Effective Date: 10.01.2025
1. Introduction
Icon Velvet, operated by WatchOwl LTD (“we”, “our”, or “us”), is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you visit our website www.iconvelvet.com or use our services. We process your personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
2. Data Controller
WatchOwl LTD is the data controller responsible for your personal data.
[Insert full company details including registration number]
3. Information We Collect
We collect the following types of personal information:
- Contact information (name, email address, phone number, shipping address)
- Payment information (credit card details, billing address)
- Account information (username, password)
- Order history and preferences
- Browsing behavior and device information
- Any other information you provide to us voluntarily
4. How We Use Your Information
We use your personal information to:
- Process and fulfill your orders
- Communicate with you about your account and orders
- Provide customer support
- Personalize your shopping experience
- Improve our website and services
- Send promotional emails (with your consent)
- Prevent fraud and ensure security
- To comply with legal obligations
5. Legal Basis for Processing
We process your personal data on the following legal grounds:
- Performance of a contract when we provide you with products or services
- Your consent, particularly for marketing communications
- Our legitimate interests, which include improving our services and preventing fraud
- Compliance with legal obligations
6. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure, the purposes for which we process your personal data, and whether we can achieve those purposes through other means.
7. Your Rights
Under the UK GDPR, you have the following rights:
- Right to access your personal data
- Right to rectification of inaccurate data
- Right to erasure (‘right to be forgotten’)
- Right to restrict processing
- Right to data portability
- Right to object to processing
- Rights related to automated decision-making and profiling
To exercise these rights, please contact us using the details provided below.
8. Data Security
We implement appropriate technical and organizational measures to protect your personal information against unauthorized or unlawful processing, accidental loss, destruction, or damage. However, no method of transmission over the Internet or electronic storage is 100% secure, so we cannot guarantee absolute security.
9. International Transfers
We may transfer your personal data to countries outside the UK. When we do so, we ensure that appropriate safeguards are in place to protect your data and comply with our legal obligations.
10. Cookies
We use cookies to enhance your browsing experience. You can manage your cookie preferences through your browser settings. For more information, please see our Cookie Policy [Insert link].
11. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of any significant changes by posting the new Privacy Policy on this page and updating the “Last updated” date.
12. Contact Us
If you have any questions about this Privacy Policy or our data practices, please contact us at:
[Insert contact details including email, phone, and address]
13. Complaints
If you are unsatisfied with our response to any data privacy concern, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk).
This privacy policy aims to comply with the UK GDPR, the Data Protection Act 2018, and the Privacy and Electronic Communications Regulations (PECR). It provides transparency about data collection and processing practices, informs users of their rights, and establishes a clear framework for data protection compliance.