top of page

Privacy Policy

Last updated: 15/02/2026

1. Introduction

This Privacy Policy explains how Katy Fryd Art (“we”, “us”, or “our”) collects, uses, stores, and protects your personal data when you use our website [katyfrydart.co.uk] or interact with our services. We are committed to complying with the UK GDPR and the Data Protection Act 2018.

If you have any questions, you can contact us at: Email: [terrapintrouble@gmail.com] Address: [65A Wrangleden Rd, Maidstone, Kent, ME15 9LD]

2. What Personal Data We Collect

We may collect the following types of personal data:

Data you provide directly

  • Name

  • Email address

  • Phone number

  • Postal address

  • Payment information (processed securely by third‑party providers)

  • Any information you submit via forms, messages, or account creation

Data collected automatically

  • IP address

  • Browser type and device information

  • Cookies and usage data

  • Pages visited and actions taken on our website

Data from third parties

  • Payment processors

  • Advertising or analytics partners (if applicable)

3. How We Use Your Personal Data

We use your data for the following purposes:

  • To provide and manage our services

  • To process orders and payments

  • To communicate with you about your account or enquiries

  • To send marketing communications (only with your consent)

  • To improve our website and user experience

  • To comply with legal obligations

4. Legal Bases for Processing

We process your data under one or more of the following legal bases:

  • Consent — when you opt in to marketing or optional services

  • Contract — when processing is necessary to deliver a service you requested

  • Legal obligation — when required by law

  • Legitimate interests — for business purposes that do not override your rights

5. How We Share Your Data

We may share your data with:

  • Service providers (e.g., payment processors, hosting providers)

  • Professional advisers (e.g., accountants, legal consultants)

  • Analytics or marketing partners (only with consent)

  • Authorities, if required by law

We never sell your personal data.

6. International Data Transfers

If we transfer your data outside the UK or EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses or adequacy decisions.

7. Data Retention

We keep your personal data only for as long as necessary for the purposes described in this policy, or as required by law. After this period, your data is securely deleted or anonymised.

8. Your Rights Under GDPR

You have the right to:

  • Access your personal data

  • Correct inaccurate data

  • Request deletion (“right to be forgotten”)

  • Restrict or object to processing

  • Withdraw consent at any time

  • Request data portability

  • Lodge a complaint with the ICO (Information Commissioner’s Office)

To exercise any of these rights, contact us at [your email].

9. Cookies

We use cookies to improve your browsing experience. You can manage or disable cookies through your browser settings. For more details, see our Cookie Policy (if you have one).

10. Security

We take appropriate technical and organisational measures to protect your personal data from loss, misuse, or unauthorised access.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated “Last updated” date.

bottom of page