top of page

Privacy Policy – Lady Ginger Lust


Introduction

Lady Ginger Lust is committed to protecting your privacy and ensuring compliance with the UK GDPR. This policy outlines how we handle your personal data responsibly.


Who We Are

Lady Ginger Lust operates an online retail store specialising in bespoke and intimate products.

What Personal Data We Collect

We collect the following types of personal data:

  • Names and Contact Details: For order fulfilment and customer service.

  • Addresses: To process deliveries.

  • Date of Birth: To verify age restrictions on certain products.

  • Purchase or Account History: To manage customer preferences and loyalty programmes.

  • Payment Details: Including card or bank details for order processing.

  • Website User Information: Including cookie tracking for site functionality.

  • Identification Documents: For age verification where necessary.

  • Sex Life & Sexual Orientation Information: If relevant to product preferences.


How We Use Your Data

We use personal data for:

  • Providing Goods & Services: Order processing and fulfilment.

  • Customer Account Management: Managing purchases, returns, and loyalty programmes.

  • Legal Compliance: Verifying customer age and preventing fraud.

  • Marketing & Promotions: Sending relevant offers and updates with consent.


Lawful Bases for Processing

We process personal data based on:

  • Contract: To fulfil product purchases and services.

  • Legal Obligation: To comply with age verification and fraud prevention requirements.

  • Legitimate Interests: To personalise customer experiences and improve services.

  • Consent: Required for marketing communications and processing sensitive data (e.g., sexual preferences).


Data Security

We apply security measures to protect data:

  • Encryption: Secure storage of payment and personal details both in transit and at rest.

  • Strong Passwords: Ensuring that passwords may not be easily guessed or otherwise compromised.

  • MFA (Multi-Factor Authentication): Enforced for accessing systems containing sensitive customer data, ensuring security, even if credentials are compromised.

  • Strict Access Controls: Ensuring only authorised staff can process customer orders.


Sub-Processors and Third Parties

We use the following systems to process personal data:

  • Wix: For website operations and online store management.

  • Payment Gateway Providers: To securely process transactions.


Data Retention

We retain purchase records for 6 years to comply with tax laws. Customer accounts remain active until a deletion request is made.
 

International Data Transfers

As Wix may store data outside the UK, we ensure data is protected using Standard Contractual Clauses (SCCs).
 

Your Rights Under UK GDPR

You have the right to:

  • Access, update, or delete your data.

  • Withdraw consent for marketing communications.

  • Object to processing under legitimate interests.

To exercise these rights, please contact us.


How to Complain to the ICO

If you are concerned about how we use your data, you can lodge a complaint with the ICO:

  • Website: www.ico.org.uk

  • Phone: 0303 123 1113

  • Post: ICO, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF


Effective Date: March 2025

 

bottom of page