Privacy policy

Privacy Policy — UKboohoo

Effective date: [DD Month YYYY]
Who we are: Rosemere (“we”, “us”, “our”) operates this website (the “Site”) and sells womenswear to customers in the UK and Europe.

You control your personal information. This notice explains what we collect, why we collect it, how we use and share it, and the rights you have under UK GDPR and the EU GDPR.

1) Personal Information we collect

a) Device & usage data (automatically collected)

  • Examples: IP address, browser type/version, time zone, cookie IDs, pages viewed, products you browse, referring pages, on-site actions, search terms.

  • Why: to load the Site securely and correctly, prevent fraud, and analyse usage so we can improve the Site.

  • How: cookies, SDKs, tags, pixels, log files and similar technologies.

b) Order & account data (you provide)

  • Examples: name, email, phone, billing and shipping addresses, payment method details (tokenised by our payment processor), order history, returns information.

  • Why: to take and fulfil your order, process payments, provide invoices and confirmations, handle delivery/returns, prevent fraud, and send service communications.

c) Customer support data (you provide)

  • Examples: messages, photos (e.g., for quality issues), preferences.

  • Why: to answer questions, resolve issues, and improve our service.

d) Marketing & ads data (with your consent/legitimate interests)

  • Examples: email marketing preferences, cookie-based advertising identifiers, interactions with our emails/ads, social media engagement.

  • Why: to personalise offers and measure ad performance (where permitted).

We do not store full card numbers. Card details are processed by our payment providers.

2) How we use your information (purposes & legal bases)

We process Personal Information under these legal bases:

  • Contract: to provide products/services you request (orders, delivery, returns, account service).

  • Legitimate interests: to secure our Site, prevent fraud/abuse, understand performance, improve our products, and market similar products to existing customers (you can opt out at any time).

  • Consent: for email/SMS marketing to non-customers and for non-essential cookies/ads. You can withdraw consent at any time.

  • Legal obligation: to comply with tax, accounting and consumer laws.

  • Vital/Public interest: rarely, if necessary (e.g., safety notices).

3) Sharing your information

We share only what’s necessary with trusted service providers who act on our instructions:

  • E-commerce & hosting: [e.g., Shopify/Shoplazza/Custom site]

  • Payments: PayPal; card processors (e.g., Stripe/Adyen)

  • Delivery & returns: Royal Mail, Evri, DPD, DHL, etc.

  • Analytics & ads: Google Analytics, Meta (Facebook/Instagram), and similar (where enabled)

  • Customer support: email service desk, helpdesk tools

We may also share data if required by law (e.g., a lawful request) or to protect our rights and users.

We do not sell your Personal Information.

4) Cookies & similar technologies

We use:

  • Essential cookies (security, checkout, preferences)

  • Performance cookies (analytics, site improvements)

  • Advertising cookies (personalised ads, measurement)

  • Social/content cookies (embedded content)

Most browsers let you block or delete cookies in Settings/Preferences. Our cookie banner lets you accept or manage non-essential cookies. Blocking some cookies may affect Site functionality.

Analytics & ads examples (if used):

  • Google Analytics: see Google’s Privacy Policy and opt-out add-on.

  • Meta (Facebook/Instagram) Ads: controls at your Facebook ad settings.

(Provide your actual list in the cookie banner/cookie policy for transparency.)

5) Behavioural advertising (if enabled)

We may use cookies and pixels to show you relevant ads on other sites and measure performance. You can opt out via platform controls:

  • Facebook: facebook.com/settings/?tab=ads

  • Google: google.com/settings/ads/anonymous

  • YourAdChoices (US) / EDAA (EU): aboutads.info / youronlinechoices.eu

Consent requirements vary by country; where required, we will only set advertising cookies with your prior consent.

6) Data retention

We keep Personal Information only as long as necessary for the purposes described above:

  • Orders & tax records: typically 6 years (UK) or as required by law.

  • Marketing data: until you unsubscribe or withdraw consent.

  • Support tickets: for the time needed to resolve and for quality/audit.

We’ll delete or anonymise data when it’s no longer needed, unless we must keep it to meet legal or regulatory obligations.

7) International transfers

If we transfer Personal Information outside the UK/EEA (for example, to a service provider), we use lawful safeguards, such as the UK International Data Transfer Addendum, EU Standard Contractual Clauses (SCCs), or an adequacy decision.

8) Security

We use technical and organisational measures to protect your data, including encryption in transit (SSL/TLS), access controls, and regular reviews of our vendors and systems. No method is 100% secure, but we work to safeguard your information.

9) Automated decision-making

We do not make decisions that have legal or similarly significant effects solely by automated means.
Limited automated checks may occur (e.g., temporary fraud/abuse screening such as IP or card velocity checks) to protect our Site and customers.

10) Minors

Our Site is not intended for individuals under 16. We do not knowingly collect Personal Information from children. If you believe a child provided us information, contact us to request deletion.

11) Your rights (UK/EEA residents)

You have the right to:

  • Access the data we hold about you

  • Rectify inaccurate or incomplete data

  • Erase your data (in certain cases)

  • Restrict or object to processing (including direct marketing)

  • Portability of data you provided to us

  • Withdraw consent at any time (where processing is based on consent)

To exercise your rights, contact us at [servicemails@yeah.net]. We may ask for information to verify your identity. You also have the right to lodge a complaint with your local authority:

  • UK: Information Commissioner’s Office (ICO) — ico.org.uk

  • EU/EEA: your national data protection authority (see edpb.europa.eu)

12) Your choices

  • Marketing emails: use the unsubscribe link in any email or contact us.

  • Cookies/ads: use the cookie banner, browser settings, and platform ad settings (see §5).

  • Account/order info: contact support to request updates or deletion (subject to legal holds).

13) Changes to this policy

We may update this notice from time to time to reflect changes to our practices or for legal/regulatory reasons. The latest version will always be posted here with its effective date.

14) Contact us

Rosemere
Email: servicemails@yeah.net