Privacy Policy

Effective and Last Updated: May 6, 2026

Compliance Statement

This Privacy Policy is issued in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Data Controller: Laird Hatters, 4 Green Street, Cambridge, Cambridgeshire CB2 3JU, United Kingdom. Email: info@lairdhatterss.com.

If you have any questions about how we handle your personal data, please contact us at the address above or email info@lairdhatterss.com.

Laird Hatters operates this website and online store, dedicated to providing customers with a curated selection of hats and accessories, as well as offering all associated website features, tools, and shopping services. This store is powered by Shopify, a platform that assists us in our platform operations and service delivery. This Privacy Policy is designed to explain how we collect, use, store, disclose, and protect your personal information when you visit our website, create an account, place an order, communicate with our customer service team, or utilize any of our online services.

In the event of any conflict between our Terms of Service and this Privacy Policy, this Privacy Policy shall prevail regarding matters concerning the collection, processing, and disclosure of your personal data. By accessing and using our website and services, you acknowledge that you have read, understood, and agreed to the terms and conditions set forth in this Privacy Policy.

1. Personal Information We Collect

For the purposes of this Policy, "Personal Information" refers to any information that, either alone or in combination with other information, can identify you as an individual or can be reasonably linked to your identity. Such information does not include anonymous data or de-identified data that cannot be used to identify an individual. Depending on your interactions with our services and applicable laws and regulations, we may collect and process the following categories of personal information:

Contact Information: Your full name, email address, telephone number, billing address, and shipping address, used for the delivery of hat orders and for providing after-sales services.

Financial and Payment Information: Payment card details, transaction history, payment confirmations, and other billing data required to settle orders. We do not store full credit card details on our servers.

Account Information: Registered username, password, account preferences, shopping settings, and your saved list of favorite hat styles.

Transaction Information: Browsing history, shopping cart contents, purchased hat products, return and exchange records, order cancellation history, and all other logs of shopping activities.

Communication Information: All content provided by you when contacting our support team, including inquiries regarding hat styles, sizing, quality, shipping, returns, and order-related issues. - Device and Technical Information: Your device model, browser type, network information, IP address, and unique device identifiers, used for platform security maintenance and operational optimization.

Usage Information: Records regarding how and when you browse our website, view hat products, click on page links, and interact with our online services.

2. Sources of Personal Information

We may collect your personal information through the following legitimate sources:

Directly from You: Information you voluntarily provide when creating an account, browsing products, placing hat orders, communicating with us, submitting return requests, or interacting with our services.

Automatically Collected via Our Services: Device data, browsing behaviors, and website access information automatically collected through our website, cookies, and similar tracking technologies when you visit our store.

From Our Service Providers: Data legitimately collected and processed on our behalf by third-party partners, including Shopify, payment processors, logistics providers, and customer support teams.

From Third-Party Partners: Authorized data shared by our compliant business and marketing partners for the purposes of service optimization and marketing display.

3. How We Use Your Personal Information

We use your personal information solely for the following legitimate and explicit business purposes:

Service Provision and Optimization: Processing your hat orders, completing payment verification, arranging product shipments, supporting returns and exchanges, maintaining your user account, recording your size and style preferences, recommending suitable hats, and providing a personalized shopping experience.

Marketing and Promotion: Sending you the latest product information, new arrival notifications, promotional campaigns, and discount offers via email or other authorized channels. We may display targeted advertisements to you based on your browsing and purchasing behaviors.

Security and Fraud Prevention: Verifying user identities, safeguarding account security, and detecting and preventing fraudulent transactions, illicit activities, and malicious behaviors to ensure the shopping safety of all users.

User Communication: Responding to your customer service inquiries; resolving issues related to hat quality, shipping, after-sales support, and orders; and maintaining effective user communication and business relationships.

Legal Compliance: Complying with applicable UK and international laws and regulations; responding to legal processes and requests from regulatory authorities; enforcing our website policies; and protecting the legitimate rights and interests of our platform and users.

4. How We Disclose Personal Information

We will never sell or trade your personal information for unauthorized commercial purposes. We disclose your data to third parties only in the following legitimate circumstances, and provided that such disclosure complies with relevant regulations:

Authorized Service Providers: We share necessary information with entities such as Shopify, payment processors, logistics partners (e.g., UPS), IT maintenance teams, data analytics service providers, and customer support teams. These entities assist us with website operations, order fulfillment, logistics and delivery, and after-sales services. All service providers are required to maintain strict confidentiality regarding your data.

Business and Marketing Partners: We may share limited data with marketing partners—provided they meet compliance requirements-in order to deliver personalized product advertisements and marketing content to you. The use of data by all such partners is governed by their respective, independent privacy policies. You have the right to opt out of receiving such targeted advertisements.

