Privacy Policy

Last updated: 22.03.2026

Welcome to Jasminae Shop (the “Website”), owned and operated by JASMINAE LTD, Registration Number 17065484, located at 77 Fulham Palace Road, London, United Kingdom, W6 8AF (“we”, “us”, “our”).

We are committed to protecting your personal information and ensuring transparency about how we collect, use, and safeguard it.

This Privacy Policy describes how we process your data in compliance with the UK General Data Protection Regulation (UK GDPR), the EU GDPR, and the Data Protection Act 2018.

 

1. Data Controller

1.1. The Website jasminae-shop.com is owned and operated by JASMINAE LTD, which acts as the Data Controller for all personal data processed through this Website.
1.2. If you have any questions about this Policy or how your personal data is used, please contact us at [email protected].

 

2. Information We Collect

2.1. We only collect the information necessary to operate our Website, fulfil your orders, and provide support. This may include:

 

    • Contact details: name, email address, phone number, billing and shipping address.

    • Order details: products purchased, order number, and delivery preferences.

    • Account details: username, password, and profile preferences (if you register).

    • Communication data: messages or correspondence with our support team.

    • Technical information: IP address, browser type, operating system, and cookies (see our Cookies Policy).

2.2. We do not collect or store any payment data.
 All online payments are processed securely by independent third-party payment providers that comply with PCI DSS and PSD2 regulations.

 

3. Purpose of Data Processing

3.1. We process your personal information to:

 

    • Process and deliver your orders.

    • Communicate with you regarding your order, delivery, or customer inquiries.

    • Manage your account and preferences.

    • Comply with legal, accounting, or tax obligations.

    • Improve our services and website functionality.

    • Send marketing communications, only when you have provided consent (you may withdraw it at any time).

3.2. Data is processed under the following lawful bases defined by GDPR:

 

    • Performance of a contract (e.g., order fulfilment).

    • Legal obligation (e.g., accounting or taxation).

    • Legitimate interest (e.g., customer service and fraud prevention).

    • Consent (e.g., marketing communication).

 

4. Data Security

4.1. We apply a range of technical and organizational measures to safeguard your information, including:

 

    • Data encryption during storage and transmission.

    • Restricted access to personal data based on authorization levels.

    • Regular system monitoring, risk assessments, and internal audits.

    • Ongoing staff training on data protection and security protocols.

4.2. These measures are designed to prevent unauthorized access, alteration, disclosure, or destruction of your personal information.

 

5. GDPR and Data Protection Compliance

5.1. We comply with the principles and obligations set out by the UK GDPR and EU GDPR, ensuring that your data is:

 

    • Processed lawfully, fairly, and transparently.

    • Collected only for specific, legitimate purposes.

    • Accurate, relevant, and limited to what is necessary.

    • Stored securely and deleted when no longer required.

5.2. We conduct regular compliance reviews and staff training to maintain adherence to data protection regulations.

 

6. Extra-EEA Data Transfers

6.1. Your personal data may be transferred to and processed in countries outside the European Economic Area (EEA) or the United Kingdom.
6.2. In such cases, we ensure that appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) or other legally approved mechanisms, to guarantee that your data receives the same level of protection as under UK and EU law.

7. Strong Customer Authentication (SCA)

7.1. Our payment partners implement Strong Customer Authentication (SCA) in compliance with the Payment Services Directive 2 (PSD2).
7.2. SCA uses two or more independent authentication factors — such as something the customer knows (password), something they have (mobile device), or something they are (biometric data) — to confirm identity during payment processing.
7.3. This ensures additional protection against fraud and unauthorized transactions.

 

8. PSD2 Compliance and Third-Party Payments

8.1. All online payments on Jasminae Shop are processed exclusively by third-party payment providers that comply with PSD2 and Strong Customer Authentication (SCA) requirements.
8.2. We do not access, collect, or retain any payment card details or financial information.
8.3. Any disputes or issues relating to payment authorization should be addressed directly to the payment provider.

 

9. Data Retention

9.1. We retain your personal data only for as long as necessary to:

 

    • Fulfil the purpose for which it was collected.

    • Comply with legal and tax obligations.

    • Resolve disputes and enforce agreements.

9.2. Once retention periods expire, personal data is securely deleted or anonymized.

 

10. Your Rights

10.1. Under data protection laws, you have the right to:

 

    • Access your personal data.

    • Rectify inaccurate or incomplete information.

    • Erase data where it is no longer required.

    • Restrict or object to certain processing activities.

    • Port your data to another service provider.

10.2. To exercise any of these rights, please contact us at [email protected].
10.3. We will respond to all valid requests within the timeframes required by law.

 

11. Cookies

11.1. Our Website uses cookies to enhance your browsing experience and enable essential site features such as shopping cart functionality and user preferences.
11.2. For more details about the types of cookies we use and how you can manage them, please refer to our Cookies Policy.

 

12. Data Sharing and Third Parties

12.1. We may share limited personal data with trusted service providers who assist in delivering our services, including:

 

    • Courier and logistics partners.

    • IT and hosting providers.

    • Payment processors (who act as separate controllers).

    • Legal or regulatory authorities, when required by law.

12.2. These third parties are obligated to handle your information securely and in accordance with applicable data protection laws.

 

13. Governing Law and Jurisdiction

13.1. This Privacy Policy is governed by and construed in accordance with the laws of the United Kingdom.
13.2. Any disputes arising from or related to this Policy shall be subject to the exclusive jurisdiction of the courts of the United Kingdom.

 

14. Contact Information

JASMINAE LTD
Reg. Number: 17065484
Address: 77 Fulham Palace Road, London, United Kingdom, W6 8AF
Email: [email protected]