Privacy Policy
Privacy
At KIMMEL LIFE LIMITED, we are committed to protecting your privacy and ensuring your personal data is handled securely and in compliance with data protection laws, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
This policy explains what personal data we collect, how we use it, your rights, and how you can contact us.
WHAT PERSONAL DATA DO WE COLLECT?
We collect personal data directly from you, automatically when you use our website, and from third parties. This may include:
-
Personal and contact details: Name, email, postal address, phone number, date of birth, gender (if provided).
-
Account information: Login details, preferences, purchase history.
-
Payment and transaction data: Billing and shipping details, partial payment card data (via Shopify).
-
Interactions with us: Customer service messages, reviews, competition or survey responses.
-
Device and usage data: IP address, browser type, referral source, pages viewed, actions taken.
-
Marketing engagement: Email open rates, click-through data, and cookie data related to advertising.
-
Location data: If permitted, we may access your location to personalise your experience.
HOW DO WE USE YOUR PERSONAL DATA?
We use your data for the following purposes:
-
To process your orders and manage your account.
-
To respond to customer queries or support issues.
-
To personalise your website experience and recommend products.
-
To send marketing communications, subject to your preferences.
-
To improve our website and services through analytics.
-
To detect and prevent fraud or misuse of our platform.
-
To meet legal obligations (e.g. tax, consumer protection, product recalls).
-
To facilitate competitions and surveys (with consent).
-
To carry out research and development to improve our product range.
LEGAL BASES FOR PROCESSING
We process your data on the following legal bases:
-
Contractual necessity: To fulfill our obligations to you (e.g. order delivery).
-
Consent: For optional uses such as marketing or cookies (you can withdraw at any time).
-
Legitimate interests: For business operations, fraud prevention, and user experience improvement.
-
Legal compliance: Where required by law (e.g. record-keeping or regulatory reports).
OUR E-COMMERCE PLATFORM (SHOPIFY)
Our store is hosted by Shopify Inc.:
-
Your data is stored securely on Shopify servers, protected by firewalls and encryption (PCI-DSS compliant).
-
Payment data is encrypted and processed securely. Shopify only stores data as long as needed to complete your purchase.
-
For more info, see Shopify’s Privacy Policy.
MARKETING & COMMUNICATIONS
-
We may send marketing emails, SMS, or post based on your preferences and consent.
-
Some messages may be tailored to you using profiling (e.g. based on previous orders or browsing activity).
-
You can opt-out at any time via:
-
The “unsubscribe” link in our emails
-
Your account settings
-
Contacting us directly
-
Even if you opt-out of marketing, we may still send transactional messages (e.g. order updates or legal notices).
COOKIES & TRACKING TECHNOLOGIES
We use first- and third-party cookies to:
-
Enable essential site functions (e.g. basket and checkout)
-
Analyse website usage (e.g. Google Analytics)
-
Improve performance and personalisation
-
Show you targeted ads across platforms (e.g. Google, Facebook)
When you first visit our site, we ask for your consent to place non-essential cookies. You can change your cookie preferences or block cookies via your browser settings at any time. For more info, refer to our Cookie Policy (available on the site footer).
WHO DO WE SHARE DATA WITH?
We may share personal data with:
-
Service providers: Delivery couriers, payment processors, cloud platforms.
-
Marketing and advertising platforms: Social media (e.g. Meta, Google Ads).
-
Professional advisers: Legal, tax, or compliance consultants.
-
Government agencies: For fraud detection, tax obligations, or legal enforcement.
-
Buyers or investors: In the case of a business sale or restructuring.
We only share the minimum data necessary, and always under appropriate contracts or safeguards.
INTERNATIONAL DATA TRANSFERS
Your personal data may be transferred outside the UK (e.g. to Shopify’s servers in Canada or the USA). When we do so, we ensure that appropriate safeguards are in place, such as:
-
UK International Data Transfer Agreements (IDTAs)
-
Adequacy decisions by the UK government
-
Standard contractual clauses (SCCs) approved by the ICO
DATA RETENTION
We retain your data only as long as needed for the purposes listed above. For example:
-
Purchase records: up to 6 years for tax and legal compliance
-
Customer support messages: up to 2 years
-
Marketing data: until you withdraw consent or unsubscribe
-
Cookie data: as per your browser/device or cookie settings
When we no longer need your data, it is securely deleted or anonymised.
SECURITY
We take appropriate technical and organisational measures to protect your personal data, including:
-
SSL encryption for data in transit
-
Firewalls and access controls
-
PCI-compliant payment systems
However, no method of transmission over the internet is 100% secure. You are responsible for keeping your account credentials confidential.
CHILDREN
Our site is not directed at or intended for children under the age of 18. We do not knowingly collect data from children.
YOUR RIGHTS
You have the following rights under UK data protection law:
-
Access to your data
-
Correction of inaccurate or incomplete data
-
Erasure (“right to be forgotten”) in certain circumstances
-
Objection to direct marketing and other uses
-
Restriction of processing
-
Data portability
-
Withdrawal of consent (for marketing or profiling)
-
Lodging a complaint with the ICO or your local authority
To exercise your rights, contact us via the details below.
CONTACT US
If you have any questions about this Privacy Policy or your data, you can contact:
If you would like to: access, correct, amend or delete any personal information we have about you, register a complaint, or simply want more information contact our Privacy Compliance Officer at info@kimmel.life or by mail at KIMMEL LIFE LIMITED, 85 Great Portland Street, First Floor, London, W1W 7LT.
Company number: 16257916