Privacy Policy

Last Updated: 10-Nov-2025
Website: joomfashion.org

This Privacy Policy explains how we collect, use, disclose, transfer, and store your personal data when you visit or make a purchase from Joom Fashion (“we”, “us”, “our”).

1. Data Controller

The data controller responsible for your personal information is:

Controller: JoomFashion
Registered Address: Office 275, 85 Dunstall Hill, Wolverhampton, England, WV6 0SR
Email for Privacy Queries: support@joomfashion.org

If you are located in the UK or EU, your data is processed in accordance with the UK GDPR, GDPR (EU), and the Data Protection Act 2018.

2. Data We Process

We may collect and process the following categories of personal data:

Identity & Contact Information

Name
Shipping address
Billing address
Phone number
Email address

Order & Transaction Details

Order history
Delivery information
Customer service interactions

Payment Data

Processed securely via Stripe (our payment processor)
We only receive payment tokens, confirmation codes, and fraud-check details
We do not store, handle, or have access to full card numbers

Device & Technical Data

IP address
Browser type & version
Operating system
Device identifiers
Interaction logs
Session data
Referrer URLs

Cookies & Tracking Technologies

Necessary cookies
Functional cookies
Analytics cookies
Marketing & advertising cookies
(As described in our Cookie Policy — applied only after consent)

3. Purposes & Lawful Bases of Processing

Purpose	Data Used	Lawful Basis
Processing & delivering orders	Identity, contact, order details, payment tokens	Contract (Art. 6(1)(b))
Customer support & communication	Identity, contact, order data	Contract + Legitimate Interest
Fraud prevention & site security	Technical logs, usage data, order info	Legitimate Interest (security)
Analytics, marketing & advertising	Cookie data, email, usage data	Consent
Tax, accounting & legal compliance	Transaction & order data	Legal obligation

Marketing emails and non-essential cookies are used only with explicit consent, which can be withdrawn anytime.

4. Sharing & Data Processors

We share personal data only with trusted service providers needed to operate our services:

Key Data Processors

Stripe – secure payment processing (PCI-DSS compliant)
Hosting / cloud provider – website hosting & delivery
Analytics services – Google Analytics or similar (only after consent)
Security & anti-fraud tools
Email service provider (transactional & newsletter)
Customer support platforms (if used)

We do not sell your personal data.

5. International Data Transfers

Some processors may be located outside the UK or EEA. When transfers occur, we ensure lawful safeguards such as:

Standard Contractual Clauses (SCCs)
UK International Data Transfer Agreement (IDTA)
Adequacy decisions
Equivalent lawful mechanisms

6. Data Retention

We retain personal data only as long as necessary:

Order & transaction records: 6 years (legal/tax requirements)
Technical & security logs: 12 months
Marketing data: Until consent is withdrawn

After retention expires, data is securely deleted or anonymised.

7. Your GDPR/UK Data Protection Rights

Under the GDPR and UK GDPR, you have the right to:

Access your data
Rectify incorrect or incomplete data
Erase your data (“right to be forgotten”)
Restrict processing
Object to processing (including profiling & direct marketing)
Data portability (receive your data in a usable format)
Withdraw consent at any time

To exercise your rights, email: support@joomfashion.org

8. Automated Decision-Making & Profiling

We do not use automated decision-making that produces legal or significant effects.
Basic marketing personalization may occur only if you have given consent.

9. Contact & Complaints

Legal Name: JoomFashion
Registered Office: Office 275, 85 Dunstall Hill, Wolverhampton, England, WV6 0SR
Company No: 15272001

You may also lodge a complaint with:

ICO (UK): Information Commissioner’s Office
Your local EU data protection authority, if applicable