Skip to content
10% Off Your First Order | Shop New In
10% Off Your First Order | Shop New In

Privacy Notice

Privacy Notice

Last updated: June 2, 2026

This Privacy Notice explains how Created Brilliance Limited ("Created Brilliance", "we", "us", "our") collects, uses, stores and shares your personal data when you visit or make a purchase from createdbrilliance.co.uk or otherwise interact with us.

Please read this notice carefully. By using our website or services, you acknowledge that you have read and understood its contents.

1. Who We Are

Created Brilliance Limited is a company registered in England and Wales. Company registration number: 15861282. Registered office: 11–14 Kirby Street, London, EC1N 8TS.

We are registered with the Information Commissioner's Office (ICO) as a data controller. ICO registration number: ZBXXXXXX (to be updated on receipt of registration confirmation).

For any data protection queries, please contact us at compliance@createdbrilliance.co.uk.

2. The Data We Collect

Information you provide directly

  • Name, email address, phone number and postal address
  • Order and payment details (we do not store card data — see Section 7)
  • Communications you send us by email, phone or live chat
  • Information provided when creating an account, submitting a review, or completing a bespoke enquiry form
  • Marketing preferences

Information collected automatically

  • IP address, browser type and version, device type
  • Pages visited, time spent on site, referring URLs
  • Cookie and tracking data (see our Cookies Policy for full details)

Information from third parties

  • Order and fulfilment data from marketplace platforms we sell through
  • Affiliate referral data from our affiliate network
  • Analytics and advertising performance data from Google and Meta

3. How We Use Your Data

We use your personal data for the following purposes:

  • To fulfil your order — processing payments, arranging delivery, handling returns and providing post-purchase support. Legal basis: performance of a contract.
  • To manage your account — if you register with us, to provide access to order history and saved preferences. Legal basis: performance of a contract.
  • To communicate with you — responding to enquiries, providing order updates and customer service. Legal basis: performance of a contract / legitimate interests.
  • To send marketing communications — newsletters, promotions and product updates, where you have opted in or where we have a legitimate interest as an existing customer. Legal basis: consent or legitimate interests. You can unsubscribe at any time via the link in any email or by contacting us.
  • To improve our website and services — using analytics data to understand how visitors use the site and to identify improvements. Legal basis: legitimate interests.
  • To run advertising and remarketing campaigns — showing relevant ads on Google, Meta and other platforms to people who have visited our site. Legal basis: consent (via cookie preferences) / legitimate interests.
  • To manage affiliate relationships — tracking referrals made through our affiliate programme. Legal basis: legitimate interests / performance of a contract.
  • To comply with legal obligations — retaining records as required by tax, consumer protection and other applicable law. Legal basis: legal obligation.

4. Cookies and Tracking Technologies

We use cookies and similar technologies to operate the site, analyse traffic and deliver relevant advertising. Full details of the cookies we use and how to manage your preferences are set out in our Cookies Policy.

5. Who We Share Your Data With

We do not sell your personal data. We share it only where necessary to operate our business, with the following categories of recipients:

  • Shopify — our e-commerce platform, which hosts our store, processes orders and manages customer accounts. Shopify acts as a data processor on our behalf.
  • Payment processors — we accept payments via Klarna, PayPal, Apple Pay, Google Pay, Amazon Pay, Shop Pay and Shop Pay Instalments. Payments are processed directly by these providers; we do not store or have access to your full card details. Each provider's own privacy policy applies to the data they process.
  • Email and marketing platforms — we use Klaviyo to manage and send marketing emails. We use Microsoft 365 (Outlook) for direct customer communications.
  • Analytics and advertising — we use Google Analytics (GA4), Google Ads and Meta (Facebook/Instagram) advertising tools. These providers may process your data in connection with analytics, ad targeting and campaign measurement.
  • Affiliate network — we use Awin to manage our affiliate programme. Referral and commission data is shared with Awin for this purpose.
  • Marketplace and fulfilment partners — where orders are placed through or fulfilled via third-party marketplace or logistics platforms, we share the data necessary to process and deliver your order.
  • Wholesale and retail partners — where products are connected to third-party retailers through wholesale or dropship integrations, relevant order data is shared with those retailers.
  • Live chat — we use Shopify Inbox to manage customer chat enquiries.
  • Professional advisers and authorities — we may share data with legal advisers, accountants or regulatory authorities where required by law or to protect our legal rights.

6. International Data Transfers

Some of our third-party service providers, including Shopify, Klaviyo, Google and Meta, are based in or operate infrastructure in the United States and other countries outside the UK. Where your data is transferred outside the UK, we ensure that appropriate safeguards are in place in accordance with UK GDPR, such as the UK International Data Transfer Agreement (IDTA) or adequacy decisions, as applicable.

7. Payment Security

All payments are processed by regulated third-party payment providers. We do not store, access or process your full payment card details. Our website uses SSL/TLS encryption for all data transmitted between your browser and our servers.

8. How Long We Keep Your Data

We retain your personal data only for as long as necessary for the purposes set out in this notice or as required by law. As a general guide:

  • Transactional and order records — retained for 7 years in line with HMRC requirements.
  • Customer accounts — retained while your account is active and for a reasonable period thereafter.
  • Marketing data — retained until you unsubscribe or withdraw consent, after which we will suppress rather than delete your details to avoid re-contacting you.
  • Communications and enquiries — retained for up to 3 years.
  • Analytics and usage data — retained in line with the settings of the relevant platform (typically 14–26 months for Google Analytics).

9. Your Rights

Under UK GDPR, you have the following rights in relation to your personal data:

  • Right of access — to request a copy of the personal data we hold about you.
  • Right to rectification — to ask us to correct inaccurate or incomplete data.
  • Right to erasure — to ask us to delete your data where there is no lawful reason for us to continue holding it.
  • Right to restriction — to ask us to limit how we use your data in certain circumstances.
  • Right to data portability — to receive your data in a structured, machine-readable format where processing is based on consent or contract.
  • Right to object — to object to processing based on legitimate interests, including direct marketing.
  • Right to withdraw consent — where processing is based on your consent, you may withdraw it at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, please contact us at compliance@createdbrilliance.co.uk. We will respond within one month. We may ask you to verify your identity before acting on a request.

If you are not satisfied with how we handle your data or your request, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):

10. Children's Privacy

Our website and services are not directed at children under the age of 13. We do not knowingly collect personal data from children under 13. If you believe a child has provided us with personal data, please contact us at compliance@createdbrilliance.co.uk and we will delete it promptly.

11. Links to Third-Party Websites

Our website may contain links to third-party websites. We are not responsible for the privacy practices or content of those sites and encourage you to review their privacy policies before providing any personal data.

12. Changes to This Notice

We may update this Privacy Notice from time to time. When we do, we will update the "Last updated" date at the top of this page. Material changes will be communicated by a notice on our website or by email where appropriate. We encourage you to review this page periodically.

13. Contact Us

For any questions, concerns or requests relating to this Privacy Notice or how we handle your personal data, please contact us: