A Legal Disclaimer

Privacy Policy

Last updated: 15 June 2025

1. Who We Are

BALDILOCKS LTD is a UK-based social enterprise providing wellness experiences, community support, and empowering products to people affected by hair loss.

Our website address is: www.baldilocks.me
Our contact email is: glow@baldilocks.me

2. What Data We Collect

We collect only the information we need to run our business effectively and serve our community.

- When you browse the site: IP address, browser type, device, and cookies (see Section 6)
- When you contact us: Name, email, and message content
- When you place an order: Name, delivery address, email, phone number, and purchase details
- When you subscribe: Name and email address
- When you participate in events or promotions: We may collect relevant info (e.g. testimonials, social handles) with your consent

We do not collect or store payment card information—this is handled securely by our third-party provider (e.g. Stripe, PayPal, Printful).

3. How We Use Your Information

We use your information to:
- Process and fulfil your orders
- Communicate with you about your orders or account
- Respond to your enquiries
- Send newsletters or promotional updates (only if you opt in)
- Improve our website and services
- Show you targeted content or ads via tools like Facebook Pixel or Google Analytics

We do not sell your data. Ever.

4. Lawful Basis

Under UK GDPR, our legal bases for processing your data include:
- Contractual necessity – for orders and service provision
- Consent – for marketing or testimonials
- Legal obligations – for accounting and regulatory compliance
- Legitimate interests – to improve our services and protect our site from fraud

5. Who We Share It With

We only share your data with trusted partners who help us run BALDILOCKS, including:
- Wix (our website platform)
- Printful (product fulfilment)
- Email providers (e.g. Mailchimp)
- Payment processors (e.g. Stripe, PayPal)
- Analytics and advertising tools (e.g. Google Analytics, Meta)

All partners are GDPR-compliant and only use your data on our instructions.

6. Cookies

Cookies are small text files placed on your device to improve your experience. We use them to:
- Track site performance
- Enable shopping cart functionality
- Remember preferences
- Show relevant ads

You can manage cookies through your browser settings. By continuing to use the site, you consent to our use of cookies.

7. Your Rights

You have the right to:
- Access the personal data we hold about you
- Request correction of inaccurate data
- Request deletion of your data
- Withdraw consent (e.g. unsubscribe from marketing)
- Complain to the Information Commissioner’s Office (ICO) if you believe we’re mishandling your data

To exercise these rights, email: glow@baldilocks.me

8. How We Store Your Data

Data is stored securely via Wix, Mailchimp, and other GDPR-compliant providers. We only keep it for as long as necessary to fulfil the purpose for which it was collected, or as required by law (e.g. tax records).

9. Children’s Privacy

Our services are not directed at children under 13. We do not knowingly collect personal information from children.

10. Changes to This Policy

We may update this Privacy Policy as needed. When we do, we’ll update the “Last updated” date at the top of this page.