Effective Date: 4 December 2023 (Last Updated: 10 June 2025)
Bayley Sage (“we,” “us,” or “our”) is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you visit or make a purchase on https://bayley-sage.co.uk/ (the “Site”).
1. Information We Collect
1.1 Personal Data You Provide
- Account Registration: Name, email address, billing/shipping address, phone number, password.
- Orders & Transactions: Payment details (e.g., credit card number, billing address), order history, communication preferences.
- Customer Support & Correspondence: Messages, feedback, inquiries you submit.
- Marketing & Promotions: When you sign up for newsletters or participate in promotions, surveys, or contests.
1.2 Usage Data Collected Automatically
- Device & Browser Information: IP address, browser type/version, operating system, device identifiers.
- Activity Data: Pages viewed, links clicked, referral URL, date/time stamps, and other analytics data.
- Cookies & Tracking: For details, please see our separate Cookie Policy.
2. Legal Basis for Processing
We process your personal data under the following legal bases under UK GDPR:
- Performance of a Contract: Processing necessary to fulfil our obligations under your purchase agreement (e.g., to process payments and deliver goods).
- Legitimate Interests: Pursuing our business interests (e.g., improving Site functionality, preventing fraud, ensuring IT security), provided your rights do not override those interests.
- Consent: Where you have explicitly opted in (e.g., marketing emails). You may withdraw consent at any time via the link in our emails or by contacting us.
- Legal Obligation: Compliance with laws and regulations (e.g., tax and accounting requirements).
3. How We Use Your Data
We use the collected data to:
- Process and ship your orders, manage your account, and communicate with you.
- Provide customer support and respond to inquiries or complaints.
- Improve our products, services, and Site experience through analytics.
- Send you marketing communications, where permitted, about new products, promotions, and events.
- Detect, prevent, and investigate fraud or other unlawful activities.
- Comply with legal obligations.
4. Data Retention
We retain personal data only as long as necessary for the purposes outlined, including to satisfy legal, regulatory, tax, accounting, or reporting requirements:
- Order & Transaction Data: Retained for a minimum of six (6) years to comply with UK tax law.
- Account Information: Retained while your account is active and up to two (2) years following account deletion to prevent fraud.
- Marketing Data: Retained until you unsubscribe or withdraw consent.
- Support Records: Retained for up to three (3) years after case closure to assist with future inquiries.
After the retention period, personal data is securely deleted or anonymised.
5. Cookies & Tracking Technologies
We use cookies and similar tools to enhance your experience. For comprehensive details, including how to manage or disable cookies, please refer to our Cookie Policy.
6. Third-Party Disclosures
We may share your personal data with:
- Service Providers: Payment processors (e.g., Stripe, PayPal), shipping carriers, email and marketing platforms, IT and hosting providers.
- Professional Advisors: Accountants, auditors, legal counsel.
- Regulatory & Law Enforcement Authorities: As required by applicable law or to protect our rights.
All third parties process data under our instructions and are bound by confidentiality and security obligations.
7. International Data Transfers
Some service providers are located outside the UK/EEA. We ensure adequate protection by:
- Relying on Adequacy Decisions for transfers to countries recognised by the UK as providing adequate protection.
- Implementing Standard Contractual Clauses with processors in other jurisdictions.
- Using Binding Corporate Rules for intra-group transfers, where applicable.
To request details of our transfer safeguards, contact us at service@bayley-sage.co.uk.
8. Security Measures
We employ appropriate technical and organisational safeguards, including:
- Encryption: TLS (HTTPS) for data in transit; encryption at rest for sensitive data where practicable.
- Access Controls: Role-based access for authorised personnel only.
- Security Testing: Regular vulnerability assessments and penetration tests.
- Incident Response: Procedures to detect, manage, and notify relevant parties of any data breaches.
9. Your Rights
Under UK GDPR, you have the right to:
- Access: Obtain a copy of your personal data.
- Rectification: Correct inaccurate or incomplete data.
- Erasure: Request deletion of personal data (subject to legal obligations).
- Restrict Processing: Limit how we use your data.
- Data Portability: Receive your data in a machine-readable format.
- Object: Object to processing based on legitimate interests or direct marketing.
- Withdraw Consent: Withdraw consent where processing is based on consent.
To exercise any right, email us at service@bayley-sage.co.uk with the subject line “Data Subject Request”. We will respond within one calendar month.
10. Children’s Privacy
Our services are not intended for individuals under 18. We do not knowingly collect personal data from children under 18 without verified parental or guardian consent. If you believe we have collected data from a minor, please contact us at service@bayley-sage.co.uk, and we will promptly delete the information.
11. Automated Decision-Making & Profiling
We may use automated processes to analyse data for product recommendations and site personalisation. We do not make decisions with legal or similarly significant effects based solely on automated processing without explicit consent. You may request human review by contacting service@bayley-sage.co.uk.
12. Changes to This Privacy Policy
We may update this policy periodically. When material changes occur, we will:
- Post the updated policy here with a new “Last Updated” date.
- Notify you via email if you are subscribed to our mailing list.
Please review this policy regularly to stay informed of our practices.
Contact Us For questions or concerns about this Privacy Policy, email us at service@bayley-sage.co.uk.
Related Policies