our privacy policy

Last updated: 26/01/2026

This Privacy Policy explains how we collect, use and protect your personal data when you interact with ill Fitted.

We are committed to handling your personal data transparently, responsibly and in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who We Are (Data Controller)

Data Controller:

Charlie Ellery trading as ill Fitted

Contact email:

cdnellery@gmail.com

If you have any questions about this policy or how your data is handled, please contact us using the details above.

2. What Personal Data We Collect

We may collect and process the following personal data:

  • Name

  • Email address

  • Postal address

  • Communication preferences (email and/or postal)

  • Records of your consent

  • Website interaction data (if applicable – e.g. cookies, analytics)

We only collect data that is necessary for the purposes described below.

3. How We Collect Your Data

We collect your data when you:

  • Sign up via our website or online forms

  • Provide your details to receive newsletters or physical mail

  • Communicate with us directly

4. Why We Use Your Data (Purpose)

We use your personal data to:

  • Send email newsletters, updates and event communications (if you consent)

  • Send physical mail, printed newsletters or invitations (if you consent)

  • Manage and administer our community communications

  • Maintain records of consent and compliance

  • Improve our communications and community experience (where applicable)

We will not use your data for unrelated purposes without informing you and obtaining consent where required.

5. Lawful Basis for Processing

We process your personal data based on:

Consent (Article 6(1)(a) UK GDPR)

You provide explicit consent when you opt in to receive communications from us.

You can withdraw your consent at any time (see Section 9).

6. Who We Share Your Data With

We may share your data with trusted service providers who support our operations, such as:

  • Email marketing platforms

  • Website hosting providers

  • Printers and postal fulfilment services

  • IT and cloud service providers

These providers act as data processors and are contractually required to protect your data and only use it for agreed purposes.

We do not sell your personal data.

7. How Long We Keep Your Data

We retain your personal data only for as long as:

  • You remain subscribed to our communications, or

  • We are legally required to retain it, or

  • It is necessary for legitimate operational purposes

If you unsubscribe or withdraw consent, your data will be securely deleted or anonymised within a reasonable period.

8. How We Protect Your Data

We use appropriate technical and organisational measures to protect your personal data, including:

  • Secure systems and access controls

  • Limited access to personal data

  • Reputable third-party service providers

  • Regular review of data handling practices

No system is completely secure, but we take reasonable steps to minimise risk.

9. Your Rights

You have the right to:

  • Access your personal data

  • Request correction of inaccurate data

  • Request deletion of your data

  • Withdraw consent at any time

  • Object to certain processing

  • Request restriction of processing

  • Request data portability

To exercise any of these rights, contact us using the details in Section 1.

You can unsubscribe from email communications at any time by contacting us directly.

For postal communications, you can opt out by contacting us directly.

10. Complaints

If you are dissatisfied in any way with the we we have handled your personal data, please contact us directly so that we can resolve any concerns promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time.

The latest version will always be published on our website.