Privacy Policy

1. Introduction

This Privacy Policy explains how UMETA MEDIA LTD, trading as UmasMade (“we”, “our”, “us”) collects, uses, and protects your personal information when you visit umasmade.com or make a purchase through our website.

We are committed to protecting your privacy and handling your data in a transparent and secure manner, in accordance with applicable data protection laws including the General Data Protection Regulation (GDPR) and the UK Data Protection Act 2018.

Data Controller:
UMETA MEDIA LTD
71–75 Shelton Street, Covent Garden, London, United Kingdom, WC2H 9JQ
Company Number: 16653248
Email: contact@umasmade.com

2. Information We Collect

We may collect and process the following types of information:

a. Personal and Order Details

  • Full name, email address, phone number
  • Billing and shipping address
  • Order information and product personalization details (e.g., engraved names or custom text)

b. Payment Information

  • Payment details are securely processed by Stripe.
  • We do not store or have access to your full card number, CVV, or other sensitive payment data.
  • We receive confirmation of payment, transaction ID, amount, and masked card details (last four digits).

c. Technical and Usage Data

  • IP address, browser type, operating system, device type
  • Pages visited, time spent on site, and referral links
  • Collected via cookies and analytics tools such as Google Analytics

d. Marketing and Communication Preferences

  • Subscription to newsletters or marketing communications via Mailchimp or Klaviyo
  • Responses to surveys, reviews, or customer support inquiries

3. How We Use Your Information

We use your personal data for the following purposes and legal bases:

PurposeLegal Basis
To process and fulfil your ordersPerformance of a contract
To communicate regarding your ordersLegitimate interest
To process payments securely via StripeContractual necessity
To send marketing updates (with consent)Consent
To prevent fraud and ensure website securityLegitimate interest
To comply with tax and accounting lawsLegal obligation

4. Sharing Your Data

We only share your data with trusted service providers necessary to operate our business:

  • Payment Processing: Stripe Payments UK Ltd
  • Hosting & Infrastructure: Hostinger
  • Email Marketing & Communication: Mailchimp, Klaviyo
  • Analytics: Google Analytics
  • Shipping & Logistics: DHL, UPS, FedEx, TNT, Widect
  • Content Delivery / Security: Cloudflare (if used)

All third-party partners act as data processors under contractual obligations to protect your data and process it only for agreed purposes.

5. International Transfers

Your information may be transferred and processed outside the UK or EEA (for example, when using Stripe or Mailchimp).
We ensure that all transfers comply with data protection laws through safeguards such as Standard Contractual Clauses (SCCs) or equivalent protection mechanisms.

6. Data Retention

We retain personal data only as long as necessary for the purposes it was collected:

  • Order and payment records: 6 years (for tax and accounting compliance)
  • Customer communication: up to 3 years after your last interaction
  • Marketing data: until you unsubscribe or withdraw consent
  • Analytical data: 14–26 months, depending on Google Analytics settings

After the retention period, data is securely deleted or anonymized.

7. Cookies and Tracking

We use cookies to ensure website functionality, analyze traffic, and personalize your experience.

Types of cookies we use:

  • Essential cookies: Required for site operation (cart, checkout, security).
  • Analytics cookies: Measure traffic and performance (Google Analytics).
  • Marketing cookies: Used for optional email and advertising personalization.

You can manage or disable cookies through your browser settings or consent banner displayed when you first visit the site.

8. Security

We implement appropriate technical and organizational measures to protect your data against unauthorized access, disclosure, alteration, or destruction.
These include encryption (TLS/HTTPS), secure hosting, access controls, and strict data handling procedures.
All payments are processed through Stripe’s PCI DSS-compliant systems — your card details are never stored on our servers.

9. Your Rights

Under applicable data protection laws, you have the following rights:

  • Access your data (data subject access request)
  • Rectify inaccurate or incomplete data
  • Request erasure (“right to be forgotten”)
  • Restrict or object to processing
  • Data portability (receive a copy in machine-readable format)
  • Withdraw consent at any time for marketing or optional data use

To exercise these rights, contact us at contact@umasmade.com.
If unresolved, you may lodge a complaint with your local data protection authority.

10. Children’s Privacy

We do not knowingly collect personal data from individuals under 13 years old. If you believe we have inadvertently collected such information, please contact us for immediate deletion.

11. Changes to This Policy

We may update this Privacy Policy periodically to reflect operational, legal, or regulatory changes.
The most recent version will always be available at umasmade.com/privacy-policy.

12. Contact Us

If you have questions, requests, or concerns about this Privacy Policy, please contact:

UMETA MEDIA LTD (UmasMade)
71–75 Shelton Street, Covent Garden, London, United Kingdom, WC2H 9JQ
Email: contact@umasmade.com
Website: www.umasmade.com