Privacy policy

Privacy Policy – LilyandGrace

1) Information on the Collection of Personal Data and Contact Details of the Controller

1.1

We are pleased that you are visiting our website and thank you for your interest.
The following information explains how we handle your personal data when you use our website.
Personal data refers to any information that can identify you directly or indirectly as an individual.

1.2

The data controller responsible for this website under the General Data Protection Regulation (GDPR) is:

LilyandGrace
📩 Email: info@lilyandgrace.uk

The controller is the natural or legal person who alone or jointly determines the purposes and means of processing personal data.

1.3

This website uses SSL or TLS encryption to protect the transmission of personal data and other confidential content (such as orders or inquiries).
You can recognize an encrypted connection by “https://” in the URL and the lock symbol in your browser.

2) Data Collection When Visiting Our Website

When you visit our website for informational purposes only, without registering or submitting data, we collect only the “server log files” automatically transmitted by your browser. These include:

Pages visited
Date and time of access
Amount of data transferred (in bytes)
Referring URL
Browser and operating system used
IP address (possibly anonymized)

Processing is based on our legitimate interest (Art. 6(1)(f) GDPR) to ensure website stability and functionality.
Your data will not be used for other purposes unless there is suspicion of unlawful use.

3) Cookies

Our website uses cookies to improve your browsing experience and enable certain functions.

Session cookies: temporary, deleted when the browser is closed
Persistent cookies: remain stored to recognize your browser on future visits

Processing of personal data via cookies is based on Art. 6(1)(b) or (f) GDPR depending on the purpose (contract performance or legitimate interest).

You can configure your browser to block cookies or allow them selectively.
Please note: disabling cookies may limit website functionality.

4) Contact

When you contact us (via form or email), we collect the personal data you provide to respond to your request.
The legal basis is Art. 6(1)(f) GDPR, or Art. 6(1)(b) if your request relates to a contract.
Data will be deleted when no longer necessary, unless legal retention obligations apply.

5) Data Processing for Customer Accounts and Order Fulfillment

Personal data is processed to fulfill contracts or create a customer account (Art. 6(1)(b) GDPR).
Data is used for order and payment processing.

Accounts may be deleted at any time by contacting info@lilyandgrace.uk.
After order completion or account deletion, data will be restricted and then deleted unless consent for further processing exists.

6) Use of Data for Direct Marketing

6.1 Newsletter Subscription

By subscribing, you will receive promotional communications via a double opt-in process.
You may unsubscribe at any time via the link in each newsletter or by contacting us.

6.2 Existing Customer Newsletter

If you provide your email during a purchase, we may send offers for similar products based on legitimate interest.
You can unsubscribe at any time.

7) Order Processing

7.1

Personal data is shared with shipping and payment providers when necessary for delivery and payment processing (Art. 6(1)(b) GDPR).

7.2 Payment Service Providers

PayPal: payment data is transmitted in accordance with GDPR
SOFORT GmbH: payments are processed according to their privacy policy

8) Review Reminders

With your consent, we may send email reminders to leave a product review.

9) Social Media Plugins

We use social integrations (Facebook, Google+, Instagram) via the Shariff solution, which transmits data only when you click the relevant button.

10) Online Marketing

Google DoubleClick: targeted advertising (can be disabled in browser settings)
Google Ads Conversion Tracking: measures campaign effectiveness
Google Analytics: website usage analysis (opt-out available)
Facebook & Google Remarketing: personalized ads managed via privacy settings

11) Web Analytics

Our website uses Google Analytics (Universal) to analyze visitor behavior.
You can disable cookies via the Google browser add-on.

12) Retargeting / Remarketing / Personalized Advertising

We use tools such as Facebook Pixel and Google Remarketing.
You can disable these via the privacy settings of the respective platforms.

13) Data Subject Rights

Under GDPR, you have the following rights:

Right of access
Right to rectification
Right to erasure
Right to restriction of processing
Right to data portability
Right to withdraw consent
Right to object

For any requests, contact: info@lilyandgrace.uk

14) Data Retention Period

We store personal data only as long as necessary to fulfill the contract or as required by law.