Privacy Policy

1. Introduction

This privacy notice explains how we collect, use, and protect your personal data when you use our website www.lisalister.com, including any information you may provide when you:

  • purchase a product or service,

  • sign up to our newsletter, or

  • take part in a prize draw, competition, or promotion.

By providing us with your personal data, you confirm that you are aged 13 or over.

Data Controller: Lisa Lister trading as LisaLister.com (“we”, “us”, or “our”).

Contact details:

  • Email: lisa@thesassyshe.com

  • Postal address: 769 Fareham, PO14 9TR

If you are unhappy with how we handle your data, you have the right to complain to the Information Commissioner’s Office (ICO) at www.ico.org.uk. We would appreciate the chance to resolve any concerns before you approach the ICO.

It is important that your personal data is accurate and up to date. Please let us know if your details change by emailing lisa@thesassyshe.com.

2. Data We Collect

Personal data means information that can identify you. It does not include anonymised data.

We may collect and process the following:

  • Identity Data: first name, last name, username, title, date of birth, gender.

  • Contact Data: billing address, delivery address, email address, telephone numbers.

  • Financial Data: bank account details, payment card details.

  • Transaction Data: details about payments and purchases.

  • Technical Data: IP address, browser type/version, time zone, device type, operating system, and similar data.

  • Profile Data: account logins, purchases, preferences, feedback, survey responses.

  • Usage Data: information about how you use our site, products, and services.

  • Marketing and Communications Data: your marketing preferences.

We do not collect special category data (such as health, beliefs, or political opinions) or information about criminal convictions.

If we require personal data by law or under a contract, and you do not provide it, we may be unable to provide the service or product requested.

3. How We Collect Data

We collect your data in several ways:

a) Direct interactions – when you:

  • place an order,

  • create an account,

  • subscribe to our newsletter,

  • request marketing,

  • enter a competition or promotion,

  • provide feedback.

b) Automated technologies – such as cookies, server logs, and analytics tools. (See our Cookie Policy for details.)

c) Third parties:

  • Analytics: e.g. Google Analytics (outside the UK)

  • Email marketing: Mailchimp (USA)

  • Payment and delivery services: Squarespace, PayPal, Braintree (USA)

  • Public records: Companies House, Electoral Register (UK)

Our store is hosted on Squarespace. They store your data securely on their servers. Payment data processed by Braintree is encrypted and handled under PCI-DSS standards.

4. How We Use Your Data

We will only process your personal data when allowed by law, including:

  • Contract: where we need it to fulfil an order or provide a service.

  • Legitimate interests: where it is necessary for our business and your rights do not override those interests.

  • Legal obligation: where we must comply with UK law.

  • Consent: for marketing communications (you may withdraw consent at any time).

We may use your data to:

  • process and deliver orders,

  • manage payments,

  • provide customer service,

  • send you marketing (if opted in),

  • improve our website and services,

  • comply with legal obligations.

You will only receive marketing from us if you have opted in or purchased from us and not opted out.

5. Disclosures of Your Data

We may share your personal data with:

  • IT, hosting, and system administration providers,

  • professional advisers (lawyers, accountants, insurers),

  • HMRC and UK regulators,

  • third parties in the event of a business sale or merger.

All third parties must respect the confidentiality and security of your personal data.

6. International Transfers

Some of our service providers are outside the UK (for example, in the USA). When we transfer your data internationally, we ensure appropriate safeguards are in place, such as:

  • adequacy regulations issued by the UK Government, or

  • International Data Transfer Agreements (IDTAs) or Standard Contractual Clauses (SCCs).

7. Data Security

We have implemented security measures to protect your personal data from loss, misuse, or unauthorised access. Access is restricted to those who need it for business purposes.

If you make a purchase, payment details are encrypted using SSL and stored in accordance with PCI-DSS standards.

8. Data Retention

We keep your personal data only for as long as necessary to fulfil the purposes we collected it for, including legal and tax requirements. By law, basic customer data (Identity, Contact, Financial, Transaction) is kept for six years after you stop being a customer.

We may anonymise data for research or statistics, in which case it is no longer treated as personal data.

9. Your Rights

Under UK GDPR, you have the right to:

  • request access to your personal data,

  • request correction or erasure,

  • object to processing,

  • request restriction of processing,

  • request data transfer,

  • withdraw consent at any time.

You can learn more from the ICO’s guide: https://ico.org.uk/your-data-matters/

To exercise your rights, contact lisa@thesassyshe.com. We will respond within one month.

10. Third-Party Links

Our website may include links to third-party sites. We are not responsible for their privacy policies and encourage you to read them before providing personal data.

11. Cookies

You can set your browser to refuse cookies or alert you when websites use them. See our Cookie Policy for details on how we use cookies and how to manage them.

Last updated: 15-8-2025

Cookie Policy

1. What Are Cookies?

Cookies are small text files placed on your device when you visit our website. They allow us to remember your preferences, improve your browsing experience, and understand how visitors use our site.

Cookies can be:

  • First-party cookies – set by our website.

  • Third-party cookies – set by other websites or services we use (for example, analytics or payment providers).

2. Types of Cookies We Use

We use the following categories:

  1. Strictly Necessary Cookies

    • Required for the website to function (e.g. shopping basket, account login).

    • Without these, you cannot use some site features.

    • These cookies do not store personally identifiable information.

  2. Performance and Analytics Cookies

    • Help us understand how visitors use our site.

    • For example, we use Google Analytics to measure page visits and traffic sources.

    • Data collected is aggregated and anonymous.

  3. Functionality Cookies

    • Remember your preferences (e.g. location, language).

    • May be set by us or third-party providers whose services you use on our pages.

  4. Targeting or Advertising Cookies

    • Track your browsing habits so we can display relevant adverts.

    • May be set by advertising partners to build a profile of your interests.

3. Cookies We Use

Cookie NamePurposeProviderExpiryTypeXSRF-TOKENSecurity & session managementSquarespaceSessionStrictly necessary_gid, _gaAnalytics trackingGoogle Analytics1 day / 2 yearsAnalyticsss_cidVisitor ID trackingSquarespace2 yearsAnalyticsmailchimp_landing_siteTracks newsletter sign-up originMailchimp1 monthMarketing

(This table is an example — your actual list should be updated based on what your site really sets. You can get this list from Squarespace’s support or by scanning your site.)

4. Managing Cookies

When you first visit our site, you will see a cookie consent banner giving you the option to accept or reject non-essential cookies.

You can also control cookies in your browser settings:

  • Google Chrome: Manage cookies

  • Mozilla Firefox: Manage cookies

  • Apple Safari: Manage cookies

  • Microsoft Edge: Manage cookies

If you block some cookies, parts of the site may not work properly.

5. Third-Party Services That Use Cookies

We use trusted third-party services that may set cookies, including:

  • Squarespace – site hosting and e-commerce platform.

  • Google Analytics – site usage tracking.

  • Mailchimp – email marketing sign-ups.

  • Braintree / PayPal – payment processing.

These providers have their own privacy and cookie policies.

6. Changes to This Cookie Policy

We may update this policy from time to time to reflect changes in technology, law, or our services. Please check this page regularly for updates.

Last updated: 15-08-2025