Subscribe

We only send emails once or twice a month and only about good things.

Privacy policy

KRANÉSA PRIVACY POLICY

Effective Date: 26.02.2026
Last Updated: 26.02.2026

At KRANÉSA, we respect your privacy and are committed to protecting your personal data.

This Privacy Policy explains how we collect, use, store, share, and protect your personal information when you:

  • visit our website
  • create an account
  • place an order
  • contact us
  • subscribe to marketing
  • request a return, refund, or support
  • interact with us through our website, social media, or customer service channels

This Privacy Policy is intended to provide clear and transparent information about how we use your personal data, in line with UK data protection law. Under the UK GDPR and the Data Protection Act 2018, individuals have the right to be informed about how their personal data is collected and used.

By using the KRANÉSA website, you acknowledge this Privacy Policy.

1. WHO WE ARE

KRANÉSA is the controller of your personal data for the purposes described in this Privacy Policy.

Business Name: KRANÉSA / KRANÉSA LTD
Email: support@kranesa.com
Website: www.kranesa.com
Business Address: 16 Herrick Court, Bollo Bridge Road, South Acton, London, W38FL.

If you have any questions about this Privacy Policy or how we use your personal data, please contact us using the details above.

2. WHAT PERSONAL DATA WE COLLECT

We may collect, use, store, and process the following categories of personal data:

2.1 Identity Data

This may include:

  • full name
  • title
  • billing name
  • delivery recipient name

2.2 Contact Data

This may include:

  • email address
  • telephone number
  • billing address
  • shipping address

2.3 Account Data

If you create an account, this may include:

  • login details
  • account preferences
  • saved addresses
  • order history
  • communication preferences

2.4 Transaction Data

This may include:

  • items ordered
  • order value
  • payment status
  • refund details
  • return details
  • shipping costs
  • courier-related order information

2.5 Payment Data

Payments are generally processed by third-party payment providers. We may receive limited payment-related information such as:

  • payment method type
  • payment status
  • partial card details where made available to us
  • fraud screening results
  • transaction references

We do not intentionally store full payment card details on our own systems unless specifically enabled through a secure and compliant payment provider.

2.6 Technical Data

When you visit our website, we may collect technical information such as:

  • IP address
  • browser type and version
  • device type
  • time zone setting
  • operating system
  • referring website
  • pages viewed
  • website interaction data
  • cookie and similar technology data

2.7 Communications Data

This may include:

  • emails you send to us
  • customer service messages
  • return and refund correspondence
  • support requests
  • social media messages
  • complaint handling records

2.8 Marketing Data

This may include:

  • subscription status
  • email marketing preferences
  • consent records
  • campaign interaction data such as opens and clicks

2.9 Fraud Prevention / Security Data

This may include:

  • verification results
  • address checks
  • risk indicators
  • device or transaction flags used to help prevent fraud or abuse

3. HOW WE COLLECT YOUR PERSONAL DATA

We collect personal data in different ways, including:

3.1 Directly From You

For example, when you:

  • place an order
  • create an account
  • sign up to our newsletter
  • contact us
  • request a return or refund
  • participate in a promotion
  • submit information through forms on our website

3.2 Automatically

When you browse our website, we and certain service providers may automatically collect technical and usage data through cookies and similar technologies.

3.3 From Third Parties

We may receive information from third parties such as:

  • payment providers
  • Shopify and connected commerce tools
  • fraud prevention providers
  • courier and logistics providers
  • fulfilment partners
  • analytics providers
  • email and marketing platforms
  • customer support tools
  • social media or advertising platforms, where applicable

The ICO says privacy information should explain what personal data is collected, how it is collected, what it is used for, who it is shared with, and how long it is kept.

4. WHY WE USE YOUR PERSONAL DATA

We use your personal data only where we have a valid legal basis to do so.

