Legal

Privacy Policy

Effective Date: April 6, 2026

Last Updated: May 18, 2026

At D'MUR ESSENCE, your privacy matters to us. This policy explains what information we collect, how we use it, who we share it with, and the rights you have over your data. If anything here is unclear, get in touch with us using the contact details at the end of this page.

1. Who We Are

D'MUR ESSENCE LTD is a private limited company registered in England and Wales.

  • Company number: 16819302
  • Registered office: 92a King Street, Great Yarmouth, England, NR30 2PR
  • Trading name: D'Mur Essence
  • Contact email: [email protected]

For the purposes of UK GDPR and the Data Protection Act 2018, D'MUR ESSENCE LTD is the data controller responsible for your personal information.

2. Information We Collect

We collect different types of information depending on how you interact with us:

Information you give us directly

  • Name, email address, phone number, and delivery/billing address — when you place an order, create an account, or sign up to our newsletter
  • Payment details — processed securely by Stripe (we don't store full card numbers ourselves)
  • Account credentials — if you create an account or join our members club
  • Messages and correspondence — when you contact us by email, social media, or contact form

Information we collect automatically

  • Device and browser information — IP address, browser type, operating system, device type
  • Usage data — pages visited, time on site, referral source, links clicked
  • Cookie data — see Section 5 for full detail

Information from third parties

  • Order and fulfilment updates from our shipping carriers
  • Payment confirmation from Stripe
  • Engagement data from our email platform (opens, clicks)

3. How We Use Your Information

We only use your information where we have a lawful basis to do so under UK GDPR. Here's how that breaks down:

Purpose Lawful Basis
Processing and fulfilling your orders Performance of a contract
Sending order confirmations, shipping updates, and invoices Performance of a contract
Handling returns, refunds, and customer service queries Performance of a contract
Sending marketing emails, newsletters, members club content, and abandoned cart reminders Consent (you can withdraw this at any time)
Improving our website and understanding how visitors use it (via Google Analytics) Consent (via our cookie banner)
Complying with legal, tax, and accounting obligations Legal obligation
Preventing fraud and protecting our business Legitimate interests

4. Who We Share Your Information With

We do not sell your personal information. We only share it with trusted service providers who help us run our business, and only with the data they need to do their job.

Stripe — processes payments. Stripe receives your payment details, name, billing address, and order amount. Stripe is a separate data controller for payment data and is PCI-DSS compliant. See Stripe's Privacy Policy.

GoHighLevel (HighLevel Inc.) — hosts our website, stores customer records, and sends our emails. GoHighLevel is based in the United States and is certified to the UK Extension to the EU-US Data Privacy Framework. International transfers are covered by Standard Contractual Clauses and the UK International Data Transfer Addendum.

Shipping carriers — we use a range of carriers depending on the order, including Royal Mail, DPD, Evri, and others. They receive your name, delivery address, contact details, and order reference to deliver your parcel.

Google (Google Analytics 4) — we use GA4 to understand how visitors use our website. GA4 is configured with IP anonymisation and data is only loaded after you accept analytics cookies. See Google's Privacy Policy.

Professional advisors — accountants, legal advisors, and similar professionals who help us run the business and meet our legal obligations.

Authorities — we may disclose information where required by law, court order, or to protect our legal rights.

5. Cookies and Tracking

We use cookies and similar technologies on our website. When you first visit, you'll see a cookie consent banner that lets you choose which types you accept.

Strictly necessary cookies

Required for the website to work (e.g. shopping cart, checkout, login). These don't need your consent.

Analytics cookies

We use Google Analytics 4 to understand how visitors use the site, which pages are popular, and where improvements can be made. These only load if you accept them in the banner.

Marketing cookies

Currently not in use. If we add them in future, we'll update this policy and your consent will be requested.

You can change your cookie preferences at any time using the cookie settings link in our website footer, or by clearing cookies in your browser.

6. Marketing Communications and the Members Club

When you join our members club or opt in to our newsletter, you'll receive:

  • New product launches and restocks
  • Members-only promotions and early access
  • Newsletters and brand stories
  • Abandoned cart reminders if you leave items in your basket

You can unsubscribe at any time using the link at the bottom of any marketing email, or by emailing us directly. Unsubscribing from marketing won't affect transactional emails (order confirmations, shipping updates, etc.) which we're required to send as part of fulfilling your order.

7. How Long We Keep Your Information

We keep your data only as long as we need it:

Order and transaction records 7 years (HMRC requirement)
Customer account data Active + 2 years after last interaction
Marketing contact data Until unsubscribe or 2 years no engagement
Customer service correspondence 2 years after resolution
Website analytics data Up to 14 months (GA4 default)

After these periods, data is either deleted or anonymised.

8. Where Your Data Is Stored

Most of your data is stored on servers in the United States, operated by HighLevel Inc. (GoHighLevel) and its hosting providers (AWS, Google Cloud). These transfers are protected by:

  • HighLevel's certification to the UK Extension to the EU-US Data Privacy Framework
  • UK International Data Transfer Addendum and Standard Contractual Clauses
  • Encryption in transit (TLS 1.2+) and at rest (AES-256)

Stripe processes payments through infrastructure in the EEA, UK, and US, with equivalent safeguards.

9. Your Rights

Under UK GDPR, you have the following rights:

Right to be informed To know how your data is used (this policy).
Right of access To request a copy of the data we hold about you.
Right to rectification To correct inaccurate or incomplete data.
Right to erasure To ask us to delete your data ("right to be forgotten").
Right to restrict processing To limit how we use your data.
Right to data portability To receive your data in a machine-readable format.
Right to object To object to processing based on legitimate interests or for marketing.
Automated decision-making We don't currently make automated decisions that significantly affect you.

To exercise any of these rights, email us at [email protected]. We'll respond within one month.

If you're not happy with how we've handled your data, you can complain to the UK's data protection regulator:

Information Commissioner's Office (ICO)

Website: ico.org.uk

Helpline: 0303 123 1113

10. Data Security

We take security seriously. Our website and customer data are protected by:

  • Encryption in transit (TLS 1.2+) and at rest (AES-256)
  • Role-based access controls — only people who need access have it
  • Secure infrastructure provided by GoHighLevel, AWS, and Google Cloud
  • PCI-DSS compliant payment processing via Stripe

No system is 100% secure, but we follow industry standards to protect your information. If a data breach ever occurred that affected your rights, we'd notify both the ICO and any affected customers within 72 hours as required by law.

11. Children's Privacy

Our website and products are not directed at children under 16. We don't knowingly collect data from anyone under 16. If you believe we've collected information from a child, please contact us and we'll delete it.

12. Changes to This Policy

We may update this policy from time to time — for example, if we add new services or the law changes. When we make significant changes:

  • We'll update the "Last Updated" date at the top of the page
  • We'll notify members club subscribers by email
  • We'll display a notice on the website where appropriate

Your continued use of our website and services after changes take effect means you accept the updated policy.

13. Contact Us

For any questions about this policy, your data, or to exercise any of your rights:

Email: [email protected]

Post: D'MUR ESSENCE LTD, 92a King Street, Great Yarmouth, England, NR30 2PR

D’MUR is not defined by excess, but by presence.

Crafted for Presence.

Receive 10% off your first order when you sign up to the D'MUR Member's Club today.

© 2026 D'MUR ESSENCE LTD. All Rights Reserved.

Website managed by Nue Web

© 2026 D'MUR ESSENCE. All Rights Reserved