Maintaining your privacy is really important to us. You entrust us with your information, and
we take that responsibility seriously.
business and practices, and so you should review this page periodically. When we change
the policy in a material manner we will let you know and update the ‘last updated’ header as
This policy was last updated on 22.06.2020 in line with GDPR requirements. It may be
updated in the future and we will post the new version here on our website. We will never
deviate from our overall philosophy of maintaining your privacy, though.
1. General Information
At TillyBoo’s we take security and privacy seriously. This Privacy
carefully to understand how we will treat your personal data.
2. What information we collect about you
Your personal data
When we say your “personal data”, we mean any information that identifies any person that
you provide to us.
Your “personal data”; may also be contained in information that we collect about you in
connection with your order or otherwise interact with us for example by electronic mail.
When it comes to your personal data, we comply with our obligations under the General
Data Protection Regulation and any other applicable data protection legislation from time to
Your personal data includes the information you provide, on the TillyBoo’s
website (including any forms you complete), or during an electronic mail enquiry about you.
Examples of this personal data include your name, your email address, address including
postcode which you provide to us when you set up an account and subsequently amend in
the My Account section when you go to checkout; and any correspondence when you
We do not knowingly collect or solicit any personal data from anyone under the age of
sixteen or knowingly allow such persons to purchase goods from us. TillyBoo’s is
not directed at children under the age of sixteen. In the event that we learn that we have
collected personal data from a child under age sixteen without verification of parental
consent, we will delete that information as quickly as possible.
Information we collect – We collect information about your website usage, to improve our
service and to understand trends to enhance and customize our website. Some of this data
may be “personal data”, where it identifies a person. Here’s the information that we collect
and how we use it:
- We monitor patterns of usage, such as abandoned cart data, so we can understand how what people are interesting in buying from TillyBoo’s to develop and improve our products and understand customer behaviour.
- TillyBoo’s does not store any credit card data. When payments are processed via credit card, TillyBoo’s uses third-party vendors that are PCI-DSS compliant. At no point does TillyBoo’s have access to your credit card information. For further information on how we meet industry standards for credit card information security visit https://freewebstore.com/PCI_compliance.html.
3. How we use the information we collect
We use your personal data for legitimate business reasons, for example email you when
your order has been received. It will also enable us to contact you by email, fax, post, SMS,
social media or telephone where necessary concerning TillyBoo’s or an order you
have placed; to record your personal preferences; to personalize our services to you (such
as by pre-populating fields to make it easier for you to provide information when you return
to TillyBoo’s. It will also enable us to produce reports you request as part of the
services we provide.
Contacting you for Marketing Purposes – We may use your personal data to contact you
by email, fax, post, SMS, social media and/or telephone to let you know about our other and/or third-party services, content, offers or product ranges which may be
of interest to you. We will only use your data in this way where you have provided consent,
we have legitimate business reasons for doing so, or where we are otherwise entitled by law
to do so. If you would like us to stop providing you with such notifications, just contact us
using the details in Section “How to Contact Us” at the end of this policy. Please note, this
may take up to one working day to take effect. To stop receiving emails from TillyBoo’s
itself, you should cancel your TillyBoo’s account or unsubscribe from our
We may further use, or permit selected third parties to use, your personal data to enable us
to track and analyse TillyBoo’s website traffic and visitor trends, improve your
browsing experience and to personalize and enhance the content and advertising we
Legal Requirements – We may use your personal data to comply with any legal obligations
to which we are subject.
4. Why do we use your personal data?
We collect and use your personal data for a variety of reasons. We need some data to enter
into and perform our contract with you. The lawful basis for processing your personal data is
Consent as you have consented to provide your personal details to us to allow us to provide
a service to you. If you fail to provide such data we will be unable to provide our service to
Other information we collect because we have legitimate business interests, for example, in:
- Fulfilling your order and providing updates on the order.
- Understanding how our customers use our products, services and websites;
- Understanding and responding to customer feedback;
- Researching and analysing the services our customers want;
- Improving our product and better understanding how our customers use it.
5. How we share information we collect
Except as described in this policy, TillyBoo’s does not divulge any personal
information gathered via its services to third parties.