Depending on the situation, we may use your data to:

4.1 Process and Fulfil Orders

Including to:

  • process your purchase
  • take payment
  • verify your order
  • arrange fulfilment
  • organise shipping and delivery
  • provide tracking updates
  • manage returns, refunds, exchanges, or cancellations

4.2 Manage Your Account

Including to:

  • create and maintain your account
  • save preferences
  • show order history
  • provide account-related support

4.3 Provide Customer Support

Including to:

  • respond to enquiries
  • resolve complaints
  • investigate delivery issues
  • handle warranty requests
  • assist with returns and refunds

4.4 Improve and Secure Our Website

Including to:

  • understand website usage
  • improve website performance
  • personalise customer experience
  • diagnose technical issues
  • prevent fraud, abuse, and unauthorised activity

4.5 Send Service Communications

Including to:

  • send order confirmations
  • shipping updates
  • return updates
  • policy updates
  • security alerts
  • important account notices

4.6 Send Marketing Communications

Where permitted by law, we may send you information about:

  • new products
  • promotions
  • offers
  • brand updates
  • editorial or marketing content

You can unsubscribe from marketing at any time.

4.7 Comply With Legal and Regulatory Obligations

Including to:

  • maintain financial and tax records
  • comply with anti-fraud obligations
  • respond to lawful requests
  • exercise or defend legal claims

Under ICO guidance, a privacy notice should explain the purposes for processing, retention periods, sharing, lawful basis, and the rights individuals have.

5. OUR LEGAL BASES FOR PROCESSING

We rely on one or more of the following legal bases under UK data protection law, depending on the circumstances:

5.1 Contract

We process your personal data where necessary to:

  • enter into a contract with you
  • fulfil your order
  • provide customer service related to your purchase
  • process returns, refunds, or warranty matters

5.2 Legitimate Interests

We may process your personal data where necessary for our legitimate interests, provided your rights do not override those interests. This may include:

  • running and improving our business
  • protecting our website and services
  • preventing fraud
  • analysing website use
  • managing customer relationships
  • recovering unpaid charges
  • investigating misuse or abusive ordering behaviour

5.3 Legal Obligation

We may process your personal data where necessary to comply with legal obligations, including tax, accounting, consumer, fraud prevention, or regulatory requirements.

5.4 Consent

Where required, we rely on your consent, for example for certain marketing communications or certain cookies. Where consent is our basis, you can withdraw it at any time. The ICO specifically notes that privacy notices should explain people’s rights, including the right to withdraw consent where consent is the lawful basis.

6. WHO WE SHARE YOUR PERSONAL DATA WITH

We may share your personal data where necessary with trusted third parties involved in operating our business and fulfilling your order.

This may include:

6.1 E-commerce and Website Providers

Such as website hosting, platform, and storefront providers, including Shopify-related services where applicable.

6.2 Payment Providers

To process transactions, verify payments, detect fraud, and manage refunds.

6.3 Fulfilment Partners and Suppliers

To fulfil and dispatch your order, confirm stock, process returns, inspect returned goods, and manage order-related logistics.

6.4 Courier, Delivery, and Logistics Providers

Such as DHL, UPS, FedEx, Royal Mail, or other shipping providers used to deliver orders or process returns.

6.5 Fraud Prevention and Security Providers

To help prevent fraud, suspicious payments, account misuse, and abusive order behaviour.

6.6 Professional Advisers

Such as legal, tax, accounting, compliance, or insurance advisers where required.

6.7 Authorities and Regulators

Where required by law, court order, or lawful request.

6.8 Marketing, Analytics, and Technology Providers

To support email marketing, performance measurement, customer communications, and website analytics, where applicable.

The ICO says people should be told who their data will be shared with as part of privacy information.

7. INTERNATIONAL TRANSFERS

Because KRANÉSA works with international service providers, fulfilment partners, and technology providers, your personal data may sometimes be transferred to, stored in, or accessed from countries outside the UK.

Where this happens, we aim to take appropriate steps to ensure your personal data is protected in a manner consistent with applicable data protection law.

These steps may include:

  • using providers in jurisdictions recognised as adequate where applicable
  • relying on approved contractual safeguards
  • using providers with appropriate security and compliance measures

8. HOW LONG WE KEEP YOUR DATA

We will keep your personal data only for as long as reasonably necessary for the purposes for which it was collected, including for legal, accounting, tax, fraud prevention, dispute resolution, and record-keeping purposes.

Retention periods may vary depending on the type of data and why it was collected.

