Skip to main content
Only Snoots

Privacy Policy

We take your privacy seriously. Learn how we protect your data.

Last updated: March 28, 2026

1. Introduction

At Only Snoots, we respect your privacy and are committed to protecting your personal data. This privacy policy explains how we collect, use, and safeguard your information when you visit our website or make a purchase.

This policy is designed to comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. Data Controller

Only Snoots is the data controller for your personal information. If you have any questions about how we handle your data, please contact us.

3. Information We Collect

3.1 Information You Provide

  • Personal Information: Name, email address, shipping address, and payment information
  • Account Information: Username, password, and order history when you create an account
  • Communication Data: Messages you send us through contact forms or email
  • User Content: Photos and text you upload to personalise cards

3.2 Automatically Collected Information

  • Technical Data: IP address, browser type, operating system
  • Usage Data: Pages visited, time spent, click patterns
  • Cookies: Essential cookies for site functionality (see our Cookie Policy)

4. Legal Basis for Processing

We process your personal data on the following legal bases:

  • Contract: Processing necessary to fulfill your orders and provide our services
  • Legal Obligation: Compliance with tax, accounting, and other legal requirements
  • Legitimate Interests: Fraud prevention, security, and improving our services
  • Consent: Marketing communications (which you can withdraw at any time)

5. How We Use Your Information

We use your information to:

  • Process and fulfill your orders
  • Communicate with you about your orders and account
  • Send marketing communications (only with your explicit consent)
  • Prevent fraud and ensure security
  • Comply with legal and regulatory obligations
  • Improve our website and services (using anonymised data where possible)

6. Third-Party Service Providers

We use trusted third-party services to operate our business.

All third-party providers are contractually bound to protect your data and only use it for the specific services they provide to us.

We do not sell your personal data to third parties.

7. Data Security

We implement appropriate technical and organisational measures to protect your personal data:

  • Encryption: All data is encrypted in transit (HTTPS) and at rest
  • Access Controls: Limited access to personal data on a need-to-know basis
  • Secure Infrastructure: Industry-standard cloud services with robust security
  • Regular Reviews: We regularly review and update our security practices

All payment information is processed securely through Stripe, and we never store your full credit card details on our servers.

8. International Transfers

Some of our service providers may process your data outside the UK. When this occurs, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the UK government.

9. Data Retention

We retain your personal data only for as long as necessary:

  • Order information: 6 years (for tax and accounting purposes)
  • Account information: Until you delete your account or request deletion
  • Marketing consent: Until you withdraw consent
  • Communication records: 12 months

After these periods, we securely delete or anonymise your data.

10. Your Rights

Under UK data protection law, you have the following rights:

  • Right to Access: Request a copy of your personal data
  • Right to Rectification: Correct inaccurate or incomplete data
  • Right to Erasure: Request deletion of your data
  • Right to Restrict Processing: Limit how we use your data
  • Right to Object: Object to processing based on legitimate interests
  • Right to Data Portability: Receive your data in a structured format
  • Right to Withdraw Consent: Withdraw consent at any time

To exercise any of these rights, please contact us. We will respond within one month.

11. Cookies and Tracking

We only use essential cookies necessary for the website to function. We do not use tracking cookies or third-party analytics that require consent.

For more information, please see our Cookie Policy.

12. Children's Privacy

Our website is not intended for children under 16. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us and we will delete it promptly.

13. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated revision date. For significant changes, we will notify you via email or through a notice on our website.

14. Complaints

If you have concerns about how we handle your data, please contact us first. You also have the right to complain to the Information Commissioner's Office (ICO):

Information Commissioner's Office
Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF
Website: ico.org.uk

15. Contact Us

If you have any questions about this Privacy Policy or how we handle your data, please contact us.