposes described above:

  • Orders & invoices: typically 6 years (for tax/accounting)

  • Customer service records: up to 2 years after resolution (unless needed longer)

  • Marketing data: until you unsubscribe or withdraw consent

We may retain data longer if required by law or to establish, exercise, or defend legal claims.

Your Rights (UK GDPR)

You have the right to:

  • Access your personal data

  • Rectify inaccurate or incomplete data

  • Erase your data (where applicable)

  • Restrict or object to processing (including objecting to direct marketing)

  • Data portability (receive your data in a structured, commonly used format)

  • Withdraw consent at any time (where processing is based on consent)

To exercise your rights, please contact us at supportoliviagrace.com.
We aim to respond within one month.

You also have the right to complain to the Information Commissioner’s Office (ICO) if you’re unhappy with how we handle your data, but we’d appreciate the chance to resolve your concerns first.

Marketing

If you sign up for updates, we’ll send you news and offers.
You can opt out at any time via the unsubscribe link in our emails or by contacting supportoliviagrace.com.

Children’s Privacy

Our Services are not intended for children under 16, and we do not knowingly collect data from minors.

Security

We use appropriate technical and organisational measures to protect your data (secure hosting, SSL encryption, limited access by authorised staff).
While no system is completely secure, we take data protection seriously and encourage you to keep your account credentials confidential and use strong passwords.

Contact Us

Questions about this Policy or how we handle your data?

Email: supportoliviagrace.com