
Legal
At D'MUR ESSENCE, your privacy matters to us. This policy explains what information we collect, how we use it, who we share it with, and the rights you have over your data. If anything here is unclear, get in touch with us using the contact details at the end of this page.
D'MUR ESSENCE LTD is a private limited company registered in England and Wales.
For the purposes of UK GDPR and the Data Protection Act 2018, D'MUR ESSENCE LTD is the data controller responsible for your personal information.
We collect different types of information depending on how you interact with us:
Information you give us directly
Information we collect automatically
Information from third parties
We only use your information where we have a lawful basis to do so under UK GDPR. Here's how that breaks down:
| Purpose | Lawful Basis |
|---|---|
| Processing and fulfilling your orders | Performance of a contract |
| Sending order confirmations, shipping updates, and invoices | Performance of a contract |
| Handling returns, refunds, and customer service queries | Performance of a contract |
| Sending marketing emails, newsletters, members club content, and abandoned cart reminders | Consent (you can withdraw this at any time) |
| Improving our website and understanding how visitors use it (via Google Analytics) | Consent (via our cookie banner) |
| Complying with legal, tax, and accounting obligations | Legal obligation |
| Preventing fraud and protecting our business | Legitimate interests |
We do not sell your personal information. We only share it with trusted service providers who help us run our business, and only with the data they need to do their job.
Stripe — processes payments. Stripe receives your payment details, name, billing address, and order amount. Stripe is a separate data controller for payment data and is PCI-DSS compliant. See Stripe's Privacy Policy.
GoHighLevel (HighLevel Inc.) — hosts our website, stores customer records, and sends our emails. GoHighLevel is based in the United States and is certified to the UK Extension to the EU-US Data Privacy Framework. International transfers are covered by Standard Contractual Clauses and the UK International Data Transfer Addendum.
Shipping carriers — we use a range of carriers depending on the order, including Royal Mail, DPD, Evri, and others. They receive your name, delivery address, contact details, and order reference to deliver your parcel.
Google (Google Analytics 4) — we use GA4 to understand how visitors use our website. GA4 is configured with IP anonymisation and data is only loaded after you accept analytics cookies. See Google's Privacy Policy.
Professional advisors — accountants, legal advisors, and similar professionals who help us run the business and meet our legal obligations.
Authorities — we may disclose information where required by law, court order, or to protect our legal rights.
We use cookies and similar technologies on our website. When you first visit, you'll see a cookie consent banner that lets you choose which types you accept.
Strictly necessary cookies
Required for the website to work (e.g. shopping cart, checkout, login). These don't need your consent.
Analytics cookies
We use Google Analytics 4 to understand how visitors use the site, which pages are popular, and where improvements can be made. These only load if you accept them in the banner.
Marketing cookies
Currently not in use. If we add them in future, we'll update this policy and your consent will be requested.
You can change your cookie preferences at any time using the cookie settings link in our website footer, or by clearing cookies in your browser.
When you join our members club or opt in to our newsletter, you'll receive:
You can unsubscribe at any time using the link at the bottom of any marketing email, or by emailing us directly. Unsubscribing from marketing won't affect transactional emails (order confirmations, shipping updates, etc.) which we're required to send as part of fulfilling your order.
We keep your data only as long as we need it:
After these periods, data is either deleted or anonymised.
Most of your data is stored on servers in the United States, operated by HighLevel Inc. (GoHighLevel) and its hosting providers (AWS, Google Cloud). These transfers are protected by:
Stripe processes payments through infrastructure in the EEA, UK, and US, with equivalent safeguards.
Under UK GDPR, you have the following rights:
To exercise any of these rights, email us at [email protected]. We'll respond within one month.
If you're not happy with how we've handled your data, you can complain to the UK's data protection regulator:
We take security seriously. Our website and customer data are protected by:
No system is 100% secure, but we follow industry standards to protect your information. If a data breach ever occurred that affected your rights, we'd notify both the ICO and any affected customers within 72 hours as required by law.
Our website and products are not directed at children under 16. We don't knowingly collect data from anyone under 16. If you believe we've collected information from a child, please contact us and we'll delete it.
We may update this policy from time to time — for example, if we add new services or the law changes. When we make significant changes:
Your continued use of our website and services after changes take effect means you accept the updated policy.
For any questions about this policy, your data, or to exercise any of your rights:
Email: [email protected]
Post: D'MUR ESSENCE LTD, 92a King Street, Great Yarmouth, England, NR30 2PR

© 2026 D'MUR ESSENCE LTD. All Rights Reserved.
Website managed by Nue Web
© 2026 D'MUR ESSENCE. All Rights Reserved