Privacy Policy

Lights & More Ltd
Effective Date: 24/04/2024

  1. WHO WE ARE

Lights & More Ltd (“we”, “our”, “us”) is a company registered in England and Wales.

Registered Office: 3 Churchill Avenue, Burstwick, Hull, HU12 9HF
Company Number: 15675177
VAT Registration Number: 511472522
Email: admin@lightsandmore.uk
Telephone: 07356140712

We are the data controller responsible for your personal data under the UK General Data Protection Regulation (UK GDPR).

  1. WHAT PERSONAL DATA WE COLLECT

When You Make a Purchase

When you place an order through our website, we collect:

  • Full name
  • Billing address
  • Delivery address
  • Email address
  • Telephone number
  • Order details
  • IP address
  • Payment information

Payments are processed securely via WooCommerce Payments (powered by Stripe) or bank transfer.

We do not store full card details on our website.

When You Create an Account

If you create an account, we collect:

  • Name
  • Address
  • Email
  • Phone number
  • Order history

When You Contact Us

If you contact us by form, email, or phone, we may collect:

  • Name
  • Email address
  • Phone number
  • Message details

Automatically Collected Information

When you use our website, we may collect:

  • IP address
  • Browser type
  • Device type
  • Pages visited
  • Time spent on the website
  1. HOW WE USE YOUR DATA

We use your personal data to:

  • Process and deliver orders
  • Process payments
  • Provide customer support
  • Manage your account
  • Prevent fraud
  • Comply with legal and tax obligations
  • Improve our website
  • Send marketing emails (only if you opt in)
  1. LEGAL BASIS FOR PROCESSING

Under UK GDPR, we rely on:

  • Contract (to fulfil your order)
  • Legal obligation (for tax and accounting requirements)
  • Legitimate interests (fraud prevention and business improvement)
  • Consent (for marketing communications)
  1. PAYMENT PROCESSING

Payments are processed via WooCommerce Payments (powered by Stripe) or direct bank transfer.

We do not have access to your full card details.

Stripe may process your data in accordance with their own privacy policy.

  1. DATA RETENTION

We retain:

  • Completed and refunded order records for 6 years (for HMRC compliance)
  • Inactive accounts for up to 6 years
  • Cancelled orders for up to 1 year
  • Failed or pending orders for up to 30 days
  • Contact enquiries for up to 12 months

We retain data only as long as necessary for legal and business purposes.

  1. YOUR RIGHTS

Under UK data protection law, you have the right to:

  • Access your personal data
  • Request correction of inaccurate data
  • Request deletion of your data
  • Object to processing
  • Restrict processing
  • Request data portability
  • Withdraw consent at any time

To exercise your rights, contact us at:
[Insert Email Address]

You may also lodge a complaint with the Information Commissioner’s Office (ICO).

  1. DATA SECURITY

We use appropriate security measures including:

  • SSL encryption
  • Secure hosting
  • Secure payment gateways
  • Restricted admin access
  1. INTERNATIONAL DATA TRANSFERS

Some third-party providers (such as Stripe) may process data outside the UK. Appropriate safeguards are in place to protect your data.

  1. CHANGES TO THIS POLICY

We may update this Privacy Policy from time to time. Updates will be posted on this page with a revised effective date.

Shopping Basket
Scroll to Top