Security, privacy and cookies

 
 

Privacy policy

1 May 2026

1 Introduction

This privacy policy explains how Susan Holton Knitwear collects, uses, and protects your personal information when you use the website (www.susanholtonknitwear.com), buy from it, or sign up to the mailing list.

I am  committed to protecting your privacy and handling your personal information openly and transparently.

Please read this policy carefully. By using my website or providing your information to me, you acknowledge that you have read and understood this policy.

2 Who I am

I am Susan Holton trading as Susan Holton Knitwear. I am the data controller, which means I am responsible for deciding how I hold and use your personal information.

You can contact me:

If you have any questions about this privacy policy or how I handle your personal information, please contact me using the details above.

3 What information I collect

I collect different types of information depending on how you interact with me.

When you place an order

I collect:

  • Your name

  • Your email address

  • Your delivery address

  • Your billing address (if different)

  • Your telephone number

  • Details of what you have purchased

I do not see, receive, or store your payment card details. Card payments are processed securely by my payment provider, Stripe.

When you join my mailing list

I collect:

  • Your name

  • Your email address

If you join my postal mailing list, I also collect your postal address.

When you contact me

I keep a record of any correspondence you send me, including emails, telephone calls, and social media messages.

When you visit my website

I automatically collect certain technical information, including:

  • Your IP address

  • Your browser type and version

  • How you navigate my website (pages visited, time spent, etc.)

  • Your device and screen size

This information is collected using cookies and similar technologies. Please see my Cookie Policy (see column to the right) for more details.

4 How I use your information

I only use your personal information when I have a legal basis to do so. The table below explains how I use your information and the legal basis for each use.

How I use your personal information
 

5 Marketing

I will only send you marketing communications if you have given your consent.

You can opt out of marketing at any time by:

  • Clicking the unsubscribe link in any marketing email

  • Contacting me using the details in section 2

  • Replying to a postal mailing asking me to remove you

If you opt out of marketing, I will still contact you about your orders.

I do not sell or share your information with any third party for their marketing purposes.

6 Who I share your information with

I share your personal information with the following third parties who help me run my business:

Website hosting

My website is hosted by Squarespace, Inc. Squarespace stores and processes data on servers in the USA. Squarespace is certified under the EU-US and UK-US Data Privacy Framework, which ensures your data receives adequate protection when transferred to the USA.

Payment processing

Card payments on my website are processed by Stripe. I do not see or store your card details. Stripe is certified under the EU-US and UK-US Data Privacy Framework.

For in-person purchases at events, card payments are processed by Square (Squareup Europe Ltd) or SumUp (SumUp Payments Limited), both of which are authorised by the Financial Conduct Authority in the UK.

Email marketing

If you join my mailing list, your information is stored and processed by Mailchimp (Intuit Inc.). Mailchimp is certified under the EU-US and UK-US Data Privacy Framework.

Couriers and delivery

I share your name and delivery address with courier services and Royal Mail to deliver your order.

Analytics

I use Google Analytics to understand how visitors use my website. Google Analytics uses cookies to collect anonymised data about website traffic. Google is certified under the EU-US and UK-US Data Privacy Framework.

Others

I may also share your information with:

  • Professional advisers such as accountants and lawyers

  • Government bodies and regulators where required by law (such as HMRC for tax purposes)

  • Law enforcement agencies if required by law or to protect my rights

I require all third parties to respect the security of your personal information and to treat it in accordance with the law.

7 International transfers

Some of the third parties I use (including Squarespace, Stripe, Mailchimp, and Google) are based in the USA. When your data is transferred to the USA, I ensure it is protected by one of the following safeguards:

  • The recipient is certified under the EU-US and UK-US Data Privacy Framework

  • Standard contractual clauses approved by the UK Government

  • The UK Government has made an adequacy decision for the country

If you would like more information about the safeguards in place, please contact me.

8 How long I keep your information

I keep your personal information only for as long as I need it. The retention periods are:

How long do I keep your information?
 

9 How I keep your information secure

I take the security of your personal information seriously.

My website uses SSL encryption (you will see a padlock in your browser address bar). This means that information you send to me through my website is encrypted and protected.

My payment provider, Stripe, is Level 1 PCI compliant, which is the highest level of payment security certification.

I have procedures in place to deal with any suspected data breach and will notify you and the Information Commissioner's Office if I am legally required to do so.

10 Your rights

Under UK data protection law, you have the following rights:

Right of access

You have the right to request a copy of the personal information I hold about you.

Right to rectification

You have the right to ask me to correct any information I hold about you that is inaccurate or incomplete.

Right to erasure

In certain circumstances, you have the right to ask me to delete your personal information.

Right to restrict processing

In certain circumstances, you have the right to ask me to limit how I use your personal information.

Right to data portability

In certain circumstances, you have the right to ask me to transfer your personal information to another organisation or directly to you.

Right to object

You have the right to object to me processing your personal information where I am relying on legitimate interests as my legal basis.

Right to withdraw consent

Where I rely on your consent to process your information (such as for marketing), you have the right to withdraw that consent at any time (for example, by clicking the unsubscribe link in an email).

