We are committed to protecting and respecting the privacy of our clients. We take responsibility for complying with the Data Protection Act 1998 (DPA), the Privacy and Electronic Regulations 2003 (PECR), and the General Data Protection Regulation 2018 (GDPR).
This privacy policy details what personal data we collect, how we will use that data and how we will protect it. Please also read our Terms & Conditions for additional information regarding our services.
For any questions that may not be answered here, you may contact us by email, hello@lusterblue.com
1. What personal data we collect and why
We collect your personal data when you place an order, return an order, contact us directly, sign up for our marketing communications, sign up to create an account, browse our website or use the other services offered by our website, www.lusterblue.com. The data we collect includes details you provide to us, such as your first and surname, and your shipping and billing addresses. We also collect data regarding your shopping habits and the pages and products you have viewed from your use of the website.
We use this data to:
- Take your orders, process your payments and deliver the items you have purchased.
- Process return and refund for items you have purchased.
- Provide any additional services you have requested, such as our newsletter.
- Provide you with help and assistance, including contacting you about your order.
- Personalise your visit to the website and ensure that content from our site is relevant and presented in the most optimised manner for you and the device you are viewing from.
Under the law, we must have a valid legal basis to process your data. In most instances, we will process your data because we have a contract with you e.g. to deliver your purchases or to provide you with other services you have requested. We will also use your personal data to send you sales and marketing communications that we believe may be of interest to you if we have your explicit consent for this activity, or if you are an existing customer where we have a legitimate interest in communicating with you. You can opt-out of sales and marketing communications from us at any time.
2. Who will process your data
Your personal data will be processed by Luster Blue Ltd, a company organised and existing under the laws of United Kingdom, and registered at Companies House as company number 15339550. Our registered office address is 1-75 Shelton Street, Covent Garden, London, United Kingdom, WC2H 9JQ.
We may also retain the services of external suppliers to help meet our business needs and may share your data with these suppliers. These suppliers have been selected after a rigorous evaluation process and chosen for their security, reliability and competence. They will process your data only under our instructions. Some of these suppliers may be based in non-EU countries. Where this is the case, the transfer of your personal data to these countries is carried out in compliance with the guarantees provided by law.
3. Your rights regarding your personal data
Under the Law, you have the right to:
- Know what personal data of yours we are processing, where that data came from and how we are using that data.
- Ask us to update, correct or supplement the data we hold about you.
- Withdraw consent for processing for a specified purpose.
- Ask us to delete or erase your data from our systems.
- Limit or oppose our processing of your data.
- Ask us to supply the personal data we hold about you in an easily readable electronic format.
You can exercise these rights at any time by contacting us by email, hello@lusterblue.com
This privacy policy may undergo changes and additions from time to time. Where possible we will inform you of any changes, but please check the contents periodically. The date this policy was last edited is under clause 13 of this privacy policy.
4. The Data Controller
Under the data protection law, the data controller is responsible for ensuring that your data is held securely, that you are given accurate information about how your data is used, and that your rights regarding your data are respected. For the purpose of the UK Data Protection Act 2018 and the General Data Protection Regulation 2016, the data controller for any personal information we hold about you is Luster Blue Ltd.
Your personal information will be held and managed by Luster Blue Ltd. By visiting and using Luster Blue’s website or mobile site (www.lusterblue.com), you acknowledge that you have read this privacy policy.
The Luster Blue website is owned and run by Luster Blue Ltd. Luster Blue Ltd is referred to here as “we”, “our”, “us”. The term “our services” refers to our online services and any of our other products and services offered from time to time. If you use any of our services, we will refer to you using the terms “user”, “visitor”, “you”, “your”, “yours” in this policy.
5. What personal data we collect
We collect and process only the data that is required to allow us to provide our services to you. We collect the following data when you browse or shop at www.lusterblue.com:
- Personal data required to complete and ship your purchase; including your name, billing address, delivery address, payment details, mobile number, telephone number and email address. We collect your email address in order to send you confirmation of your order; we collect your telephone number so that we can contact you if there are any issues with the order.
- Your email address when you sign up to receive our newsletter/marketing communications.
- Your name, email address, password, country and additional data regarding your marketing preferences, when you join our mailing list.
- Additional data to help us resolve any queries relating to your order, delivery, payments, marketing, the website or any other queries.
- Browsing data from www.lusterblue.com, including the pages you visit and how you interact with these pages.
- Someone else’s data, that you provide to us, e.g. if you purchase a product to be delivered to a friend or as a gift, we will collect and process the personal data required to complete the transaction such as the name, delivery address and other contact details for your friend.