We may share your personal data with third parties in certain circumstances:
- We may disclose your data to any member of our group (which means our subsidiaries or our ultimate holding company);
- in the event that we, our business, or substantially all of its assets are acquired by a third party (in which case personal information about customers will be one of the transferred assets);
- if we are under a duty to disclose or share your personal in order to comply with any legal obligation; to cooperate with law enforcement officials in the investigation of unlawful activities of TillyBoo’s website users or relating to TillyBoo’s users; or in order to enforce or apply any contract with you; or to protect our rights, property, or safety of our employees, customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection or unlawful activity.
We also utilize a number of carefully selected third parties to help provide our services to
you. Examples of these functions include website creation and hosting, email, providing
marketing assistance and data analysis, data management, handling credit card transactions
and providing customer service. In choosing to work with any such third parties, we will
always ensure that the security policies and confidentiality arrangements of those third
parties adhere to the same requirements we ourselves impose and expect, as a minimum.
No ownership rights to the data will be transferred to any third party.
Sub-processors we use:
for website design,
hosting and data
|Shop email account.|
|Links to shop domain|
and Facebook shop
|Messenger||Chat function on|
6. How long do we store your data for?
We only store your data for as long as necessary for the purposes of processing set out in
Data Retention Policy
|Category|| What personal|
information is kept?
|How long is it kept for?|
|Order Data||Name, email, address||1 month|
|Invoice’s||Name, email, address||1 year|
|My Account||Name, email, address||Active until user unsubscribes or |
makes an individual request
|Newsletter subscriptions||Email address||Active until user|
7. How to access and control your information
You are free to change your personal details in the My Account section of your account at
any time, if you have set up an account with us.
You can also ask us for a copy of your personal data that we hold. We may ask for proof of
your identity before providing any information and reserve the right to refuse to provide
information requested if identity is not established. Please see “Your Individual Rights”
below. Generally, we will retain your personal data for a reasonable period, or for as long as
the law requires.
Your individual rights
7.1. Access to your personal data: You can ask us to confirm if we are processing your
personal data and you may request a copy of your personal data by contacting us.
See Section “How to Contact Us” at the end of this policy.
7.2. Right to change or withdraw your consent: Where you have given us consent to
make use of your personal data for any of the purposes outlined in this policy, you
may withdraw that consent at any time by contacting us using the details located at
Section “How to Contact Us” at the end of this policy. If you wish to change your
contact preferences or no longer wish to be contacted for marketing purposes, use
the Unsubscribe link in the email or get in touch. See Section “How to Contact Us” at
the end of this policy.
7.3. Right to Rectification: You may ask us to update out of date or inaccurate
information we hold about you. To do so, please log on to your TillyBoo’s
account and update your information or get in touch using the details at Section “How
to Contact Us” at the end of this policy.
7.4. Right to Erasure: In certain circumstances you may ask us to erase your Personal
Data. If you would like us to erase the personal data we hold about you, please get in
touch using the details at Section “How to Contact Us” at the end of this policy
7.5. Right to Data Portability: In certain circumstances you may ask us to provide you
with the personal data that we hold about you in a structured, commonly used,
machine readable form, or ask for us to send such personal data to another data
7.6. Right to object: In certain circumstances you may object to our processing of your
personal data. Please get in touch using the details at Section “How to Contact Us” at
the end of this policy.
7.7. Right to restrict processing: You can ask us to restrict the processing of personal
data we hold about you in certain circumstances. Please get in touch using the
details at Section “How to Contact Us” at the end of this policy.
7.8. Make a complaint: You may make a complaint about our data processing activities,
please contact us. See Section “How to Contact Us” at the end of this policy.
7.9. Getting in touch: To make enquiries and/or to exercise any of your rights in this
We may send a small file to your computer when you visit our website. This will enable us to
identify your computer, track your behaviour on our website and to identify your particular
collect and store personal data. We do not automatically log data or collect data you
specifically provide to us. You can set your computer browser to reject cookies but this may
preclude your use of certain parts of this website. You can do this by changing your browser
settings via the Help section of your browser.
9. Data security
We take security and privacy seriously. We will endeavour to take all reasonable steps to
keep your personal data secure once it has been transferred to our systems. We adopt
appropriate, industry standard data collection, storage and processing practices and security
measures to protect against unauthorised access, alteration, disclosure or destruction. For
more information how we keep our online data safe, visit
10. How to Contact Us
personal or financial data, please contact Tillyboos.firstname.lastname@example.org or alternatively write to: TillyBoo’s, 2 Rose Villas, Cromwell Road, Ringsfield, Suffolk, NR34 8LQ