let's talk

Privacy Policy

Who we are

Our website address is: https://ivylemonstudio.com.

Information we collect

  • Visitor data – IP address, device/browser type, referrer pages via cookies and analytics.
  • Forms and emails – Name, email, message content (submitted when you contact us via pattern enquiries or newsletter).
  • Transaction data – If and when purchases or licenses are made (includes payment provider data; we do not store credit card information ourselves).

Lawful basis for processing

  • Our legitimate interests – For website analytics, security and direct communications.
  • Consent – Where applicable (e.g. email marketing sign-ups)
  • Contractual reasons – Performing services when you purchase or license a pattern.

How we use your data

  • To respond to enquiries or provide design services.
  • To process licensing agreements or purchases.
  • To improve website, marketing and customised service delivery.
  • Sending occasional newsletters/promotional information.

Who we share your data with

  • Service providers such as website host, analytics (e.g. Google Analytics), email platform and payment processors.
  • We ensure third parties comply with UK/EU data protection regulations.
  • We do not sell your data to third parties.

Cookies and Analytics

  • We use essential cookies (e.g. login/session) and analytics cookies.
  • You can adjust or disable cookies via your browser settings.

International Transfers

  • Some third party platforms (e.g. email or analytics) may transfer data internationally.
  • Ensure adequate safeguards (e.g. standard contractual clauses, EU adequacy decisions) are in place.

Your rights

In accordance with UK GDPR/data protection laws, you have the right to:

  • Access your personal data
  • Rectify incorrect data
  • Erase your data (subject to legal exceptions)
  • Restrict or object to our processing
  • Port your data (if processed electronically)
  • Withdraw consent at any time (without invalidating prior lawful processing)
  • Lodge a complaint with the UK Information Commissioner’s Office (ICO)

Data Retention

  • Enquiry/contact data – retained for up to 2 years unless you request deletion
  • Transaction/licensing data – kept for 7 years for legal/commercial purposes
  • Analytics data – anonymised monthly and retained for up to 26 months

Security

We implement organisational and technical measures to protect your data, such as secure hosting, SSL encryption, access control and regular security updates.

Policy updates

We may update this policy occasionally. The latest version appears on this site. We will notify users via email where appropriate.