Privacy Policy – Blemnon
Legal

Privacy Policy

We take your privacy seriously. This policy explains what data we collect, how we use it, and the rights you have over your personal information.

Last updated: 24 June 2025
Jurisdiction: UK GDPR
Controller: Blemnon Ltd
help@blemnon.co.uk
Table of Contents
01. Who We Are 02. Data We Collect 03. How We Use It 04. Data Sharing 05. Cookies 06. Security 07. Retention 08. Your Rights 09. International Transfers 10. Children 11. Policy Changes 12. Contact Us

1. Who We Are

Blemnon Ltd ("Blemnon", "we", "our", "us") operates the website blemnon.co.uk and is the data controller responsible for your personal data.

Our registered address is 7 Coronation Road, London, NW10 7PQ, United Kingdom. We are subject to the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

If you have any questions about this policy or about how we handle your data, contact our team at help@blemnon.co.uk.

2. Data We Collect

We collect personal data in the following ways:

CategoryExamplesSource
IdentityFirst name, last name, usernameYou provide it
ContactEmail address, phone number, billing/shipping addressYou provide it
TransactionOrder details, payment method type, purchase historyGenerated when you shop
TechnicalIP address, browser type, device info, pages visitedAutomatically via cookies
CommunicationsMessages sent via contact form, email exchangesYou provide it
MarketingEmail preferences, communication opt-insYou provide it / inferred
We never store full payment card details. All payment processing is handled by PCI-DSS-compliant providers (Stripe, PayPal). We only receive a transaction confirmation and last-4-digits reference.

3. How We Use Your Data

We use your personal data on the following legal bases and for the following purposes:

  • Contract performance — processing your orders, arranging delivery, managing returns and refunds, sending order confirmations and shipping updates.
  • Legitimate interests — preventing fraud, maintaining website security, improving our services, understanding customer behaviour through analytics.
  • Consent — sending you marketing emails or SMS messages where you have opted in. You can withdraw consent at any time.
  • Legal obligation — retaining records for tax, accounting, and regulatory compliance (e.g., HMRC requirements).
  • Customer support — responding to queries and complaints submitted via our contact form or email.

We will never use your data for automated decision-making that produces significant legal effects without your explicit consent.

4. Data Sharing & Third Parties

We do not sell your personal data. We share data only where necessary with trusted third-party service providers who act as data processors under our instructions:

  • Payment processors — Stripe Inc., PayPal, Klarna (secure payment handling).
  • Shipping partners — Royal Mail, DPD, FedEx, USPS (order fulfilment and delivery).
  • E-commerce platform — WooCommerce / WordPress (our website and order management).
  • Email marketing — Mailchimp or Klaviyo (only if you have opted in to marketing communications).
  • Analytics — Google Analytics (anonymised usage data to improve our website).
  • Customer support — Help desk tools used to manage and respond to support tickets.

We may also disclose your data to law enforcement or regulatory authorities if required by law, or to protect the rights and safety of our customers.

5. Cookies & Tracking

We use cookies and similar tracking technologies on our website. Cookies are small text files placed on your device that help us provide a better experience.

Cookie TypePurposeCan Opt Out?
EssentialShopping cart, login sessions, security tokensNo — required for site function
AnalyticsPage views, traffic sources, user behaviour (anonymised)Yes — via cookie banner
MarketingRemarketing ads, conversion tracking (Google, Meta)Yes — via cookie banner
PreferencesLanguage, currency, display settingsYes — via browser settings

You can manage cookie preferences through our cookie banner (shown on first visit) or via your browser settings. Disabling essential cookies may affect your ability to shop on our site.

6. Security

We implement appropriate technical and organisational measures to protect your data against unauthorised access, loss, or alteration, including:

  • SSL/TLS encryption for all data transmitted between your browser and our servers.
  • Access controls ensuring only authorised personnel can access personal data.
  • Regular security assessments and software updates.
  • PCI-DSS-compliant payment processing — we never handle raw card data.
In the unlikely event of a data breach that poses a risk to your rights and freedoms, we will notify you and the ICO within 72 hours of becoming aware of the breach.

7. Data Retention

We keep your personal data only for as long as necessary to fulfil the purposes for which it was collected, including legal, accounting, or reporting requirements.

Data TypeRetention Period
Order & transaction records7 years (HMRC legal requirement)
Account informationDuration of account + 2 years after last activity
Support / contact enquiries2 years from last communication
Marketing preferencesUntil you withdraw consent or unsubscribe
Analytics / technical data26 months (Google Analytics default)

When data is no longer required, it is securely deleted or anonymised so it can no longer be associated with you.

8. Your Rights

Under the UK GDPR you have the following rights regarding your personal data. You can exercise these rights at any time by contacting us:

Right of AccessRequest a copy of the personal data we hold about you (Subject Access Request).
Right to RectificationAsk us to correct inaccurate or incomplete personal data.
Right to ErasureRequest deletion of your data where no legal basis exists to retain it.
Right to Restrict ProcessingAsk us to limit how we use your data in certain circumstances.
Right to PortabilityReceive your data in a structured, machine-readable format to transfer to another service.
Right to ObjectObject to processing based on legitimate interests or for direct marketing.

We will respond to all requests within 30 days. If you are unsatisfied, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk or by calling 0303 123 1113.

9. International Data Transfers

Some of our third-party service providers are based outside the United Kingdom. Where we transfer data internationally, we ensure appropriate safeguards are in place, including:

  • Transfers to countries with an adequacy decision from the UK Government.
  • Use of the UK International Data Transfer Agreement (IDTA) or Standard Contractual Clauses (SCCs).
  • Binding Corporate Rules where applicable.

You can request details of the specific safeguards by contacting us at help@blemnon.co.uk.

10. Children's Privacy

Our website and services are not directed at children under the age of 13. We do not knowingly collect personal data from children under 13.

If you are a parent or guardian and believe your child has provided us with personal data, please contact us immediately at help@blemnon.co.uk and we will delete that information promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

When we make significant changes, we will notify you by email (if you have an account) and update the "Last updated" date at the top of this page. Continued use of our website after changes are posted constitutes your acceptance of the revised policy.

12. Contact & Data Requests

For any privacy-related questions, data subject access requests, or complaints, please reach out through any of the following:

  • Email: help@blemnon.co.uk
  • Post: Data Privacy, Blemnon Ltd, 7 Coronation Road, London, NW10 7PQ, UK
We aim to acknowledge all privacy requests within 48 hours and provide a full response within 30 calendar days as required by UK GDPR.