How to exercise your rights

To exercise any of these rights, please contact me using the details in section 2. I will respond to your request within one month. There is no fee for making a request, although I may charge a reasonable fee if your request is clearly unfounded or excessive.

I may need to ask you for proof of identity before I can respond to your request.


11 Complaints

If you have any concerns about how I handle your personal information, please contact me first and I will do my best to resolve the issue.

If you are not satisfied with my response, you have the right to complain to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection.

You can contact the ICO:

  • Website: www.ico.org.uk

  • Telephone: 0303 123 1113

  • Post: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF

12 Links to other websites

My website may contain links to other websites. This privacy policy only applies to my website, so if you click on a link to another website, you should read their privacy policy.

I am not responsible for the privacy practices of other websites.

13 Children

My website is not directed at children under 13 and I do not knowingly collect personal information from children under 13. If you believe I have collected information from a child under 13, please contact me immediately.

14 Changes to this policy

I may update this privacy policy from time to time. Any changes will be posted on this page with an updated date at the top.

I encourage you to check this page occasionally to ensure you are happy with any changes.

15 Cookies

For information about how I use cookies on my website, please see my separate Cookie Policy.


You will find information about cookies in my cookie policy in the column to the right.

Cookie policy

1 May 2026

1 What are cookies?

Cookies are small text files that are placed on your computer or device when you visit a website. They are widely used to make websites work more efficiently and to provide information to the website owner.

Cookies do not harm your computer and do not give me access to your computer or any personal information about you, except the data you choose to share with me.

2 How I use cookies

I use cookies on my website (www.susanholtonknitwear.com) to:

  • Make my website work properly

  • Remember items in your shopping basket

  • Remember if you have accepted our cookie notice

  • Understand how visitors use my website so I can improve it

  • Measure the effectiveness of my marketing

3 Types of cookies I use

Strictly necessary cookies

These cookies are essential for the website to function. They enable core features such as security, shopping basket functionality, and account access. You cannot opt out of these cookies as the website will not work properly without them.

Performance and analytics cookies

These cookies help me understand how visitors use my website by collecting anonymous information about which pages are visited, how long visitors stay, and how they navigate around the site. This helps me improve my website and your experience.

I use Google Analytics for this purpose. You can opt out of Google Analytics by installing the Google Analytics opt-out browser add-on, available at: tools.google.com/dlpage/gaoptout

Functionality cookies

These cookies allow the website to remember choices you make (such as your username or region) and provide enhanced, more personalised features.

4 Specific cookies I use

My website is hosted by Squarespace. The table below lists the main cookies used on my website:

 
Cookies used by Susan Holton Knitwear

5 Third party cookies

Some cookies are placed by third party services that appear on my pages. I do not control these cookies.

Google Analytics

I use Google Analytics to understand how visitors use my website. Google Analytics uses cookies to collect anonymous information about page visits, time on site, and navigation paths. This data helps me improve my website.

Google Analytics does not identify you personally. You can find out more about how Google uses data at: policies.google.com/privacy/partners

Social media

My website includes social media sharing buttons (such as Pinterest). These features may set cookies to enable the feature to function properly. I do not control these cookies. Please refer to the privacy policies of the relevant social media platforms for more information.

Payment processing

When you make a payment on my website, Stripe (my payment processor) may set cookies to enable secure payment processing and fraud prevention. These cookies are essential for completing purchases.

6 Session and persistent cookies

Session cookies

Session cookies are temporary and are deleted when you close your browser. They are used for things like remembering what is in your shopping basket while you browse.

Persistent cookies

Persistent cookies remain on your device for a set period (shown in the table above) or until you delete them. They are used for things like remembering your cookie preferences and analysing website traffic over time.

7 How to manage cookies

You can control and manage cookies in several ways.

Cookie consent

When you first visit my website, you will see a cookie notice asking you to accept or decline cookies. Analytics cookies will not be set unless you click 'Accept'.

Browser settings

Most browsers allow you to refuse or accept cookies, delete cookies, and set preferences for certain websites. The links below explain how to manage cookies in common browsers:

Opting out of Google Analytics

You can prevent Google Analytics from collecting data by installing the Google Analytics opt-out browser add-on, available at: tools.google.com/dlpage/gaoptout

Impact of disabling cookies

Please be aware that if you disable or refuse cookies, some parts of my website may not function properly. For example, you may not be able to add items to your shopping basket or complete a purchase.

8 More information

For more information about cookies, including how to see what cookies have been set on your device and how to manage and delete them, visit: www.allaboutcookies.org

For information about how I use your personal information more generally, please see my Privacy Policy (on this page in the left hand column).

9 Contact me

If you have any questions about this cookie policy, please contact me:

10 Changes to this policy

I may update this cookie policy from time to time. Any changes will be posted on this page with an updated date at the top.

You will find information about privacy on this website in my privacy policy in the column to the left.

 

If you have any questions about security or your privacy on this website, or the cookies that I use, please don’t hesitate to get in touch.

Please refer also to my terms and conditions.

Continue shopping
Continue shopping