Privacy Policy

LuxeShop London Ltd ("LuxeShop", "we", "us", or "our") is an e-commerce platform registered in England and Wales. We operate the website luxeshoplondon.co.uk and related services. Contact details: • Email: privacy@luxeshoplondon.co.uk • Address: LuxeShop London Ltd, London, United Kingdom We are committed to protecting your personal data and complying with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

We collect the following categories of personal data: Account & Identity Data: Name, email address, password (encrypted), account preferences. Transaction Data: Order history, items purchased, payment method type (we do not store full card details — payments are processed by Stripe and PayPal). Technical Data: IP address, browser type, device information, cookies, and usage data collected via analytics tools. Communication Data: Messages you send us via our contact form or email. We do not collect sensitive personal data (such as health, race, or political opinions).

We use your personal data for the following purposes: • To process and fulfil your orders and send order confirmations. • To manage your account and provide customer support. • To send transactional emails (order updates, shipping notifications). • To improve our website and services through analytics. • To comply with legal obligations. • To detect and prevent fraud. We will only send you marketing communications if you have explicitly opted in. You can unsubscribe at any time.

Under UK GDPR, we process your personal data on the following legal bases: • Contract Performance: Processing necessary to fulfil your orders. • Legitimate Interests: Improving our services, fraud prevention, and security. • Legal Obligation: Compliance with applicable laws and regulations. • Consent: Marketing communications (where you have opted in).

We share your data only with trusted third parties who help us operate our business: • Stripe & PayPal: Payment processing (subject to their own privacy policies). • Amazon & AliExpress: Affiliate referral links (we share only anonymised click data). • Vercel: Website hosting and infrastructure. • Email service providers: For transactional email delivery. We do not sell your personal data to any third party.

We use cookies to improve your experience on our website. These include: • Essential cookies: Required for the website to function (e.g., shopping cart, login session). • Analytics cookies: Help us understand how visitors use our site (e.g., Google Analytics). • Preference cookies: Remember your settings and preferences. You can control cookies through your browser settings. Disabling essential cookies may affect website functionality.

We retain your personal data for as long as necessary to fulfil the purposes outlined in this policy: • Account data: Retained while your account is active, and for 2 years after closure. • Transaction data: Retained for 7 years for legal and tax compliance. • Analytics data: Retained for 26 months. You may request deletion of your data at any time (subject to legal retention requirements).

You have the following rights regarding your personal data: • Right of Access: Request a copy of the data we hold about you. • Right to Rectification: Request correction of inaccurate data. • Right to Erasure: Request deletion of your data ("right to be forgotten"). • Right to Restriction: Request that we limit how we use your data. • Right to Data Portability: Receive your data in a structured, machine-readable format. • Right to Object: Object to processing based on legitimate interests. • Right to Withdraw Consent: Withdraw consent for marketing at any time. To exercise any of these rights, contact us at privacy@luxeshoplondon.co.uk. We will respond within 30 days.

We implement appropriate technical and organisational measures to protect your personal data, including: • 256-bit SSL/TLS encryption for all data in transit. • Encrypted password storage using bcrypt hashing. • Payment data handled exclusively by PCI DSS-compliant processors (Stripe and PayPal). • Regular security audits and access controls. In the event of a data breach that poses a risk to your rights, we will notify you and the Information Commissioner's Office (ICO) within 72 hours.

If you have concerns about how we handle your personal data, please contact us first at privacy@luxeshoplondon.co.uk. You also have the right to lodge a complaint with the UK Information Commissioner's Office (ICO): • Website: ico.org.uk • Helpline: 0303 123 1113

We may update this Privacy Policy from time to time. We will notify you of significant changes by email or by posting a notice on our website. The date of the latest revision is shown at the top of this page.