0 Items

privacy policy

Effective date: 11 March 2025

about this policy

Lagom Hem Limited (‘Lagom Hem’, ‘our’, ‘us’, or ‘we’) is a company registered in England and Wales with company number 15323507, whose registered office is at 124 City Road, London, EC1V 2NX.

For the purposes of the UK General Data Protection Regulation (UK GDPR) and other applicable data protection laws, Lagom Hem Limited is the data controller of the personal data we collect and process.

We are registered with the UK Information Commissioner’s Office (ICO) under registration number ZB843692.

‘Site’ refers to https://lagomhem.com and https://marketplace.lagomhem.com.

introduction and terms

We are committed to protecting and respecting your personal data and privacy. This privacy policy explains the types of personal data we may collect when you interact with us, and how we will store and protect that data.

Whenever we process such information, we will do so in line with all applicable data protection laws, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

By using our Site, you acknowledge that you have read and understood this Privacy Policy. Where required, we will seek your explicit consent before processing your data.

We may amend this privacy notice at any time by posting the amended version on our Site. We will announce any material changes to this privacy policy via email.

This notice is addressed to our Customers, Suppliers and prospective Customers and Suppliers’ employees, contractors, agents, and any other authorised representatives (‘you’ or ‘your’). Please ensure you read this privacy notice carefully to understand the types of information we collect, how we use it, the circumstances under which we will share it with third parties, and your rights to personal data about you.

If you have any questions about this privacy policy, including any requests to exercise your legal rights, please contact us using the contact information in ‘Contact’ section of this privacy notice.

information we collect

Most of the personal information we process is provided to us directly by you for one of the following reasons:

Information you provide

  • When you register for an account and list a product, we collect your name and email address.
  • When you communicate with us via our contact forms, customer support, or social media, we collect any information you choose to provide.

Automatically collected information

  • We automatically gather technical information such as your IP address, browser type, operating system, and the pages you visit.
  • Cookies and similar tracking technologies help us enhance your experience and gather analytics.

Information from Third Parties

We may obtain additional information from trusted third-party services to complete your profile or process transactions. These third-party providers include, but are not limited to:

  •  Payment Processing: Stripe (for handling secure payments)
  • Social Media Platforms: Meta (Facebook, Instagram), LinkedIn.

where is your data stored

We store and process personal data on secure servers hosted by Krystal.io in the United Kingdom. We do not transfer your personal data outside of the UK.

Our hosting provider, Krystal.io, implements robust security measures to protect your information, including encryption, access controls, and regular security audits.

how we use your information

We use your data to:

  • Provide and improve our services – Process transactions, manage your account, and personalise your experience on our marketplace.
  • Subscription processing – When you subscribe to our Site, your payment details are processed securely by Stripe. We do not store your full credit card details on our servers. Instead, Stripe handles all sensitive financial information in accordance with its own security protocols and privacy policy. For more details, please refer to Stripe’s Privacy Policy.
  • Communicate – Send user registration confirmations and customer support communications. With your consent, we may also send newsletters and promotional offers.
  • Ensure security and compliance – Monitor for fraud, secure our platform, and comply with legal obligations.
  • Market and analyse – Understand user behaviour via analytics to improve our services and deliver targeted, relevant advertising (where you have consented).

lawful basis of processing information

Under the UK General Data Protection Regulation (UK GDPR), we only collect and use your personal data when we have a valid legal basis for doing so. The lawful bases we rely on include:

  1. Consent
  • We rely on your explicit consent to process your personal data for:
    • Marketing communications (e.g., newsletters, promotions, and personalised advertising).
    • Non-essential cookies and tracking technologies for analytics and targeted advertising.

You can withdraw your marketing or cookie consent at any time by adjusting your preferences in your account settings or clicking ‘unsubscribe’ in any marketing email.

  1. Performance of a Contract
  • We process your personal data when it is necessary to fulfil a contract with you. This includes:
    • Providing access to our website and marketplace.
    • Managing your user account, product listings, and transactions.
    • Processing payments and subscriptions securely via Stripe.
  1. Legal Obligations

In some cases, we process your personal data because it is necessary to comply with a legal obligation, such as:

Preventing fraud and ensuring security – We process certain data to detect, investigate, and prevent fraudulent transactions or security breaches.

Regulatory compliance – We may retain and process transaction records and account information to comply with applicable financial, tax, and legal regulations.