For example, we may retain certain data for:

  • order fulfilment and customer service records
  • accounting and tax compliance
  • fraud prevention and dispute resolution
  • legal claims and regulatory obligations
  • marketing suppression records where needed to respect opt-out choices

If we do not specify an exact retention period, we apply retention criteria based on the nature of the data, the purpose of processing, and any legal or operational need to retain it. ICO guidance says you should tell people your retention periods, or the criteria used to decide them if you do not have a fixed period.

9. YOUR PRIVACY RIGHTS

Under UK data protection law, individuals have rights in relation to their personal data. Depending on the circumstances, these may include:

  • the right to be informed
  • the right of access
  • the right to rectification
  • the right to erasure
  • the right to restrict processing
  • the right to data portability
  • the right to object
  • rights relating to certain automated decision-making and profiling

The ICO lists these rights in its UK GDPR guidance.

9.1 Access

You may request a copy of the personal data we hold about you.

9.2 Rectification

You may ask us to correct inaccurate or incomplete personal data.

9.3 Erasure

You may ask us to delete your personal data in certain circumstances. The right to erasure is not absolute and applies only in specific situations.

9.4 Restriction

You may ask us to restrict how we use your personal data in certain circumstances.

9.5 Objection

You may object to certain processing, including direct marketing. The ICO states that individuals have the right to object to processing in certain circumstances, including direct marketing.

9.6 Data Portability

Where applicable, you may request that certain personal data be provided in a portable format.

9.7 Withdraw Consent

Where we rely on consent, you may withdraw it at any time.

To exercise any of these rights, please contact us using the contact details in this Privacy Policy.

We may need to verify your identity before acting on certain requests.

10. MARKETING COMMUNICATIONS

If you subscribe to our mailing list or otherwise receive marketing from us, we may send promotional emails or similar communications where permitted by law.

You can opt out at any time by:

  • clicking the unsubscribe link in a marketing email
  • contacting us directly
  • updating your preferences where available

Even if you opt out of marketing, we may still send non-marketing service messages related to your orders, account, returns, or important policy and security matters.

11. COOKIES AND SIMILAR TECHNOLOGIES

Our website may use cookies and similar technologies to:

  • keep the website functioning properly
  • remember preferences
  • analyse traffic and performance
  • improve user experience
  • support marketing and remarketing where applicable

Some cookies are necessary for the operation of the website, while others may be optional.

Where required, we will ask for your consent before using non-essential cookies.

You may also be able to manage cookies through your browser settings or any cookie banner/tool presented on the website.

The ICO advises that privacy information and cookie information should be easy to access and clear.

12. DATA SECURITY

We take reasonable technical and organisational measures designed to protect personal data against unauthorised access, loss, misuse, alteration, or disclosure.

These measures may include:

  • secure website connections
  • access controls
  • restricted staff or provider access
  • payment provider security measures
  • monitoring for suspicious activity

However, no internet-based system can be guaranteed to be completely secure, and you use the website at your own risk.

13. CHILDREN’S PRIVACY

KRANÉSA’s website and services are not intended for children.

We do not knowingly collect personal data directly from anyone under the age of 18 in connection with purchases. Our Terms require customers to be at least 18 years old to place an order.

If you believe that personal data relating to a child has been provided to us in error, please contact us so we can review the matter.

14. LINKS TO THIRD-PARTY WEBSITES

Our website may contain links to third-party websites, platforms, or services.

If you follow a link to a third-party website, that site will have its own privacy policy and terms. KRANÉSA is not responsible for the privacy practices of third-party websites or services.

We encourage you to read their policies before submitting any personal data to them.

15. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time to reflect changes in our business, services, legal obligations, or data practices.

The updated version will be posted on this page with a revised “Last Updated” date.

We encourage customers to review this Privacy Policy periodically.

16. COMPLAINTS

If you have concerns about how we handle your personal data, please contact us first and we will try to resolve the issue.

You also have the right to complain to the UK Information Commissioner’s Office (ICO), which is the UK regulator for data protection matters. ICO guidance says privacy notices should explain how individuals can complain if they have concerns about how their data is used.

17. CONTACT US

If you have any questions about this Privacy Policy or wish to exercise your privacy rights, please contact:

KRANÉSA Customer Support
Email: support@kranesa.com
Website: www.kranesa.com
Address: 16 Herrick Court, Bollo Bridge Road, South Acton, London, W38FL.