top of page

blodau PRIVACY POLICY

Last updated: June 2026

At Blodau, we respect your privacy and are committed to protecting your personal data. This Privacy Policy explains who we are, what personal information we collect, how we use it, and your rights in relation to it.

We comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

 

1. Who We Are

Blodau is a custom-made fashion brand based in the United Kingdom. We are the data controller responsible for your personal data.

If you have any questions about this policy or how we handle your data, please contact us at the details above.

 

2. What Personal Data We Collect

We collect personal data in the following circumstances:

When you place an order

  • Full name

  • Delivery and billing address

  • Email address and phone number

  • Payment information (processed securely via our payment provider – we never store your card details)

  • Body measurements and garment specifications provided by you

 

When you contact us

  • Your name and email address

  • The content of your message or enquiry

  • Any photographs or design references you choose to share with us

 

When you browse our website

  • IP address and browser type (collected automatically via cookies)

  • Pages visited and time spent on the site

  • Device and operating system information

Please see our Cookie Policy at [blodau.com/cookies] for more information on how we use cookies.

 

When you sign up to our mailing list

  • Your name and email address

  • Your marketing preferences

 

3. How We Use Your Personal Data

We use your personal data only for the purposes for which it was collected:

To fulfil your order

We use your name, address, measurements, and contact details to produce your garment, process payment, arrange delivery, and communicate with you about your order. This is necessary for the performance of our contract with you.

 

To provide customer support

We use your contact details and order information to respond to enquiries, resolve issues, and follow up on orders. This is in our legitimate interest to provide a good customer experience.

 

To send marketing communications

If you have opted in to receive our newsletter or marketing emails, we will send you updates about new collections, events, and offers. You can unsubscribe at any time by clicking the link in any email or contacting us directly. We will only send marketing communications with your explicit consent.

 

To improve our website

We use anonymised analytics data to understand how visitors use our website and to improve its design and performance. This is in our legitimate interest as a business.

 

To comply with legal obligations

We may process your data where required to do so by law, for example for tax, accounting, or fraud prevention purposes.

 

4. Who We Share Your Data With

We do not sell, rent, or trade your personal data. We share it only where necessary to fulfil your order or operate our business:

  • Royal Mail – to deliver your order (name, delivery address)

  • Our payment processor – to process your payment securely

  • Our parcel insurance provider – where relevant to insure your order in transit

  • Our website platform (e.g. Wix) – which hosts and processes order data on our behalf

  • Email marketing platform if you have opted in to marketing

All third parties we work with are required to handle your data securely and in accordance with UK GDPR. We do not transfer your data outside the UK or European Economic Area without appropriate safeguards in place.

 

5. How Long We Keep Your Data

We retain your personal data only for as long as necessary:

  • Order data (name, address, measurements, payment records): 7 years, as required for UK tax and accounting purposes

  • Customer service correspondence: 3 years from the date of last contact

  • Marketing data: until you unsubscribe or ask us to remove you

  • Website analytics: anonymised data retained indefinitely; identifiable data deleted after 26 months

Once data is no longer needed, we delete or anonymise it securely.

 

6. Your Rights

Under UK GDPR, you have the following rights in relation to your personal data:

  • Right of access – you can request a copy of the personal data we hold about you

  • Right to rectification – you can ask us to correct inaccurate or incomplete data

  • Right to erasure – you can ask us to delete your data, where we have no legal obligation to retain it

  • Right to restrict processing – you can ask us to limit how we use your data in certain circumstances

  • Right to data portability – you can request your data in a structured, commonly used format

  • Right to object – you can object to us processing your data for marketing or on the basis of legitimate interests

  • Right to withdraw consent – where we rely on your consent to process data, you can withdraw it at any time

To exercise any of these rights, please contact us at info@blodau.uk. We will respond within 30 days. There is no charge for making a request.

If you are unhappy with how we have handled your data, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO) at ico.org.uk or by calling 0303 123 1113.

 

7. How We Keep Your Data Safe

We take the security of your personal data seriously. We use appropriate technical and organisational measures to protect it against unauthorised access, loss, or disclosure. These include:

  • Secure HTTPS encryption on our website

  • Access controls limiting who within our business can view your data

  • Use of reputable, GDPR-compliant third-party platforms for payment and email

  • We never store payment card details on our own systems

In the unlikely event of a data breach that poses a risk to your rights, we will notify you and the ICO as required by law.

 

8. Children’s Privacy

Our website and services are not directed at children under the age of 16. We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a child, please contact us immediately and we will delete it.

 

9. Links to Other Websites

Our website may contain links to third-party websites (for example, social media platforms or payment providers). We are not responsible for the privacy practices of those sites and encourage you to read their privacy policies before sharing any personal data with them.

 

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or in applicable law. The most current version will always be available at [blodau.com/privacy]. We will notify you of any significant changes by email where we hold your contact details.

 

11. Contact Us

If you have any questions, concerns, or requests relating to this Privacy Policy or your personal data, please contact us:

bottom of page