GDPR

GDPR Compliance

At Wimorra, we are committed to protecting your privacy and handling your data with transparency and care in accordance with the General Data Protection Regulation (GDPR).

1. Data Controller Information

Wimorra Ltd
123 Design Street
London, UK
Company Number: 12345678

Data Protection Officer

Email: privacy@wimorra.com

2. Personal Data We Collect

We may process the following categories of personal data:

  • Identity Data: Name, title, date of birth
  • Contact Data: Billing/delivery addresses, email, phone numbers
  • Transaction Data: Payment details, purchase history
  • Technical Data: IP address, browser type, device information
  • Usage Data: How you use our website and products
  • Marketing Data: Preferences for receiving marketing

3. How We Use Your Data

Lawful Basis for Processing

We only process data when we have a valid legal basis, including:

  • Performance of a contract (e.g., processing your orders)
  • Legitimate interests (e.g., fraud prevention)
  • Legal compliance (e.g., tax requirements)
  • Consent (e.g., marketing communications)

Purposes of Processing

  • To process and fulfill your orders
  • To manage our relationship with you
  • To improve our website and products
  • To prevent fraud and ensure security
  • To send relevant marketing (where consented)

4. Data Sharing & Transfers

We may share your data with:

  • Payment processors (Stripe, PayPal)
  • Delivery providers (Royal Mail, DHL)
  • IT service providers (hosting, analytics)
  • Professional advisors (accountants, lawyers)

All third parties are vetted for GDPR compliance. We never sell your data.

5. Your Rights

Under GDPR, you have the right to:

  • Request access to your personal data
  • Request correction of inaccurate data
  • Request erasure of your data ("right to be forgotten")
  • Object to processing of your data
  • Request restriction of processing
  • Request data portability
  • Withdraw consent at any time

To exercise these rights, please contact us at privacy@wimorra.com.

6. Data Security & Retention

We implement appropriate technical and organizational measures including encryption, access controls, and regular security assessments.

We retain personal data only as long as necessary for the purposes collected, including legal, accounting, or reporting requirements.

Contact Us

For any GDPR-related inquiries or to exercise your rights:

Email: privacy@wimorra.com
Postal: Data Protection Officer, Wimorra Ltd, 123 Design Street, London, UK

We aim to respond to all requests within 30 days.