top of page
Shop All
logo

Privacy Policy

Privacy Policy

Last updated: [Insert today’s date, e.g., 9 April 2026]

Organic Yard (“we”, “us”, or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you visit our website www.organicyard.co.uk, place an order (direct or wholesale), sign up for our email marketing list, or otherwise interact with us.

 

We are a UK-based small business selling handmade jewellery. This policy complies with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Information We Collect

We may collect the following categories of personal data:

  • Identity and Contact Data: Name, email address, postal address, telephone number, and (for wholesale customers) business name, company registration details, and contact person’s details.

  • Order and Transaction Data: Details of products you order, payment information (processed securely by our payment provider), delivery address, and order history.

  • Marketing and Communication Data: Your preferences for receiving marketing emails from us, and records of any communications we have with you.

  • Technical Data: IP address, browser type and version, device information, and cookies (see our separate Cookie Policy or section below for details).

  • Usage Data: Information about how you use our website and interact with our emails.

We do not collect special category (sensitive) personal data, such as health information.

2. How We Collect Your Data

We collect data in these ways:

  • Directly from you when you place an order on our website, contact us via email or form, sign up for our newsletter, or enquire about wholesale/B2B supply.

  • Automatically through cookies and similar technologies when you browse our site.

  • From third parties, such as payment processors or shipping carriers (only as necessary to fulfil your order).

3. How and Why We Use Your Personal Data (Lawful Basis)

We only process your personal data where we have a lawful basis to do so. The main bases we rely on are:

  • Performance of a contract — To process and fulfil your orders (direct consumer or wholesale), deliver jewellery, handle payments, and provide customer service.

  • Legitimate interests — To improve our website and services, respond to enquiries, maintain business records, and (for wholesale) manage B2B relationships. For marketing to existing customers about similar products, we may rely on soft opt-in where permitted.

  • Consent — For sending general marketing emails/newsletters (you can withdraw this at any time). We will always ask for clear consent when you sign up to our email list.

  • Legal obligation — To comply with tax, accounting, or other legal requirements.

Specific purposes include:

  • Processing and shipping your orders (consumer or to shops).

  • Managing our email marketing list and sending you news, offers, and updates about our handmade jewellery (only with consent or where legally allowed).

  • Responding to your enquiries and providing customer support.

  • Improving our website and understanding customer preferences.

  • Preventing fraud and complying with legal duties.

For B2B/wholesale customers: We may process contact details of individuals within businesses under legitimate interests to manage the commercial relationship. Corporate email addresses generally fall outside stricter direct marketing rules, but we still respect opt-out requests.

4. Sharing Your Personal Data

We may share your personal data with trusted third parties where necessary:

  • Payment processors (e.g., Stripe, PayPal, or similar) to handle transactions securely.

  • Shipping and fulfilment partners (e.g., Royal Mail, courier services) to deliver your orders.

  • Email marketing platforms (e.g., Mailchimp or similar) to manage our newsletter and send marketing emails.

  • Professional advisers (accountants, lawyers) or regulators where required by law.

  • In the event of a business sale or merger (with appropriate protections).

We do not sell your personal data to third parties for marketing purposes. All third parties are required to keep your data secure and process it only for the purposes we specify.

We do not transfer your data outside the UK or EEA unless appropriate safeguards (such as standard contractual clauses) are in place.

5. Cookies and Tracking Technologies

Our website uses cookies and similar technologies to enhance your experience, analyse traffic, and personalise content. You can manage your cookie preferences through your browser settings or our cookie banner.

For full details, please see our [Cookie Policy] (link it on your site if you have one; otherwise expand this section with your specific cookies).

6. Data Retention

We keep your personal data only as long as necessary for the purposes outlined above or as required by law (e.g., for tax records, usually 6–7 years). Marketing consents are reviewed regularly, and we delete or anonymise data when it is no longer needed.

7. Your Rights Under UK GDPR

You have the following rights regarding your personal data:

  • Right to access a copy of your data.

  • Right to rectification (correct inaccurate data).

  • Right to erasure (“right to be forgotten”).

  • Right to restrict processing.

  • Right to data portability.

  • Right to object to processing (including for direct marketing).

  • Right to withdraw consent at any time (where consent is the basis).

To exercise any of these rights, please contact us using the details below. We will respond within one month (or longer if legally permitted in complex cases).

You also have the right to complain to the UK’s supervisory authority, the Information Commissioner’s Office (ICO) at www.ico.org.uk.

8. Data Security

We take reasonable technical and organisational measures to protect your personal data from unauthorised access, loss, or misuse. This includes secure servers, encryption where appropriate, and limited access to data.

However, no internet transmission is completely secure, so we cannot guarantee absolute security.

 

9. Children’s Privacy

Our website and services are not intended for children under 18. We do not knowingly collect data from children.

10. Changes to This Privacy Policy

We may update this policy from time to time. The “Last updated” date at the top will be revised. We encourage you to review it periodically. Significant changes will be notified on our website or via email where appropriate.

11. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us: organicyardshop@gmail.com

bottom of page