6. How we use personal data we collect
Under the law we must have a valid reason for using your personal data and we may not collect, store or use data about you that is not compatible with that reason. The legal basis for each of the ways in which we use your personal data is as follows:
- When you purchase a product from www.lusterblue.com we ask you for the personal data necessary to allow us to fulfill our contract with you including taking payment, any related anti-fraud checks if you choose to pay by credit/debit card, billing, shipping and delivery of the product and possible handling of the return.
- Legal Basis: The provision of your personal data for these activities is a contractual obligation. You are free to communicate your data or not, but in the absence of the requested data it will not be possible to finalise or execute the contract and your requests. This means that while you will continue to be able to browse www.lusterblue.com, you will not be able to purchase products and you will not be able to use the services of our website such as the Wish List.
- When you make a purchase at www.lusterblue.com, we are required to process your personal data to meet our legal obligations in accordance with the tax provisions and other statutory rules which apply.
- You are free to decide whether or not to purchase from us, but if you do make a purchase this use of your data will be necessary to meet our legal obligations.
- When you make a purchase at www.lusterblue.com, we will use some of your personal data to carry out anti-fraud activities: we have a legitimate interest in carrying out this activity to prevent and prosecute any fraudulent activity.
- When you visit www.lusterblue.com, we will collect the minimum personal data necessary to allow us to provide you with the services of the website, such as placing and holding items in your shopping bag.
- Legal Basis: Our use of your data is necessary for our legitimate interest in ensuring that the service we provide to you is managed correctly.
- When you visit www.lusterblue.com, we may use data about your use of the website to help us improve the website and our promotion of the website. This will include data about how you came to the website; the date and time of your visit; products you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction data (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page. Most of this data will not be connected to you as an individual.
- Legal Basis: Our use of your data is necessary for our legitimate interest in ensuring that the service we provide to you is managed correctly.
- We also collect data about your use of www.lusterblue.com by using cookies.
- Legal Basis: You have given your consent to our use of cookies via the cookie banner that appears on the website when you enter. Some cookies are necessary for our legitimate interest in ensuring that the service we provide to you is administered correctly e.g. retaining items in your shopping basket.
- When you register an account on www.lusterblue.com, we will collect the data necessary to ensure that we can recognise you on return visits and provide you with the services registration offers, such as subscribing to our newsletter. If you would prefer not to continue receiving these emails, you can unsubscribe at any time using the link on the bottom of the email or by contacting us directly.
- Legal Basis: The provision of your personal data for these activities is a contractual obligation. You are free to communicate your data or not, but in the absence of the requested data it will not be possible to finalise or execute the contract and your requests.
- When you sign up for our marketing communications, we will ask you for your email address. If you would prefer not to receive these emails, you can unsubscribe at any time using the link on the bottom of the email.
- Legal Basis: You have given your consent and asked us to send you our marketing communications.
- If you have purchased from www.lusterblue.com, we will use the personal data we hold about you, including your purchase history, to contact you regarding products and services that may be of interest to you. This contact will normally be via email, but in certain circumstances we may contact you via other methods e.g. we may call you if an item we know you have been eager to purchase comes back into stock. If you would prefer not to be contacted in this way, you can unsubscribe from emails at any time using the link on the bottom of the email, or contact us directly to request this.
- Legal Basis: Our use of your data is necessary for our legitimate interest in ensuring that you receive information about goods and services that may be of interest to you.
- We analyse contact data, purchase history, web browsing data and lifestyle data to tailor our marketing communications, web site presentation and internet advertising to meet your preferences.
- Legal Basis: Our use of your data is necessary for our legitimate interest in ensuring that you receive information about goods and services that may be of interest to you.
- When you contact us, we will use the personal data you provide and that we have collected to respond to your requests for help or information.
- Legal Basis: The provision of your personal data for these activities is a contractual obligation. You are free to communicate your data or not, but in the absence of the requested data it will not be possible to finalise or execute the contract and your requests.
7. Who will process your data
Your personal data will be processed by the internal staff of Luster Blue Ltd who are authorised for this processing. Your personal data will also be transmitted to third parties that we use to provide our services; these parties have been rigorously assessed and offer a guarantee of compliance with the legislation on the processing of personal data. These parties have been designated as data processors and carry out their activities according to the instructions given by Luster Blue Ltd and under our control.
The third parties in question belong to the following categories: payment processors, banking operators, internet providers, eCommerce hosting maintainers, companies specialising in IT and telematics services; logistic partners; companies that execute marketing activities such as email marketing services; companies specialising in market research and data processing; companies providing publishing and distribution services.
