About Products 🖼️ Gallery ❓ FAQ ⭐ Reviews Contact ✨ Pre-Order
← Back to Home
🔏 Legal

Privacy & GDPR Policy

How we collect, use and protect your personal information.

📅 Last updated: 24 April 2026

Privacy & GDPR Policy

Last updated: 24 April 2026

1. Who We Are

Leila's Crafts is a small handmade crafts business. We take your privacy seriously and are committed to protecting your personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. Contact: hello@leilascrafts.com ---

2. What Data We Collect

When you submit a pre-order or leave a review on our website, we may collect the following personal information:
  • Your name
  • Your email address
  • Details of the products you are interested in
  • Any design descriptions or photos you voluntarily share with us
  • Your review content and star rating
---

3. How We Use Your Data

We use your personal data solely to:
  • Process and fulfil your pre-order request
  • Communicate with you about your order status
  • Display approved reviews on our website
  • Send you order confirmation and update emails
We do not use your data for marketing without your explicit consent. ---

4. Legal Basis for Processing

We process your personal data under the following lawful bases:
  • Contractual necessity — to process and fulfil your pre-order
  • Legitimate interests — to display approved reviews and communicate order updates
  • Consent — where you have opted in to receive communications
---

5. How Long We Keep Your Data

We retain personal data only for as long as necessary:
  • Pre-order information is kept for up to the time your pre-order is active after your order is completed your email address is deleted from the system
  • Review data (if approved for display) is kept until you request its removal
  • We will delete your data upon written request
---

6. Sharing Your Data

We do not sell, rent or share your personal data with third parties for marketing purposes. Your data may only be shared with:
  • Payment processors (for completing transactions)
  • Email service providers (solely to deliver your order communications)
All third parties are required to process your data securely and in accordance with applicable law. ---

7. Your Rights

Under UK GDPR, you have the right to:
  • Access the personal data we hold about you
  • Correct any inaccurate data
  • Erase your data (the right to be forgotten)
  • Restrict or object to processing
  • Portability — receive a copy of your data in a machine-readable format
  • Withdraw consent at any time where processing is based on consent
To exercise any of these rights, please contact us at hello@leilascrafts.com. We will respond within 30 days. ---

8. Cookies

Our website does not use tracking or advertising cookies. We may use essential session cookies to maintain basic website functionality. ---

9. Security

We take reasonable technical and organisational measures to protect your personal data against unauthorised access, loss or misuse. Our systems use HTTPS encryption for all data in transit. ---

10. Changes to This Policy

We may update this policy from time to time. The latest version will always be available on this page with the date it was last updated. ---

11. Contact & Complaints

If you have any concerns about how we handle your data, please contact us at hello@leilascrafts.com. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk or by calling 0303 123 1113.