top of page

Privacy & Data Protection

Wonder&Wild is dedicated to safeguarding your privacy online. Our aim is to ensure that our customers can make purchases and communicate with us, confident that their personal data is being kept secure.

The lead person for data protection is Louise Smythson Way. The lead person ensures that Wonder&Wild meets the requirements of the GDPR, liaises with statutory bodies when necessary, and responds to any subject access requests. You can find contact details at the bottom of this page. 

Wonder&Wild may change this policy from time to time by updating this page. Please check back to ensure that you are happy with any changes.



 Information That We Keep

The items of personal data that we keep about individuals are documented on our personal data matrix and include your name, address and email. The personal data matrix is reviewed annually to ensure that any new data types are included.


Our lawful basis for processing data is fulfilment of our contract with customers that place an order with Wonder&Wild, our legal obligation for tax purposes and where consent is given from individuals who sign up to our newsletter. 


The only personal information we hold is what individuals provide to us when they place an order on our website, sign up for the newsletter, or sign a contract. All the data we gather via our website or through communication with you is used to operate, expand and personalise the service we offer you. How we use your personal data is dependent on the legal basis for processing that data. We are dedicated to using your personal data only for:

  • Processing your orders correctly.

  • Development and expansion of the business, including examination of customers’ shopping behaviours, measurement of advertisements and product style preferences of our customers.

  • Technical management of our website.

  • Reviewing our systems

  • Providing you with information about the services we offer.

  • Letting you know about offers and news.


We store sensitive data for as long as projects are in progress and customers remain active clients. We keep a record of any orders you make from us, so we can help to deal with any enquiries or problems you may have in the future, and so we can ensure that any information that we send to you is appropriate. Personal data that we process shall not be kept for longer than is necessary for that purpose or those purposes. Information required for tax and legal requirements are held for 7 years as a requirement by law.


Wonder&Wild kindly requests that you do not supply any other person’s personal data to us, unless required by law or you have their explicit consent to do so. 

Sharing Information With Third Parties

We will only share your information with outside agencies on a need-to-know basis, for example, in the case of an HRMC audit. Some limited personal information is disclosed to authorised third parties we have engaged to process it, as part of the normal running of our business, for example in order to take online bookings and to run our website. Any such third parties comply with the strict data protection regulations of the GDPR. 

Personal data is collected using the following services:

  • Handling Payments - Paypal and Stripe

  • Platform Hosting and Newsletter Signup - Wix

  • Analytics: Analytics collected directly, Facebook Ads conversion tracking and Google Analytics


Our website may include links to other websites to make it easier for our visitors to find more information about specific subjects. These do not fall under our supervision and we cannot accept any responsibility for the protection of privacy or the content of these websites.

How We Protect Data

The Internet is not a 100% secure platform for communication and, accordingly, we cannot guarantee the security of any data you send to us (or we send to you) via the Internet. We are not responsible for any damages which you, or others, may suffer as a result of the loss of confidentiality of such information.


We take every precaution to safeguard your information. All personal data stored by us is kept on a server in a secure environment. The computer on which data is accessed on is password protected and third-party software have their own security systems. Breaches will be identified, reported, managed, and resolved according to the ICO guidelines.



Subject Access Requests

Under GDPR you have a right to be forgotten, to withdraw your consent, to change information we hold about you, and to restrict processing. Wonder&Wild is more than happy to comply with this in accordance with the law in the following ways:


  • Individuals can ask to see the information and records that we keep about themselves. 

  • We will make the requested information available as soon as practicable, and will respond to the request within one month at the latest.

  • If our information is found to be incorrect or out of date, we will update it promptly.

  • Individuals can ask us to delete data. However, we have to keep some data for specific periods so won’t be able to delete all data immediately.

  • If any individual about whom we hold data has a complaint about how we have kept their information secure, or how we have responded to a subject access request, they may complain to the Information Commissioner’s Office (ICO).



Further Information

If you have questions about your personal data or our privacy policy, or you would like to see all the information we have about you, please contact us.


Louise Smythson Way


7 Spicers Yard



HP17 8LW



This policy was adopted by: 

Wonder&Wild  September 2021 

bottom of page