ChiVelour – Privacy Policy

Last Updated: 12 December 2025

ChiVelour ("we", "us", or "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and protect your information when you visit our website or purchase our products.

1. Who We Are

ChiVelour is a trading name of ChiVelour Ltd, a company registered in England and Wales.

  • Company Number: 16468750

  • Registered Office:Bramley Road, Cheam Sutton, United Kingdom SM2 7LR

  • Contact Email: concierge@chivelour.com

For the purposes of UK data protection law (UK GDPR), ChiVelour Ltd is the Data Controller.

2. What Information We Collect

We may collect, use, store, and transfer different kinds of personal data about you, which we have grouped together follows:

a) Information you provide to us

  • Identity Data: Name, username, or similar identifier.

  • Contact Data: Billing address, delivery address, email address, and telephone numbers.

  • Financial Data: Payment card details (Note: We do not store full card details; these are processed securely by our third-party payment providers).

  • Transaction Data: Details about payments to and from you and other details of products you have purchased from us.

  • Profile Data: Your purchases, preferences, feedback, and survey responses.

b) Information about Third Parties (Gift Recipients) As a gifting service, you may provide us with the personal data of third parties (e.g., the name and address of the gift recipient).

  • By providing this information, you confirm that you have the permission of the third party to share their details with us for the sole purpose of gift delivery.

  • We will not use the recipient’s data for marketing purposes unless they opt-in themselves.

c) Information collected automatically

  • Technical Data: Internet Protocol (IP) address, browser type and version, time zone setting, browser plug-in types, operating system, and platform.

  • Usage Data: Information about how you use our website and products.

3. How We Use Your Information

We use your personal data to:

  • Process and fulfil your orders (including delivery to third parties).

  • Communicate with you about your order status.

  • Verify your age (if purchasing age-restricted items such as alcohol).

  • Deliver bespoke and personalised products.

  • Improve our website, products, and customer experience.

  • Prevent fraud and ensure the security of our site.

  • Send marketing communications (only where you have consented or strictly under 'soft opt-in' for existing customers).

4. Lawful Basis for Processing

We process your data under the following lawful bases:

  • Contractual Necessity: To fulfil the contract we are about to enter into or have entered into with you (e.g., delivering the gift box).

  • Legal Obligation: To comply with the law (e.g., age verification for alcohol, tax/accounting records).

  • Legitimate Interests: For our business interests in running our business, preventing fraud, and improving our services (ensuring this does not override your rights).

  • Consent: For sending third-party direct marketing communications to you via email or text message. You have the right to withdraw consent to marketing at any time.

5. Marketing Communications

You will only receive marketing communications from ChiVelour if:

  • You have actively opted in; or

  • You are an existing customer, and we are sending information about similar goods or services (Soft Opt-in), and you have not opted out.

You may unsubscribe at any time by clicking the 'unsubscribe' link in our emails or by contacting us directly.

6. Sharing Your Information

We do not sell your data. We may share your data with trusted third parties solely for business operations:

  • Service Providers: Payment processors (e.g., Stripe), delivery couriers (e.g., Royal Mail, DPD), and website hosting services.

  • Professional Advisers: Lawyers, bankers, auditors, and insurers.

  • Regulators: HM Revenue & Customs and other authorities acting as processors or joint controllers based in the UK.

All third parties are required to respect the security of your personal data and to treat it in accordance with the law.

7. International Data Transfers

Whenever we transfer your personal data out of the UK (e.g., if a software provider has servers in the USA), we ensure a similar degree of protection is afforded to it by using specific contracts approved for use in the UK which give personal data the same protection it has in the UK.

8. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes we collected it for:

  • Order and Tax Data: Retained for 6 years plus the current financial year (legal requirement).

  • Marketing Data: Retained until you withdraw consent or become inactive for a defined period.

  • Enquiries: Retained as long as required to resolve the matter.

9. Your Rights

Under UK GDPR, you have rights regarding your personal data, including the right to:

  • Request access to your personal data.

  • Request correction of inaccurate data.

  • Request erasure of your data ("Right to be forgotten").

  • Object to processing or restrict processing.

  • Request the transfer of your data (Data Portability).

  • Withdraw consent at any time.

To exercise any of these rights, please contact us at [Add Email].

Right to Complain: You have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO, so please contact us in the first instance.

10. Data Security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorised way. Access to your personal data is limited to those employees, agents, and other third parties who have a business need to know.

11. Third-Party Links

Our website may include links to third-party websites, plug-ins, and applications. Clicking on those links may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements.

12. Cookies

Our website uses cookies to enhance your experience. For full details on the cookies we use and how to manage them, please refer to our Cookie Policy.

13. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated revision date.

Redefining the Art of Gifting
Concierge

Personal & Corporate Gifting enquiries
concierge@chivelour.com

Privacy Policy / Terms of Service / Refund Policy

© 2026 ChiVelour. All rights reserved.