Under some circumstances we may be required to disclose or share your data without your consent, for example, if we are required by the police, the courts or for other legal reasons. Your data may be transmitted to the police, judicial and administrative authorities, in accordance with the law, for the investigation and prosecution of crimes, the prevention of and protection from threats to public security, to allow Luster Blue Ltd to ascertain, exercise or defend a right in court, as well as for other reasons related to the protection of the rights and freedoms of others.
We may also transfer your personal data to a buyer or potential buyer in the event that our assets are acquired by another organisation. The purchaser will be required by law to use your personal data only as described in this privacy policy.
8. How long we keep your data
We keep your personal data for a limited period of time. The specific retention period will vary according to the reason for processing your personal data. After this period, your data will be permanently erased or otherwise irreversibly rendered anonymous.
Your personal data are retained in accordance with the following criteria: When you have purchased goods from www.lusterblue.com, we will retain the billing data until the end of the relevant accounting period. When you make a payment, we will retain your payment details up to the certification of the payment and the completion of the relevant administrative-accounting formalities regarding your right of withdrawal and the terms applied for the disputing of the payment.
When you provide us with personal data in order to use the services of www.lusterblue.com, such as marketing communications, we will keep your data for this purpose until the termination of the service or until you cancel your subscription to the service.
When you give us your consent to send you marketing communications, you can withdraw your consent at any time. We will consider your consent to be current for five years from your last interaction with any email that we send you, with www.lusterblue.com. In any case, we will reduce the number of marketing contacts after six months if you don’t interact with us.
When we use your personal data and browsing history to analyse your behaviour in order to customise the website and to show you personalised sales offers, we will keep the data for analytical purposes until you ask us to delete it.
9. Your rights
You have the right to request a copy of the data that we hold about you, and we will provide this to you free of charge once we have confirmed your identity.
If you would like a copy of some or all of your personal data, please contact us via hello@lusterblue.com
You have the right to ask us to correct any inaccuracies in the personal data we hold about you and to stop us using your data until it has been corrected. We want to make sure that your personal data is accurate and up to date and we will be happy to correct or remove data you think is inaccurate.
If you have given us your consent to use your personal data for marketing, you have the right to withdraw your consent at any time contacting us.
You have the right at any time to oppose our processing of your personal data on the basis of our legitimate interest. You will need to explain the reasons behind your request and allow us to consider your request and respond.
You have the right to request the deletion of your personal data. After receiving and reviewing your request, if legitimate it will be our responsibility to promptly cease processing and to delete your personal data, to request deletion please contact hello@lusterblue.com
You have the right to receive a copy of your data that we process based on your consent or on the basis of a contract with you in a standard format. If you wish, where technically possible, we can transfer your data directly to a third party indicated by you.
To ensure that the data of our users are not subject to breaches or illegitimate use by third parties, we will ask you to confirm your identity before carrying out your request.
10. Security
We protect your personal data with specific technical and organisational security measures aimed at preventing your personal data from being used illegitimately or fraudulently.
In particular, our infrastructure has been designed with high security and privacy standards including disk encryption, identity provider, personal credentials, etc. We additionally use security measures that guarantee: pseudonymisation or encryption of your data; the confidentiality, integrity, and availability of your data as well as the resilience of the systems and services that process them; the ability to restore data in the event of a data breach. Furthermore, Luster Blue Ltd undertakes to test, verify and regularly evaluate the effectiveness of technical and organisational measures in order to guarantee continuous improvement in the safety of processing.
11. Complaints
If you believe that Luster Blue Ltd is processing your personal data in contravention of the law, you can file a complaint with the supervisory authority responsible for compliance with the rules on personal data protection.
In the UK, the complaint can be presented to the ICO. More information on how to complain is available on the ICO’s website at www.ico.org.uk.
12. Using Klarna
In order to offer you Klarna’s payment methods, we might in the checkout pass your personal data in the form of contact and order details to Klarna, in order for Klarna to assess whether you qualify for their payment methods and to tailor those payment methods for you. Your personal data transferred is processed in line with Klarna’s own privacy notice.
13. Using Stripe
To provide Stripe’s payment options, we may share your personal data, including contact and order details, at checkout with Stripe. This is to determine your eligibility for Stripe’s payment methods and customize them to your needs. Rest assured, any transferred personal data is handled according to Stripe’s privacy policy.
14. Changes to this notice
We keep our privacy policy under regular review in order to reflect changes in our services and in privacy regulation. This privacy policy was last updated in December 2023.