At Personal Loot, your privacy matters. We’re a UK-based small business, and we’re committed to handling your personal data responsibly and transparently, in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

This policy outlines how we collect, use, store, and protect your data when you visit our website or place an order with us.

1. What Personal Data We Collect

When you use our website, we may collect the following:

Contact Information – name, email address, shipping/billing address, phone number

Order Information – items purchased, delivery preferences

Payment Details – processed securely via third-party providers (we don’t store card info)

Technical Data – IP address, browser type, device info, pages visited

Marketing Preferences – if you opt in to our newsletter or marketing updates

2. Why We Collect Your Data

We only use your data for specific purposes, including:

Processing and fulfilling your orders

Providing updates and support

Responding to your queries

Sending you marketing emails (only if you’ve opted in)

Improving our website and services

Meeting our legal and tax obligations

We will never sell your data to third parties.

3. Our Legal Basis for Using Your Data

Under UK GDPR, we rely on the following lawful bases:

Contract – to process your order or respond to your request

Consent – for marketing emails and cookies (you can withdraw anytime)

Legal Obligation – to comply with HMRC and consumer law

Legitimate Interests – to improve customer experience and ensure website security

4. Who We Share Your Data With

We only share your information with trusted third parties when necessary:

Payment processors

Shipping and logistics services

Email marketing platforms

Analytics tools

These providers are under contract to keep your data secure and never use it for their own purposes.

5. Cookies

We use cookies to:

Make our website work properly

Understand how users interact with our site

Improve your browsing and shopping experience

You can control or disable cookies in your browser settings

6. How Long We Keep Your Data

We only retain your personal data for as long as needed to:

Fulfil the purpose it was collected for

Meet legal or accounting requirements

7. Your Rights Under UK GDPR

You have the right to:

Access the personal data we hold about you

Correct inaccurate or outdated data

Request deletion of your data (where applicable)

Object to certain types of processing

Withdraw consent (for marketing or cookies)

8. How We Protect Your Data

We use a combination of:

SSL encryption

Secure third-party platforms

Access controls and internal best practices

We take all reasonable steps to ensure your personal information is safe.

9. Changes to This Privacy Policy

We may update this policy from time to time. Any changes will be posted on this page.

Contact Us

If you have questions about this policy or your personal data, please email us at info@personalloot.com