User-Authorized Disclosures: When you actively request, consent to, or authorize us to share your information (for example, in scenarios involving product delivery, social media logins, or the use of third-party widget features).

Intra-Group Disclosures: We share data internally within our corporate group for the purposes of unified business management and service optimization.

Legal and Business Contexts: We may disclose data in connection with corporate mergers, acquisitions, or bankruptcy proceedings; to fulfill legal obligations, comply with court subpoenas, or meet government regulatory requirements; and to safeguard the legitimate rights, interests, and security of this platform and its users.

5. Data Security and Data Retention

Data Security

We employ industry-standard SSL encryption technology and strictly adhere to PCI-DSS data security standards to protect your personal and payment information against unauthorized access, disclosure, alteration, and loss. We enforce strict restrictions on internal access to data and require all third-party service providers to comply with rigorous data protection protocols.

Please note that no method of data transmission over the Internet or electronic storage can be guaranteed to be 100% secure; therefore, we cannot provide an absolute guarantee regarding the complete security of your data. We recommend that you take appropriate measures to safeguard your account information and avoid disclosing your private personal data through insecure channels. Data Retention

We retain your personal information only for as long as is necessary to fulfill the business purposes for which the data was collected. These purposes include: maintaining your account, processing post-sales order support, resolving disputes, complying with legal, tax, and regulatory obligations, and enforcing relevant platform policies. When the retention of specific data is no longer necessary, we will securely delete or anonymize your information in accordance with applicable laws and regulations.

6. Third Party Links

Our website may contain links to third-party websites, social media platforms, and external service pages. These third-party platforms are not operated or controlled by us. We assume no responsibility for the privacy policies, content security, or data processing practices of any third-party websites. We recommend that you carefully review the privacy policy of any third-party website before accessing it via our links and providing any personal information. The presence of third-party links on this website does not constitute an endorsement by us of their services or content.

7. Your Privacy Rights

Depending on your jurisdiction of residence, you may have the following legal rights regarding your personal data:

Right of Access: Request a copy of the personal data we hold about you.

Right of Correction: Correct inaccurate or incomplete personal information.

Right of Deletion: Request the deletion of your personal data, subject to legal requirements.

Right to Data Portability: Obtain your data in a readable format or request that your data be transferred to a third party.

Right to Opt-Out: Choose to decline the sale, sharing, or use of your personal data for targeted advertising purposes.

Global Privacy Control (GPC) Support: Our website fully supports the Global Privacy Control (GPC) standard. If you have enabled the GPC signal in your browser or device settings, we will automatically recognize this as a valid "Opt-Out" request regarding the sale of data and targeted advertising, in compliance with the CCPA, GDPR, and UK consumer privacy laws. We respect legitimate GPC privacy preference signals and will subsequently cease processing your data for targeted marketing purposes.

You may unsubscribe from our marketing emails at any time by clicking the "Unsubscribe" link located within the promotional emails. To ensure the proper functioning of our services, we will continue to send you necessary emails regarding your orders and account notifications.

We will not discriminate against you for exercising your privacy rights. Prior to processing your data requests, we may verify your identity to ensure the security of your information. If you are dissatisfied with our data processing practices,You have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK's data protection supervisory authority. You can contact the ICO at: https:/lairdhatters.shop/ico.org.uk, or by telephone on 0303 123 1113, or by post at: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF.

8. Children's Privacy

Our hat products and online services are primarily directed at general adult consumers. We do not intend to collect personal information from minors under the age of 16. If you are the parent or legal guardian of a minor and discover that your child has provided personal information to our platform without authorization, please contact us immediately. We will verify the matter and delete the relevant data as soon as possible. Under no circumstances will we sell or share the personal information of minors.

9. Cookie Policy

Our website uses cookies and similar tracking technologies to optimize your browsing experience, remember your preferences, analyze website traffic, and support the provision of personalized services. Cookies help us recognize returning users, save shopping cart information, and enhance the presentation of our hat products as well as our service functionalities.

You may manage or disable cookies at any time through your browser settings. Disabling cookies may affect certain website functionalities, including product browsing, shopping cart retention, and order submission. We use cookie data in strict compliance with applicable privacy laws and regulations and will never misuse your browsing data.

10. Changes to This Privacy Policy

We reserve the right to periodically update and revise this Privacy Policy to reflect business adjustments, technological upgrades, and changes in laws and regulations. Whenever the policy is updated, we will publish the revised content on our website and update the "Last Updated" date.

By continuing to use our website and services after the policy has been updated, you signify your acceptance of the revised Privacy Policy terms.