PRIVACY POLICY

  1. WHO WE ARE.
    We are Sophie and Luna, LTD and we process your personal data as joint controllers. This means that we are jointly responsible for how we process and protect your data.
  2. WHAT WE USE YOUR DATA FOR.
    We will use your data (collected online or in person), among other purposes, to manage your order, and if you wish, to send you our customised communications.
  3. WHY WE USE YOUR DATA.
    We have legal standing to process your data for various reasons. The main reason is that we need to process your data to perform the contract that you accept with us when you agree to our T&C’s and when you make a purchase or enjoy any of our services or functionalities. We also use your data for other reasons, for example, to respond to your queries or to send you newsletters that you have asked to receive from us.
  4. WHO WE SHARE YOUR DATA WITH.
    We do not share your data with anyone.
  5. YOUR RIGHTS.
    You have the right to object to us using your data for any purpose after the purchase.
  6. HOW LONG WILL WE KEEP YOUR DATA?
    We will process your data for the time during which you remain a customer (meaning, until you decide to unsubscribe or cancel your subscription to the newsletter).
  7. DO WE SHARE YOUR DATA WITH THIRD PARTIES?
    No we don’t.
    DEFINITIONS AND INTERPRETATION
    In this Privacy Notice, the following terms shall have the following meanings for your understanding:

“Account”

means an account required to access and/or use certain areas and features of Our Site;

“Cookie”

means a small text file placed on your computer or device by Our Site when you visit certain parts of Our Site and/or when you use certain features of Our Site. Details of the Cookies used by Our Site are set out in section 13, below;

“Cookie Law”

means the relevant parts of the Privacy and Electronic Communications (EC Directive) Regulations 2003;

“personal data”

means any and all data that relates to an identifiable person who can be directly or indirectly identified from that data. In this case, it means personal data that you give to Us via Our Site. This definition shall, where applicable, incorporate the definitions provided in the EU Regulation 2016/679 – the General Data Protection Regulation (“GDPR”); and

“We/Us/Our”

means Nicki James Limited 15 Sanderling Close, East Tilbury, Essex RM18 8FF

8. WHAT DATA DO WE COLLECT?

We may collect some or all of the following personal data (this may vary according to your relationship with us outlined below):

When you visit https://www.sophieandluna.com/ we collect the following data with your consent;

  • Browser Location;
  • IP Address;
  • Which website you visited before the session;
  • Which website you visited after the session;
  • How long your session lasted;
  • Which pages you visited during your session.

When you visit https://www.sophieandluna.com/ and use the contact form to get in touch or sign up to our Newsletter we collect the further following data with your consent or based on a legitimate interest;

  • Name;
  • Email Address;

When you contact us using Social Media messaging apps ( for e.g; Facebook Messenger ) we collect the following data;

  • Social Media URL(s)

When you demonstrate an interest in using our services or enter into contract for services provided by us, we request to collect some or all of the following data;

  • Name;
  • Address;
  • Business address;
  • Email address;
  • Telephone number;
  • Business name;
  • Company registration details;
  • VAT number;
  • Job title;
  • Profession;
  • Payment information;
  • Social media details
  • Hosting provider details
  • Domain provider details

9. HOW AND WHERE DO WE STORE YOUR DATA?

9.1 We only keep your personal data for as long as We need to in order to use it as described above in section 6, and/or for as long as We have your permission to keep it.

9.2 Your data will only be stored in the UK.

9.3 Data security is very important to Us, and to protect your data We have taken suitable measures to safeguard and secure data collected through Our Site.

9.4 Steps We take to secure and protect your data include:

9.4.1 Our website search engine is powered by Relevanssi. Search queries and results are logged anonymously to help us improve our website and search functionality. No user-specific data is collected by either Nicki James Limited or any third party

9.4.2 We use Transport Layer Security (TLS) to encrypt and protect email traffic in line with government. If your email service does not support TLS, you should be aware that any emails we send or receive may not be protected in transit. We will also monitor any emails sent to us, including file attachments, for viruses or malicious software. Please be aware that you have a responsibility to ensure that any email you send is within the bounds of the law.

9.4.3 Our website contact forms are powered by third-party provider, Contact Form 7 and store no personal data. For more information, please see see Contact Form 7’s privacy notice.

9.4.4 We use Transport Layer Security (TLS) to encrypt and protect all direct email traffic in line with government. If your email service does not support TLS, you should be aware that any emails we send or receive may not be protected in transit. We will also monitor any emails sent to us, including file attachments, for viruses or malicious software. Please be aware that you have a responsibility to ensure that any email you send is within the bounds of the law.

9.4.5 We use a third party provider, MailChimp, to deliver our e-newsletters, content updates and offers. We gather statistics around email opening and clicks using industry standard technologies including clear gifs to help us monitor and improve our e-newsletter. For more information, please see Mail Chimp’s privacy notice.

9.4.7 Our website is built on the WordPress.org framework, but also uses some plugins and services hosted at WordPress.com, which is run by Automattic Inc. WordPress requires visitors that want to post a comment to enter a name and email address. For more information about how WordPress processes data, please see Automattic’s privacy notice.

9.4.8 We use third-party services Trello, Inc. and Dropbox International Unlimited Company to manage projects and collaborate with contractors when providing services (for e.g. web design and development services).

You can read more about Trello, Inc. Privacy Notice here and Dropbox International Unlimited Company’s Privacy Notice here.

