Privacy policy

 

Privacy Policy (UK & EU GDPR)

1. Who We Are

Petite Belle (“we”, “us”, “our”) is the data controller responsible for your personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and, where applicable, the EU General Data Protection Regulation (EU GDPR).

If you have any questions about this policy or how we handle your personal data, please contact us at hello@petite-belle.com.

2. Personal Data We Collect

When you make a purchase or attempt to make a purchase through our store, we collect certain personal information including your name, billing address, shipping address, email address, telephone number, and payment-related details.

When you browse our website, we automatically collect certain technical information about your device, including your IP address, browser type, operating system, and usage data. This helps us improve website functionality and user experience.

With your consent, we may also collect your email address for marketing communications.

We do not store or have access to your full credit or debit card details.

3. Lawful Basis for Processing

Under UK/EU GDPR, we process your personal data on the following lawful bases:

  • Contractual necessity – to process orders, payments, deliveries, returns, and exchanges

  • Legal obligation – to comply with tax, accounting, and consumer law requirements

  • Legitimate interests – to improve our website, prevent fraud, and provide customer support

  • Consent – for marketing communications and optional cookies

You may withdraw consent at any time where processing is based on consent.

4. Marketing Communications

With your permission, we may send you marketing emails about our store, new products, and promotions.

You may opt out of marketing communications at any time by:

5. Disclosure of Personal Data

We do not sell or rent your personal data.

We may share your personal data with trusted third parties only where necessary, including:

  • Payment processors

  • Delivery and logistics partners

  • Website hosting and e-commerce providers (e.g. Shopify)

We may also disclose personal data where required to do so by law or to protect our legal rights.

6. Shopify

Our store is hosted by Shopify Inc., which provides the e-commerce platform that allows us to sell our products.

Your data is stored securely through Shopify’s servers, databases, and applications, protected by industry-standard security measures including firewalls.

Shopify may process your personal data outside of the UK or EU. Where this occurs, appropriate safeguards (such as Standard Contractual Clauses) are used to protect your data in accordance with GDPR requirements.

7. Payments

If you choose a direct payment method, Shopify securely processes your payment details in accordance with the Payment Card Industry Data Security Standard (PCI-DSS).

Transaction data is retained only for as long as necessary to complete your purchase and meet legal or accounting obligations.

8. Third-Party Service Providers

Third-party providers engaged by us will only process your personal data to the extent necessary to perform their services.

Some providers may operate outside the UK or EU. In such cases, your data may be transferred internationally and will be protected by appropriate legal safeguards.

Once you leave our website or are redirected to a third-party website or application, this Privacy Policy no longer applies.

9. Cookies

We use cookies to ensure our website functions correctly and to enhance your browsing experience.

Cookies used on our website may include:

  • Session and security cookies

  • Analytics and performance cookies

  • Cart and checkout functionality cookies

You can manage or disable cookies through your browser settings. For more information, please refer to our Cookie Policy (if applicable).

10. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, including legal, accounting, or reporting requirements.

11. Your Rights Under UK & EU GDPR

You have the right to:

  • Access the personal data we hold about you

  • Request correction of inaccurate or incomplete data

  • Request deletion of your personal data

  • Object to or restrict processing

  • Request data portability

  • Withdraw consent at any time

To exercise your rights, please contact us at hello@petite-belle.com.

If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO) (UK) or your local EU data protection authority.

12. Security

We take appropriate technical and organisational measures to safeguard your personal data against loss, unauthorised access, misuse, or disclosure.

Despite these measures, no method of transmission over the internet is entirely secure.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect legal, operational, or regulatory changes.

Any updates will take effect immediately upon posting on this page.

14. Contact Us

If you have questions, concerns, or requests relating to this Privacy Policy or your personal data, please contact us at:

Email: hello@petite-belle.com