Privacy Policy

Last updated: 3 August 2025

This Privacy Policy explains how Angela Taylor trading as Unicorn Browbands (“Unicorn Browbands”, “we”, “us”, “our”) collects, uses, shares and protects your personal data when you visit https://www.unicornbrowbands.com (the “Website”), purchase our products, or interact with us in any way.

We are committed to processing your information in accordance with:

• the UK General Data Protection Regulation (UK GDPR);
• the EU General Data Protection Regulation (EU GDPR);
• the Data Protection Act 2018; and
• the Privacy and Electronic Communications Regulations 2003 (PECR).

1 Who is the data controller?

Unicorn Browbands
2 Elm Grove, Scunthorpe, Lincolnshire DN16 2EP, United Kingdom
Email: angela@unicornbrowbands.com

2 What personal data do we collect?

Category	Examples
Identity Data	name, username or similar identifier, title.
Contact Data	billing and delivery address, email address, telephone number.
Transaction Data	details about payments to and from you and other details of products you have purchased.
Technical Data	IP address, login data, browser type and version, time‑zone setting, device identifiers, operating system and platform, other technology on the devices you use to access this Website.
Profile Data	your account username and password, purchase history, preferences, feedback and survey responses.
Usage Data	information about how you use our Website, products and services.
Marketing & Communications Data	your preferences in receiving marketing from us and our third parties.
Image Data	photos you upload when submitting custom design requests or reviews.

We do not intentionally collect special‑category data (e.g., health or biometric data) or data relating to children under 16.

3 How do we collect your data?

• Direct interactions you give us data when you place an order, create an account, subscribe to our newsletter, contact us by email or social media, fill in a form, or leave a review/comment.
• Automated technologies we collect Technical and Usage Data via cookies, server logs and similar technologies when you browse the Website.
• Third‑party sources payment providers (e.g., Klarna, ClearPay, AfterPay, PayPal, Stripe), analytics providers (e.g., Google Analytics), advertising networks (e.g., Meta Ads).

4 For what purposes and on what legal bases do we use your data?

Purpose	Data	Legal basis (Art. 6 UK/EU GDPR)
Process and deliver your order; provide after‑sales service	Identity, Contact, Transaction, Profile	Contract processing is necessary to perform the contract with you.
Manage payments, fees and charges; prevent fraud	Identity, Contact, Transaction, Technical	Contract & Legitimate Interest (fraud prevention).
Respond to enquiries, complaints or repair requests	Identity, Contact, Profile	Contract or Legitimate Interest (customer support).
Send service emails (order confirmation, dispatch notices, policy updates)	Identity, Contact	Contract & Legal Obligation.
Send marketing newsletters, special offers and style tips	Identity, Contact, Usage, Marketing & Comms	Consent (you may withdraw at any time).
Improve our Website, products, customer relationships and experiences	Technical, Usage, Profile	Legitimate Interest to keep our Website updated and relevant, to develop our business.
Administer the Website (troubleshooting, data analysis, testing, system maintenance, support, reporting)	Technical, Usage	Legitimate Interest (business efficiency, network security).
Comply with legal or regulatory requirements (tax, accounting)	Identity, Contact, Transaction	Legal Obligation.

Where we rely on Consent, you may withdraw it at any time via the link in marketing emails or by contacting us.

5 Cookies & similar technologies

Our Website uses cookies to:

• make the site work (strictly necessary cookies);
• remember your preferences (functionality cookies);
• analyse site traffic (analytical cookies);
• deliver personalised ads (marketing cookies).

On your first visit we display a cookie banner requesting your consent for non‑essential cookies. You can update your preferences at any time via the Cookie Settings link in the footer. For full details see our Cookie Policy.

6 Who do we share your data with?

We only share your data when necessary:

• Payment processors Stripe, PayPal, Klarna, ClearPay, AfterPay (payment and anti‑fraud checks).
• Delivery partners Royal Mail, Parcelforce, UPS, DHL (shipping labels, tracking).
• Analytics & marketing Google Analytics, Meta Platforms (Facebook/Instagram), Pinterest.
• IT & hosting web hosting.
• Professional advisers accountants, lawyers, insurers (regulatory or contractual obligations).
• Law enforcement or regulators where required by law.

We never sell your personal data.

7 International data transfers

Some of our service providers are located outside the UK/EEA (e.g. servers in the USA). When we transfer personal data internationally, we ensure an adequate level of protection by:

• relying on UK/EU adequacy decisions where available; or
• implementing the UK International Data Transfer Agreement (IDTA) or EU Standard Contractual Clauses (SCCs) with additional safeguards.

8 Data security

We use appropriate technical and organisational measures, including:

• HTTPS/SSL encryption;
• secure data centres with firewalls and intrusion detection;
• regular backups and malware scans. Despite our efforts, no online transmission is completely secure; you provide data at your own risk.

9 Data retention

We keep personal data only as long as necessary for the purposes set out above:

• Order records 7 years (accounting & tax obligations);
• Newsletter subscription until you unsubscribe;
• Abandoned carts 30 days;
• Support tickets 2 years after closure;
• Cookie data up to 26 months (Google Analytics) or as otherwise specified in our Cookie Policy.

We securely delete or anonymise data at the end of the retention period.

10 Your rights

Under UK/EU data‑protection law you have the right to:

1. Access  request a copy of your personal data.
2. Rectify  correct inaccurate or incomplete data.
3. Erase (“right to be forgotten”).
4. Restrict processing.
5. Data portability  receive your data in a structured, machine‑readable format.
6. Object to processing based on legitimate interests or direct marketing.
7. Withdraw consent at any time (where processing is based on consent).
8. Not be subject to automated decision‑making producing legal or significant effects.

To exercise any of these rights, email angela@unicornbrowbands.com. We will respond within one month. You may be asked for proof of identity.

If you believe we have not handled your data properly, you have the right to complain to the Information Commissioner’s Office (ICO) or, if you are in the EU, to your local supervisory authority.

11 Automated decision‑making & profiling

We do not engage in fully automated decision‑making that has legal or similarly significant effects. Fraud‑screening by payment providers may involve automated checks, but decisions are reviewed by humans where required by law.

12 Links to third‑party sites

Our Website may contain links to external sites. We are not responsible for their privacy practices. Please read their policies.

13 Children

This Website is not intended for children under 16. We do not knowingly collect data from children. If you believe a child has provided us with personal data, please contact us and we will delete it.

14 Changes to this Privacy Policy

We may update this Policy from time to time. Any changes will be posted on this page and, where appropriate, notified to you by email. Please check back regularly.

15 Contact us

Questions, requests or complaints?
Email: angela@unicornbrowbands.com
Post: Unicorn Browbands, 2 Elm Grove, Scunthorpe, DN16 2EP, UK

---

Effective date: 3 August 2025