10. OUR USE OF COOKIES

10.1 Our Site may place and access certain first party Cookies on your computer or device. First party Cookies are those placed directly by Us and are used only by Us. We use Cookies to facilitate and improve your experience of Our Site and to provide and improve Our products and services. We have carefully chosen these Cookies and have taken steps to ensure that your privacy and personal data is protected and respected at all times.

10.2 By using Our Site you may also receive certain third party Cookies on your computer or device. Third party Cookies are those placed by websites, services, and/or parties other than Us. Third party Cookies are used on Our Site for marketing and advertising services. For more details, please refer to section 6, above, and to section 13.6 below. These Cookies are not integral to the functioning of Our Site and your use and experience of Our Site will not be impaired by refusing consent to them.

10.3 All Cookies used by and on Our Site are used in accordance with current Cookie Law.

10.4 Before Cookies are placed on your computer or device, you will be shown a banner along the bottom of your screen requesting your consent to set those Cookies. By giving your consent to the placing of Cookies you are enabling Us to provide the best possible experience and service to you. You may, if you wish, deny consent to the placing of Cookies; however certain features of Our Site may not function fully or as intended. You will be given the opportunity to allow only first party Cookies and block third party Cookies.

10.5 Certain features of Our Site depend on Cookies to function. Cookie Law deems these Cookies to be “strictly necessary”. These Cookies are shown below in section 14.6. Your consent will not be sought to place these Cookies, but it is still important that you are aware of them. You may still block these Cookies by changing your internet browser’s settings as detailed below in section 14.10, but please be aware that Our Site may not work properly if you do so. We have taken great care to ensure that your privacy is not at risk by allowing them.

10.6 The following first party Cookies may be placed on your computer or device:

Name of Cookie

Identifier

Default Expiration Time

Purpose

Strictly Necessary

__utma Google Analytics 2 years from set/update

Used to distinguish users and sessions. The cookie is created when the javascript library executes and no existing __utma cookies exists. The cookie is updated every time data is sent to Google Analytics.

Yes

__utmt

Google Analytics 10 minutes

Used to throttle request rate.

Yes

__utmb

Google Analytics 30 mins from set/update

Used to determine new sessions/visits. The cookie is created when the javascript library executes and no existing __utmb cookies exists. The cookie is updated every time data is sent to Google Analytics.

Yes

__utmc

Google Analytics End of browser session

Not used in ga.js. Set for interoperability with urchin.js. Historically, this cookie operated in conjunction with the __utmb cookie to determine whether the user was in a new session/visit.

Yes

__utmz

Google Analytics 6 months from set/update

Stores the traffic source or campaign that explains how the user reached your site. The cookie is created when the javascript library executes and is updated every time data is sent to Google Analytics.

Yes

__utmv

Google Analytics 2 years from set/update

Used to store visitor-level custom variable data. This cookie is created when a developer uses the _setCustomVar method with a visitor level custom variable. This cookie was also used for the deprecated _setVarmethod. The cookie is updated every time data is sent to Google Analytics.

Yes

wp-settings-1

WordPress 1 year from set/update

WordPress also sets a few wp-settings-{time}-[UID] cookies. The number on the end is your individual user ID from the users database table. This is used to customize your view of admin interface, and possibly also the main site interface.

Yes

_fbp

Facebook Pixel 90

Yes

woocommerce_cart_hash

Woocommerce Session

Helps WooCommerce determine when cart contents/data changes.

Yes

woocommerce_items_in_cart

Woocommerce Session

Helps WooCommerce determine when cart contents/data changes.

Yes

wp_woocommerce_session_

Woocommerce 2 Days

Contains a unique code for each customer so that it knows where to find the cart data in the database for each customer.

Yes

woocommerce_recently_viewed

Woocommerce Session

Powers the Recent Viewed Products widget.

Yes

store_notice[notice id]

Woocommerce Session

Allows customers to dismiss the Store Notice.

Yes

_gid Google Analytics 1 Yes
_ga Google Analytics 730 Yes
acf_collapsed_{field_key} Advanced Custom Fields Storage Remembers the collapsed rows for a specific Repeater or Flexible Content field. Removed in favor of local storage since version 5.7. Yes

10.7 Our Site uses analytics services provided by Google. Website analytics refers to a set of tools used to collect and analyse anonymous usage information, enabling Us to better understand how Our Site is used. This, in turn, enables Us to improve Our Site and the products and services offered through it. You do not have to allow Us to use these Cookies, however whilst Our use of them does not pose any risk to your privacy or your safe use of Our Site, it does enable Us to continually improve Our Site, making it a better and more useful experience for you.

The Google Analytics privacy notice can be found here. You can learn more about how to opt-out of tracking in Google Analytics here.

10.8 The analytics service(s) used by Our Site use(s) Cookies to gather the required information.

10.9 In addition to the controls that We provide, you can choose to enable or disable Cookies in your internet browser. Most internet browsers also enable you to choose whether you wish to disable all cookies or only third party Cookies. By default, most internet browsers accept Cookies but this can be changed. For further details, please consult the help menu in your internet browser or the documentation that came with your device.

10.10 You can choose to delete Cookies on your computer or device at any time, however you may lose any information that enables you to access Our Site more quickly and efficiently including, but not limited to, login and personalisation settings.

10.11 It is recommended that you keep your internet browser and operating system up-to-date and that you consult the help and guidance provided by the developer of your internet browser and manufacturer of your computer or device if you are unsure about adjusting your privacy settings.

10.12 We may utilize social media and web advertising campaigns. These service providers use cookies on our sites and/or pixel tracking to serve ads across the different platforms.