Browse

Privacy Policy

Last updated: 16/04/2026

1. Who we are

This Privacy Policy explains how Nicola Lewis trading as Kirnix (“we”, “us”, “our”) collects, uses, stores, and protects your personal data when you use kirnix.co.uk and any related services, including when you place an order, contact us, create an account, or sign up to hear from us.

For the purposes of UK data protection law, we are the data controller of the personal data described in this Privacy Policy.

Contact details
Nicola Lewis trading as Kirnix
26 Bromley Rd, Gloucester
Email: support@kirnix.co.uk

2. The personal data we collect

We may collect and use the following categories of personal data:

Information you give us directly

  • name
  • email address
  • phone number
  • billing address
  • delivery address
  • account login details
  • order details
  • information you include in messages, enquiries, reviews, or support requests

Information created when you use our services

  • order history
  • returns and refund records
  • account preferences
  • wishlists, saved baskets, or similar shopping activity where available

Technical and usage information

  • IP address
  • browser type
  • device type
  • pages visited
  • referral information
  • basic site interaction and performance data

Information from third parties

  • payment confirmation and limited billing or fraud-prevention information from payment providers
  • delivery and tracking updates from shipping providers
  • analytics or marketing information from the platforms we use
  • account or sign-in information where you choose to use a third-party login or service

3. How and why we use your personal data

We only use your personal data where we have a valid lawful basis.

A. To process and deliver orders

We use your personal data to take payment, confirm your order, prepare and dispatch items, arrange delivery, and deal with returns, refunds, and order-related service.

Lawful basis: performance of a contract.

B. To manage your account

If you create an account, we use your details to let you sign in, view orders, save preferences, and use account features.

Lawful basis: performance of a contract.

C. To respond to enquiries and provide customer support

We use your details to reply to messages, resolve problems, and keep records of customer service issues.

Lawful basis: legitimate interests in running and improving our business and supporting customers, and in some cases performance of a contract where the enquiry relates to an order.

Our legitimate interests here are providing customer service, resolving issues, and keeping suitable service records.

D. To run, secure, and improve the website and business

We use personal data to maintain website security, prevent fraud, troubleshoot issues, monitor performance, and improve our services and customer experience.

Lawful basis: legitimate interests in operating a secure and effective ecommerce website, preventing misuse, and improving our services; and, where relevant, legal obligations.

E. To keep legal, tax, and accounting records

We may keep and use relevant personal data to meet our legal and regulatory duties, including tax, accounting, consumer, and fraud-prevention requirements.

Lawful basis: legal obligation.

F. To send marketing

We may send you marketing by email where:

  • you have given consent; or
  • we are allowed to rely on the soft opt-in for existing customers under PECR.

You can opt out at any time by using the unsubscribe link in the message or by contacting us at support@kirnix.co.uk.

4. Cookies and similar technologies

We use some technical tools that may collect personal data or usage data when you use our website. We deal with cookies and similar technologies in more detail in our separate Cookie Policy.

5. Who we share personal data with

We may share personal data with trusted third parties where necessary for the purposes described above, including:

  • Stripe for payment processing
  • Hostinger for website hosting
  • Royal Mail for delivery services
  • Google Analytics for website analytics
  • MailPoet for email marketing or newsletter communications
  • professional advisers such as accountants, legal advisers, or insurers where necessary
  • regulators, courts, law enforcement, or other authorities where required by law
  • a buyer, successor, or adviser in connection with a business sale, merger, or restructure

We do not sell personal data.

6. International transfers

Some of the providers we use may process personal data outside the UK.

Where we make a restricted transfer of personal data outside the UK, we will only do so where the transfer is covered by:

  • UK adequacy regulations;
  • appropriate safeguards recognised under UK data protection law; or
  • an exception permitted by law.

Where we rely on safeguards, we will provide brief information about them on request.

7. How long we keep personal data

We keep personal data only for as long as necessary for the purpose for which it was collected, including to:

  • complete orders and provide after-sales support;
  • maintain account records where you keep an account with us;
  • meet legal, tax, accounting, and reporting obligations;
  • resolve disputes and enforce agreements; and
  • keep appropriate business and fraud-prevention records.

Different types of personal data may be kept for different periods depending on why we collected them and what the law requires. Where we no longer need personal data, we will delete it securely or anonymise it.

8. Your rights

Under UK data protection law, you may have the right to:

  • request access to your personal data;
  • ask us to correct inaccurate or incomplete personal data;
  • ask us to erase your personal data in some circumstances;
  • ask us to restrict processing in some circumstances;
  • object to processing in some circumstances;
  • receive certain personal data in a portable format in some circumstances; and
  • withdraw consent at any time where we rely on consent.

You also have an absolute right to object to direct marketing.

To exercise your rights, contact us at support@kirnix.co.uk. We may ask for information to verify your identity before acting on a request.

9. Complaints

If you have a concern about how we use your personal data, please contact us first so we can try to resolve it.

You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO).

10. Third-party links

Our website may contain links to third-party websites, plugins, or services. We are not responsible for the privacy practices of those third parties. We recommend reading their privacy information before providing them with personal data.

11. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes to our business, services, providers, or legal obligations. When we do, we will update the “Last updated” date at the top of this page.

Fast UK Delivery
Fast UK Delivery Icon Delivery truck symbol representing tracked UK shipping for KirnixCreations handmade resin art.
Quality Guarantee
Quality Guarantee Icon Tick badge symbolising quality guarantee for KirnixCreations handmade resin crafts.
Custom Orders Welcome
Custom Orders Icon Gift box icon showing custom and personalised resin art orders available from KirnixCreations.
Secure Checkout
Secure Checkout Icon Padlock icon symbolising safe checkout with PayPal, Mettle, and card payments at Kirnix.