Privacy policy
1. Who We Are
Vitgem Ltd ("we", "us", "our") is the data controller responsible for your personal data.
- Company name: Vitgem Ltd
- Company number: 15158708 (England and Wales)
- Registered address: Office 2309ij, 182-184 High Street North, East Ham, London, E6 2JA, England
- Email: privacy@vitgem.co.uk
- ICO registration number: 00013560391
2. What Data We Collect
We collect personal data when you interact with our website and services:
Data you provide directly
- Order information: name, email, phone number, delivery and billing address, payment details
- Account information: email address, password (encrypted)
- Communications: messages you send us via email or contact forms
- Newsletter: email address when you subscribe
- Reviews: name, review text, rating
Data collected automatically
- Technical data: IP address, browser type and version, operating system, device type
- Usage data: pages visited, time on site, referral source, click behaviour
- Cookie data: see our Cookie Policy for details
3. How We Use Your Data
We process your personal data on the following lawful bases under UK GDPR:
| Purpose | Lawful Basis |
|---|---|
| Process and fulfil your orders | Contract performance |
| Send order confirmations and shipping updates | Contract performance |
| Process payments securely | Contract performance |
| Manage subscriptions (Subscribe & Save) | Contract performance |
| Respond to your enquiries | Legitimate interest |
| Send marketing emails and offers | Consent (you can opt out at any time) |
| Improve our website and products | Legitimate interest |
| Prevent fraud | Legitimate interest |
| Comply with legal obligations (tax, accounting) | Legal obligation |
4. Who We Share Your Data With
We only share your data with trusted third parties who help us run our business:
- Shopify: our e-commerce platform โ processes orders, payments and hosting (Shopify Privacy Policy)
- Payment providers: Shopify Payments (Stripe), PayPal โ to process your payments securely
- Delivery partners: Royal Mail, DPD or other couriers โ to deliver your orders
- Klaviyo: email marketing platform โ to send newsletters and order-related emails
- Google Analytics: website analytics โ to understand how visitors use our site
- Meta (Facebook/Instagram): advertising โ only if you consent to marketing cookies
- Judge.me: reviews platform โ to collect and display product reviews
We do not sell your personal data to any third party.
5. International Data Transfers
Some of our service providers (Shopify, Klaviyo, Google) are based outside the UK. Where data is transferred internationally, we ensure appropriate safeguards are in place, including:
- UK adequacy decisions
- Standard Contractual Clauses (SCCs) approved by the ICO
- The International Data Transfer Agreement (IDTA)
6. How Long We Keep Your Data
- Order data: 6 years from the date of your last order (for tax and legal compliance)
- Account data: until you request deletion or close your account
- Marketing data: until you unsubscribe
- Analytics data: 26 months (Google Analytics default retention)
- Support correspondence: 2 years from last contact
7. Your Rights Under UK GDPR
You have the following rights regarding your personal data:
- Access โ request a copy of the data we hold about you
- Rectification โ ask us to correct inaccurate data
- Erasure โ ask us to delete your data ("right to be forgotten")
- Restriction โ ask us to limit how we process your data
- Portability โ request your data in a machine-readable format
- Objection โ object to processing based on legitimate interest
- Withdraw consent โ where processing is based on consent, you can withdraw it at any time
To exercise any of these rights, email us at privacy@vitgem.co.uk. We will respond within 30 days.
8. Cookies
Our website uses cookies to provide essential functionality, analyse traffic and personalise your experience. When you first visit our site, you can choose which cookie categories to accept:
- Strictly necessary: required for the website to function (cart, checkout, login) โ always active
- Analytics: help us understand how visitors use our site (Google Analytics)
- Marketing: used to deliver relevant advertisements (Meta Pixel)
You can change your cookie preferences at any time using the cookie settings link in our website footer.
9. Children's Privacy
Our products and website are not intended for children under 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us at privacy@vitgem.co.uk and we will delete it promptly.
10. Data Security
We take appropriate technical and organisational measures to protect your personal data, including:
- SSL/TLS encryption on all pages
- PCI DSS compliant payment processing (via Shopify Payments)
- Restricted access to personal data on a need-to-know basis
- Regular review of our security practices
11. Changes to This Policy
We may update this Privacy Policy from time to time. The "Last updated" date at the top of this page will be revised accordingly. We encourage you to review this policy periodically.
12. How to Complain
If you are unhappy with how we have handled your personal data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):
- Website: ico.org.uk/make-a-complaint
- Phone: 0303 123 1113
We would appreciate the chance to address your concerns first โ please email us at privacy@vitgem.co.uk before contacting the ICO.
13. Contact Us
For any questions about this Privacy Policy or how we handle your data:
- Email: privacy@vitgem.co.uk
- Post: Vitgem Ltd, Office 2309ij, 182-184 High Street North, East Ham, London, E6 2JA