PRIVACY STATEMENT

Evergreen Brides Ltd is an independent wedding dress retailer operating within the
requirements of the General Data Protection Regulations 2018 and other electronic
marketing legislation. We work within the principles of fair data processing.
Using information in a way that people would reasonably expect. Thinking about the impact
of our processing.

Being transparent and ensuring that people know how we’ll use their information.
This statement may be updated from time to time. Please read the following to understand
our views and practices regarding your personal data and how we will treat it.

What This Privacy Statement Covers

This page covers how we treat any personal information that we collect and receive either
from our website or as part of any other processes.
We do not sell or pass on any personal information about our clients or prospects and we
only use any information shared with us for running and improving our services and in that
capacity operate as a data controller and, in the extent that we process the data, as a data
processor.

This statement tells you what information we collect, the steps we take to protect and
secure it, how we use and share information, and finally, how you can contact us with
questions or concerns.

Information we collect:

Personal Information

We collect personal information (e.g., name, email address, phone number, etc.) when you:

- Send us an enquiry through our website
- Email us
- Work with us as a customer or supplier

Other User Information

When you access and use our services, we may collect additional contextual information
about you as well as your wedding planning preferences.

We do not link this additional data to any other information we collect about you and do
not undertake any profiling activity from this type of data.

Billing Information

If you contract us we will require your billing information in order to process the
transaction. Billing information includes your name, address, telephone number, bank
details and other information necessary to process the transaction.

We do not use, collate or store credit card numbers.

IP Addresses and Cookies

We may collect information about your computer, including where available your IP
address, operating system and browser type, for system administration. This is statistical
data about our users’ browsing actions and patterns, and does not identify any individual.
For the same reason, we may obtain information about your general internet usage by using
a cookie file which is stored on the hard drive of your computer. Cookies contain

information that is transferred to your computer’s hard drive. A cookie consists of
information sent by a web server to a web browser, and stored by the browser. The
information is then sent back to the server each time the browser requests a page from the
server. This enables the web server to identify and track the web browser. We use both
“session” cookies and “persistent” cookies on the website. We will use the session cookies
to keep track of you whilst you navigate the website; we will use the persistent cookies to
enable our website to recognise you when you visit. Session cookies will be deleted from
your computer when you close your browser. Persistent cookies will remain
stored on your computer until deleted, or until they reach a specified expiry date.

Most browsers allow you to reject all cookies, whilst some browsers allow you to reject just
third party cookies. For example, in Internet Explorer you can refuse all cookies by clicking
“Tools”, “Internet Options”, “Privacy”, and selecting “Block all cookies” using the sliding
selector. You may refuse to accept cookies by activating this setting on your browser,
however, if you select this setting you may be unable to access certain parts of our site.
Unless you have adjusted your browser setting so that it will refuse cookies, our system will
issue cookies when you log on to our site.

We use this information held about you in the following ways:

- To ensure that content from our site is presented in the most effective manner to
you and to your computer
- To provide you with information, products or services that you request from us or
which we feel may interest you, where you have consented to be contacted for such
purposes.
- To allow you to participate in interactive features of our service, when you choose to
do so.
- To cross reference information you have supplied with information supplied by our
client for purposes of verifying whether you are an authorised user.
- To notify you about changes to our service.

We may also contact you by email, post or telephone. Please note that where you have
provided sensitive data to us, we shall only use your sensitive data for the purpose for which
the data was provided to us.

If you do not want us to use your data in this way, or wish to withdraw your consent for use
of the data, you can do so by contacting us via telephone on 07479947366 or email at
office@evergreenbrides.co.uk

Please note that at the time you contact us, it may be the case that we no longer process,
hold or store your personal information/data as data processor, in which case we would
advise you of this and the need to contact the data controller.

Disclosure of this information

We may disclose your personal information to third parties:
- If Evergreen Brides Ltd or substantially all of our assets are acquired by a third party,
in which case personal data held by it about our customers will be one of the
transferred assets.
- If we are under a duty to disclose or share your personal data in order to comply
with any legal obligation, or in order to enforce or apply our Terms and Conditions

and other agreements; or to protect the rights, property, or safety of our clients,
customers or others.

Our site may, from time to time, contain links to and from the websites of our partner
networks, clients, affiliates or other external websites. If you follow a link to any of these
websites, please note that these websites have their own privacy policies and that we do
not accept any responsibility or liability for these privacy policies. Before you submit any
personal data to our site, you may want to check the policies of our client, for whom we are
collecting the data, and whom for your purposes is the data controller. In the absence of any
details being listed on our site, you may contact us at or on the details provided below.
Information Use, Legal Basis, Sharing, Disclosure, and Retention Use and Legal Basis
Sales and Service Delivery

Evergreen Brides Ltd uses personal data for developing and issuing sales proposals and for
providing its services – and justifies this under the legal basis of “Contract”.

Marketing Emails

Evergreen Brides Ltd uses personal data to contact prospective clients with information
about our services. We justify this through a “Legitimate Interests” assessment and offer
opt-out functionality for those no longer wishing to hear from us in this way.

Sharing

Evergreen Brides Ltd does not share, sell, rent or trade personal information with any third
parties for marketing or promotional purposes. It will only share limited data with suppliers
where required operationally.

