Privacy Policy
1. Information About the Collection of Personal Data and Controller Details
We are pleased that you are visiting the Bondi Lane Boutique website and appreciate your interest. This Privacy Policy explains how we collect, process, and protect your personal data when you use our website. Personal data refers to any information that can be used to identify you personally.
The data controller responsible for processing personal data on this website under the General Data Protection Regulation is:
Store Name: Bondi Lane Boutique
Business Address: 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ
Email: info@bondilaneboutique.com
Phone: +61 489 987 338
Business Days: Monday To Friday, 8:00 AM To 5:00 PM
The data controller is the legal entity that determines the purposes and methods of processing personal data.
For security reasons and to protect confidential content such as orders and enquiries, this website uses SSL or TLS encryption. You can recognize an encrypted connection by the https prefix and the lock symbol in your browser.
2. Data Collection When Visiting Our Website
When you browse our website without registering or submitting information, we collect only data that your browser automatically transmits to our server. These server log files include visited pages, date and time of access, amount of data transferred, referring source, browser type and version, operating system, and IP address in anonymized form where possible.
This processing is carried out under Article 6 paragraph 1 letter f GDPR, based on our legitimate interest in ensuring website stability and functionality. This data is not merged with other data sources. We reserve the right to review log files if there are indications of unlawful use.
3. Cookies
Our website uses cookies to improve usability and enable certain features. Cookies are small text files stored on your device.
Some cookies are deleted when you close your browser. Others remain stored to recognize your browser on future visits. Cookies may collect information such as browser data, location data, and IP addresses.
Where cookies process personal data, this is done either for contract performance under Article 6 paragraph 1 letter b GDPR or based on our legitimate interest under Article 6 paragraph 1 letter f GDPR to ensure optimal website performance and user experience.
We may also use third party cookies for advertising and analytics purposes. You can manage or disable cookies through your browser settings. Please note that disabling cookies may limit website functionality.
4. Contacting Us
When you contact us via email or a contact form, personal data is collected only for the purpose of responding to your enquiry and related administration.
The legal basis is Article 6 paragraph 1 letter f GDPR. If your enquiry relates to a contract, Article 6 paragraph 1 letter b GDPR also applies.
Your data is deleted once your enquiry has been fully resolved, unless legal retention requirements apply.
5. Customer Accounts and Contract Processing
When you place an order or create a customer account, we process personal data necessary to fulfil the contract under Article 6 paragraph 1 letter b GDPR.
You may request deletion of your customer account at any time by contacting us. After contract completion or account deletion, data is retained only as required by tax or commercial law and deleted once retention periods expire.
6. Use of Personal Data for Marketing
If you subscribe to our newsletter, we will send you promotional emails using a double opt in process. The legal basis is Article 6 paragraph 1 letter a GDPR. You may unsubscribe at any time via the link in our emails or by contacting us.
If you have purchased from us, we may send emails about similar products based on our legitimate interest under Article 6 paragraph 1 letter f GDPR. You may object at any time and your email will be removed from marketing use immediately.
7. Order Processing and Payments
We share personal data with shipping providers to deliver your order and with payment providers to process payments, based on Article 6 paragraph 1 letter b GDPR.
If you use third party payment services such as PayPal or Klarna, your payment data is transferred only as necessary to complete the transaction. These providers may conduct credit checks where applicable. Their privacy policies apply independently.
8. Review Requests
With your consent, we may send a one time email requesting a product review. This processing is based on Article 6 paragraph 1 letter a GDPR. You may withdraw consent at any time.
9. Social Media Plugins
Our website uses privacy friendly social media buttons for platforms such as Facebook and Instagram. A connection to these platforms is only established when you click the button. Data processing by these platforms is governed by their respective privacy policies.
10. Online Marketing and Advertising
We use tools such as Google Ads, conversion tracking, and remarketing technologies to improve advertising relevance. These tools use cookies and are based on our legitimate interest under Article 6 paragraph 1 letter f GDPR or your consent where required.
You may disable advertising cookies through your browser settings or provider opt out tools.
11. Web Analytics
We use Google Analytics with IP anonymization enabled to analyze website usage and improve performance. The legal basis is Article 6 paragraph 1 letter f GDPR. You may opt out using browser settings or Google opt out tools.
12. Retargeting and Remarketing
With consent, we use Facebook Pixel and Google Remarketing to display relevant ads. Data is processed anonymously from our perspective. You may withdraw consent or disable cookies at any time.
13. Your Rights Under GDPR
You have the right to access your data, correct inaccurate data, request deletion, restrict processing, request data portability, withdraw consent, object to processing, and lodge a complaint with a supervisory authority.
To exercise your rights, please contact us at info@bondilaneboutique.com.
14. Data Retention
Personal data is stored only for as long as necessary to fulfil its purpose or comply with legal retention obligations. After expiry, data is securely deleted.