Privacy policy

Last updated: March 25, 2026

1. Introduction

This Privacy Policy explains how [Your Store Name] ("we," "us," or "our") collects, uses, and protects your personal information when you visit our website, make purchases, or interact with our services.

We are committed to protecting your privacy and complying with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Data Controller: Besso Brand
Registered Address: 
Contact Email: info@bessobrand.uk

ICO Registration Number: [Your ICO Registration Number]

2. Information We Collect

Personal Information You Provide

We collect information you voluntarily provide when you:

  • Create an account
  • Make a purchase
  • Subscribe to our newsletter
  • Contact our customer service
  • Leave product reviews
  • Participate in surveys or promotions

This may include:

  • Identity Data: Name, username, title, date of birth
  • Contact Data: Email address, postal address, telephone numbers
  • Financial Data: Payment card details, billing address
  • Transaction Data: Purchase history, order details, delivery preferences
  • Profile Data: Preferences, feedback, survey responses
  • Marketing Data: Your preferences for receiving marketing communications

Information We Collect Automatically

When you visit our website, we automatically collect:

  • Technical Data: IP address, browser type and version, device type, operating system
  • Usage Data: Pages visited, time spent on pages, click-through rates, download errors
  • Location Data: General location based on IP address
  • Cookie Data: Information collected through cookies and similar technologies

3. How We Use Your Information

We use your personal information for the following purposes:

Performance of Contract

  • Processing and fulfilling your orders
  • Managing your account
  • Providing customer support
  • Handling returns and refunds

Legitimate Interests

  • Improving our website and services
  • Analyzing customer behavior and preferences
  • Fraud prevention and security
  • Administrative purposes
  • Business development and planning

Legal Compliance

  • Compliance with tax and accounting obligations
  • Compliance with legal requests from authorities
  • Maintaining records as required by law

Consent (where applicable)

  • Sending marketing communications
  • Using non-essential cookies
  • Sharing data with third parties for marketing purposes

4. Legal Basis for Processing

We process your personal data under the following legal bases:

  • Contract: To fulfill our contractual obligations with you
  • Legal Obligation: To comply with legal requirements
  • Legitimate Interests: For business purposes that don't override your rights
  • Consent: Where you have given specific permission

5. Sharing Your Information

We may share your information with:

Service Providers

  • Payment processors (Stripe, PayPal, etc.)
  • Shipping and delivery companies (Royal Mail, DPD, etc.)
  • IT service providers and web hosting
  • Customer service platforms
  • Email marketing services
  • Analytics providers (Google Analytics)

Legal Requirements

We may disclose your information if required by law, court order, or government authority.

Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction.

6. International Transfers

Some of our service providers are located outside the UK/EU. When we transfer your data internationally, we ensure adequate protection through:

  • Adequacy decisions by the UK government
  • Standard Contractual Clauses
  • Certification schemes
  • Codes of conduct

7. Data Security

We implement appropriate technical and organizational measures to protect your personal data, including:

  • SSL encryption for data transmission
  • Secure payment processing
  • Regular security assessments
  • Staff training on data protection
  • Access controls and authentication
  • Regular data backups

8. Data Retention

We retain your personal data only as long as necessary for the purposes outlined in this policy:

  • Account Information: Until you delete your account or request deletion
  • Transaction Records: 7 years for tax and legal compliance
  • Marketing Data: Until you unsubscribe or object
  • Website Analytics: Up to 26 months
  • Customer Service Records: 3 years from last contact

9. Your Rights

Under UK GDPR, you have the following rights:

Right of Access

Request a copy of the personal data we hold about you.

Right to Rectification

Request correction of inaccurate or incomplete personal data.

Right to Erasure ("Right to be Forgotten")

Request deletion of your personal data in certain circumstances.

Right to Restrict Processing

Request limitation of how we use your personal data.

Right to Data Portability

Request transfer of your data to another organization.

Right to Object

Object to processing based on legitimate interests or for direct marketing.

Rights Related to Automated Decision Making

Right not to be subject to automated decision-making, including profiling.

Right to Withdraw Consent

Withdraw consent for processing based on consent (this doesn't affect prior processing).

10. How to Exercise Your Rights

To exercise any of your rights, contact us:

  • Email: info@bessobrand.uk

We will respond within one month of receiving your request. If your request is complex, we may extend this by up to two months and will inform you of any delay.

11. Cookies Policy

What Are Cookies

Cookies are small text files stored on your device when you visit websites.

Types of Cookies We Use

  • Essential Cookies: Required for website functionality
  • Performance Cookies: Help us analyze website usage
  • Functional Cookies: Remember your preferences
  • Marketing Cookies: Used for personalized advertising

Managing Cookies

You can control cookies through your browser settings. Note that blocking essential cookies may affect website functionality.

For detailed information about our cookie usage, please see our separate Cookies Policy.

12. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices of these external sites. Please review their privacy policies before providing any personal information.

13. Children's Privacy

Our services are not intended for children under 16. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

14. Marketing Communications

Email Marketing

We may send you marketing emails if you have:

  • Made a purchase and not opted out
  • Signed up for our newsletter
  • Consented to marketing communications

Unsubscribing

You can unsubscribe from marketing emails by:

  • Clicking the unsubscribe link in any marketing email
  • Logging into your account and updating preferences
  • Contacting us directly

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make significant changes, we will:

  • Post the updated policy on our website
  • Update the "Last Updated" date
  • Notify you via email if you have an account with us
  • Provide prominent notice on our website

16. Complaints

If you have concerns about how we handle your personal data, you can:

  1. Contact us directly using the details above
  2. File a complaint with the Information Commissioner's Office (ICO):
    • Website: ico.org.uk
    • Phone: 0303 123 1113
    • Post: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF

17. Contact Us

For any questions about this Privacy Policy or our data practices:

Email: info@bessobrand.uk