It also reserves the right to share data with relevant authorities if compelled to do so to
comply with legal obligations.

Disclosure

Evergreen Brides Ltd may disclose personal information under the following circumstances:
In certain situations, we may disclose personal data in response to lawful requests by public
authorities, including but not limited to national security or law enforcement requests. We
may also disclose your personal information as required by law, such as to respond to court
orders, or similar legal processes, to establish or exercise our legal rights or, defend against
legal claims, or if in our judgment in such circumstances disclosure is required or
appropriate.

Retention

We will retain existing customer information for as long as a customer account is active with
us or as needed to provide our services – and where required to comply with our legal
obligations, resolve disputes, and enforce our agreements. We will retain all
prospective customer data ongoingly until any such time that we receive a request to opt-
out.

Confidentiality and Security

If we believe it is necessary in order to investigate, prevent, or take action regarding illegal
activities, suspected fraud, situations involving potential threats to the physical safety of any
person, violations of our various terms of use, or as otherwise required by law.
We use physical, electronic, and procedural safeguards to protect personal information -
Our IT arrangements aspire to “Data Protection by Design” and should be able to detect a
significant data breach. Where such a breach could result in discrimination, damage to

reputation, financial loss, loss of confidentiality or any other significant economic or social
disadvantage we will notify the ICO. Where a breach is likely to result in a high risk to the
rights and freedoms of individual data subjects, we will also notify those concerned directly
and at the earliest practical opportunity. We shall then fully investigate a data breach and
implement corrective action to prevent recurrence.

By using our services or providing personal information to us, you are consenting that
Evergreen Brides Ltd is communicating with you electronically regarding security, privacy,
and administrative issues related to your use of our services. We may post a notice on our
website if a security breach occurs. In these circumstances, we may also send an email to
you at the email address you have provided to us.

Data transmissions over the Internet are not 100% secure. Consequently, we cannot
guarantee or warrant the security of any information you transmit to us and you do so at
your own risk. Once we receive your transmission, we use reasonable efforts to ensure
security on our systems.

Right to Be Informed
We strive to ensure that all those engaging with us are informed of our arrangements for
processing personal data through this Privacy Statement which is linked to from our email
signatures and website home page.

Right of Access

We will respond to data requests within 1 month and will only charge for requests that are
manifestly unfounded or excessive. If we have grounds to refuse a request we will inform
the data subject and make them aware of their right to complain to the ICO or to seek civil
action – again within 1 month of receiving the request

Right to Rectification

For personal data obtained directly from a data subject under the legal basis of consent –
and obtained indirectly from a data subject under the legal basis of legitimate interest – we
will correct any inaccuracies in a data subject’s personal data upon receipt of a request. For
personal data held under the legal basis of “Contract” or “Vital Interests” or “Legal
Obligations” we will endeavour to correct the data upon request but may not be able to do
so if changing the data may conflict with our legal obligations or disadvantage us in a future
legal action. In cases where we cannot rectify the data for these reasons we shall inform the
data subject and make them aware of their right to complain to the ICO or to seek civil
action.

Right to Erasure

For personal data obtained directly from a data subject under the legal basis of consent –
and obtained indirectly from a data subject under the legal basis of legitimate interest – we
will erase a data subject’s personal data upon receipt of a request / opt-out notification. For
personal data held under the legal basis of “Contract” or “Vital Interests” or “Legal
Obligations” we will endeavour to erase data upon request but will not be able to do so if
holding the data is necessary to fulfil our legal obligations or may be necessary as evidence
in a future legal action involving us. In cases where we cannot erase the data for these
reasons we shall inform the data subject and make them aware of their right to complain to
the ICO or to seek civil action

Right to Restrict Processing

For personal data obtained directly from a data subject under the legal basis of consent –
and obtained indirectly from a data subject under the legal basis of legitimate interest – we
will restrict the processing of a data subject’s personal data upon receipt of a request / opt-
out notification. For personal data held under the legal basis of “Contract” or “Vital
Interests” or “Legal Obligations” we will endeavour to facilitate the requested restriction
upon request but will not be able to do so if restricting the processing of the data prevents
us from fulfilling our legal obligations or the current processing of the data may be
necessary as evidence in a future legal action involving us. In cases where we cannot restrict
the processing of the data for these reasons we shall inform the data subject and make
them aware of their right to complain to the ICO or to seek civil action

Right to Data Portability

For personal data obtained directly from a data subject under the legal basis of consent –
we shall provide, upon receiving a request, the data that we hold in a standard, widely
accessible format

Right to Object

For personal data obtained directly from a data subject under the legal basis of consent –
and obtained indirectly from a data subject under the legal basis of legitimate interest – we
will cease to process a data subject’s personal data upon receipt of a request / opt-out
notification

Changes to this Privacy Statement

Evergreen Brides LTD reserves the right to revise, modify, or update this statement at any
time. We will notify you via email about material changes in the way we treat personal data
or by placing a prominent notice on this website.

Contacting Evergreen Brides Ltd

If you have a privacy concern regarding Evergreen Brides Ltd, or this statement, you may
contact us via office@evergreenbrides.co.uk