We will only use the information that we collect about you lawfully (in accordance with the new General Data Protection Regulations 2018). Under the terms of the GDPR legislation, we are required to explain to you how we will treat any personal and/or private data which we collect from you.
Who we are
We are Lilys Angels Boutique Limited. We are also known as the data controller. We are an eCommerce company who sell kids clothing through our online store. The Lilys Angels Boutique website is owned by us and hosted by a third party on Unlimited Web Hosting Ltd. Should you wish to access any of the information that we store about you, or wish to request we remove the data entirely, please simply email us (via the details below).
Collection of Information from our Clients.
In order to fulfill your order (for example – purchasing an item from our store), we need to know certain personal information collected at time of order.
We may collect and process the following data about you:-
(1) information that you provide by filing in forms on our website;
(2) information provided at the time of registering to use our website, subscribing to our service, posting material or requesting further services;
(3) correspondence from you and your responses to any research surveys sent to you by us;
(4) details of transactions you carry out through our site and of the fulfillment of your orders; and
(5) details of your visits to our site including but not limited to traffic data, location data, and other communication data, whether this is required for our own billing purposes or not.
It is our policy that this information is private and confidential. Unfortunately the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information the personal information you provide to us (where required) is stored in a secure location, and is accessible only by designated staff. We will use it only for the purposes for which you provide the information under this privacy statement.
We will not sell, rent or trade to third parties any personal information you provide to us, and we will only store it for as long as is necessary to continue providing the required service(s) to you.
Security Best Practice
Our website uses SSL to help protect (and encrypt) any data sent between your browser and the site (submitted forms etc.
Keeping you informed
We would like to tell you by e-mail or other electronic means about our news, products and services which we believe would be of interest to you. If you do not want us to do this, simply do not check this option during the order process, or email us at any time and request removal. Please note that by choosing not to opt-in means that we will not be able to tell you about additional benefits and services available to our customers.
Computer Tracking and ‘Cookies’
In addition to cookies, our website also makes use of ‘tracking code’ (often called beacons, or pixels) from organisations such as Google Analytics, and Twitter. Google Analytics allows us to better understand traffic patterns and user behaviour while on our website, and the social media pixels allow us to share our news and services with you on these 3rd party platforms. None of the data collected through cookies, analytics, or social media pixels allows us to identify you as an individual (we don’t “see” any personal data about you, other than things like your IP address), and with regard things likeTwitter etc, you can opt out of such tracking within Twitters privacy settings, and won’t impact you at all if you’re not actually a Twitter user.
For more information on cookies, please visit www.allaboutcookies.org.
Partner Websites and Data Collection/Storage
In order to provide some of our key services, we utilise the services of trusted partner websites and cloud based systems. These include
Our websites are built using a third party service called wordpress.com We use WordPress.com, to publish our blogs, WordPress is run by Automattic Inc. We use a standard WordPress service to collect anonymous information about users’ activity on the site, for example the number of users viewing pages on the site, to monitor and report on the effectiveness of the site and help us improve it. WordPress requires visitors that want to post a comment to enter a name and email address. For more information about how WordPress processes data, please see Automattic’s privacy notice
We use the Woocommerce as our eCommerce plugin. Data is collected at checkout during an order process. We use this data purely to email your order details and to let us know where to deliver the item(s) purchased . HMRC require businesses to keep company financial records for at least 6 years from the end of the last financial year, so if you’ve been a paying customer over that time frame, then we’ll likely hold data about you which was required to invoice you for the goods/services supplied.
While legally we cannot delete this data, we can make changes to the contact details etc where it is inaccurate. If you’d like to see what data we hold, or you think we should update the accuracy of it, please just contact us at any time.
In preparation for GDPR we’ve simplified things. We’ve cleaned up the data, deleted old (unused) subscribers, merged subscriber lists (into 1 simple list) re-requested opt-in consent from those who hadn’t already explicitly given it, and reduced the information we collect (and store) to essentially just a name (optional) and email address.
If you have previously given your consent to receive such emails, you can chose to opt-out (or change your preferences) at any time by clicking the relevant links included in all marketing emails sent to you.
We use a third party plugin Wordfence to monitor and alert us of any unusual activity that may occur on access to our website.
Giving your consent
It is important that you read and understand these statements. By ordering any of our products or services, a binding agreement between yourself (and/or your business) and Lilys Angels Boutique will be created such that we can use your information in this way.
We warrant that we will not disclose your information or personal details to any other third party without your approval other than is set out elsewhere in this privacy statement
We will not send you any unsolicited commercial e-mail unless you have given your prior consent. We will seek to act in the best interest of our customers, and will not abuse our position of data controller for any commercial gain.
Should you wish to contact us regarding this privacy statement please contact us using the contact details set out at the bottom of this webpage. For the purposes of complying with GDPR, please note that our Managing DIrector Carol Greig is our appointed Data Protection Officer (DPO), and can also be reached directly via the contact details below.
Have we done something wrong?
If you think there is a problem with the way we have handled your data then be aware you have the right to raise a complaint to the ICO (Information Commissioner’s Office). We’d be grateful if you spoke to us about the issue first, but if you’d prefer to go direct to the ICO please visit: https://ico.org.uk/.
Thank you for your trust.