Privacy Policy

1. Introduction

Designs by Nic (“we”, “us”, “our”) is committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your information when you visit our website, make a purchase, or contact us.

We comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. What Personal Data We Collect

Information you provide directly

We may collect the following information when you interact with our website:

  • Name

  • Email address

  • Postal address (for order fulfilment)

  • Phone number (optional, if provided for delivery or communication)

  • Order details

  • Messages sent via contact forms

Information collected automatically

When you browse our website, we may collect:

  • IP address

  • Browser type

  • Device information

  • Pages viewed

  • Cookies and analytics data (via Squarespace or third‑party tools)

3. How We Use Your Personal Data

We use your information to:

  • Process and fulfil your orders

  • Send order confirmations and delivery updates

  • Respond to enquiries

  • Provide customer support

  • Manage your account (if applicable)

  • Improve our website and services

We never sell your data.

4. Legal Bases for Processing

Under UK GDPR, we rely on the following legal bases:

  • Contractual necessity – to process orders and provide services

  • Consent – for marketing communications

  • Legitimate interests – to improve our website and protect against fraud

  • Legal obligation – for tax, accounting, and regulatory compliance

5. How We Store and Protect Your Data

Your data is stored securely through:

  • Squarespace (website hosting and analytics)

  • Payment processors such as Stripe (we never see your full payment details)

  • Secure email systems

  • Password‑protected devices and accounts

We take reasonable technical and organisational measures to protect your information from loss, misuse, or unauthorised access.

6. Data Sharing

We may share your data with trusted third parties only when necessary:

  • Payment processors (e.g., Stripe)

  • Delivery services (e.g., Royal Mail, couriers)

  • Website hosting and analytics providers (e.g., Squarespace)

These providers only receive the information required to perform their services.

7. Data Retention

We keep your personal data only for as long as necessary:

  • Order information: 6 years (for tax and accounting purposes)

  • Email enquiries: typically 12–24 months

  • Marketing emails: until you unsubscribe

  • Website analytics: retention varies by provider

8. Your Rights Under UK GDPR

You have the right to:

  • Access your personal data

  • Correct inaccurate information

  • Request deletion of your data

  • Restrict or object to processing

  • Withdraw consent (for marketing)

  • Request data portability

  • Lodge a complaint with the ICO (Information Commissioner’s Office)

To exercise any of these rights, contact us via the contact me form.

9. Cookies

Our website uses cookies to improve your browsing experience and analyse website traffic. You can manage or disable cookies through your browser settings

10. Contact Us

If you have any questions about this Privacy Policy or how your data is handled, please contact me.