  1. Legitimate Interests
  • In limited cases, we may process your data where it is necessary for our legitimate business interests, provided it does not override your rights and freedoms. This includes:
    • Website security and fraud prevention – Ensuring the integrity of our platform and protecting against unauthorised access or fraudulent activity.
    • Basic website analytics – Understanding how users interact with our platform to improve usability and performance.

We do not process your data based on legal obligations (except for tax and financial record-keeping) or public interest/legal authority, as these do not apply to our operations.

If you have any questions about the lawful basis we rely on, or if you wish to object to processing based on legitimate interests, please contact us at contact@lagomhem.com.

disclosure of your information

Regardless of location, we will treat your information as confidential information.

We reserve the right to use or disclose your Personal Information if required by law or if we reasonably believe that use or disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or comply with a law, court order, or legal process.

We will hold the above information for as long as is necessary to conduct the processing detailed above, deal with any specific issues that may arise, or otherwise as is required by law or any relevant regulatory body.

We restrict access to your personal information to those who need to use it for the relevant purpose(s). Our retention periods are based on business needs, and your information that is no longer needed is either irreversibly anonymised (and the anonymised information may be retained) or securely destroyed.

We retain your personal data only for as long as necessary to fulfil the purposes outlined in this Privacy Policy, or as required to comply with legal, tax, and regulatory obligations. The specific retention periods we apply are:

  • Account Information (e.g., name, email, transaction history): Retained for as long as your account remains active. Upon account closure, we will delete or anonymise your data within 90 days, unless retention is required for legal reasons.
  • Financial and Transaction Records: Retained for six years in accordance with UK tax and accounting regulations.
  • Customer Support Communications: Retained for two years after the last interaction to assist with any follow-up inquiries.
  • Marketing Data (email preferences, consent records): Retained until you withdraw consent or for up to three years from the last interaction.
  • Website Analytics Data: Retained for 14 months before anonymisation, in line with industry best practices.
  • Security and Fraud Prevention Logs: Retained for up to three years to detect and prevent fraudulent activity.

After the applicable retention periods, your data will be securely deleted or anonymised unless further retention is required for legal or regulatory purposes.

If you wish to request the deletion of your data earlier, you can contact us at contact@lagomhem.com.

your rights

Under the General Data Protection Regulation (EU) 2016/679 (and under the UK GDPR), you have various rights about your personal data. All of these rights can be exercised by contacting us at the email address specified below.

You have rights including:

  • Your right of access – You have the right to ask us for copies of your personal information.
  • Your right to rectification – You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
  • Your right to erasure – You have the right to ask us to erase your personal information in certain circumstances.
  • Your right to restriction of processing – You have the right to ask us to restrict the processing of your personal information in certain circumstances.
  • Your right to object to processing – You have the the right to object to the processing of your personal information in certain circumstances.
  • Your right to data portability – You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.

To exercise any of these rights, please email us at contact@lagomhem.com. We may require identity verification before fulfilling your request.

You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.

Detailed information on the full content of your rights (and any conditions that may apply) is provided by the United Kingdom’s Information Commissioner’s Office and is available on their website.

data security and retention

If you close your account, we will retain your personal data only for as long as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. Specifically:

  • Transaction Records and Legal Compliance – Certain data (e.g., financial records, tax information) will be retained for a minimum of six years to comply with tax, legal, and regulatory requirements.
  • Backup and Security Logs – Your data may be retained in secure backups for a limited period before being permanently deleted.
  • Marketing and Communication Preferences – If you previously consented to marketing communications, we will retain your contact details unless you opt out.
  • Data Anonymisation – After the required retention period, we may anonymise your data for analytics and business improvement purposes, ensuring it is no longer identifiable.

If you have any concerns regarding data retention or deletion, you can contact us at contact@lagomhem.com.

cookies and tracking technologies

Our Site uses cookies and similar technologies to enhance your experience, analyse usage, and support our marketing efforts. You can control cookies through your browser settings; however, disabling them may affect the functionality of our Site. For further information, please refer to our Cookie Policy.

data sharing and disclosure

We do not sell your personal data.

We will keep your data inside our organisation except where disclosure is required or permitted by law or when we use third party service providers to supply and support our business services, such as:

  • Service providers: Trusted third parties (e.g., Stripe for payment processing, delivery partners, IT service providers) who process your data on our behalf and are contractually obligated to protect your information.
  • Customer service network.
  • Marketing services such as email and direct mail.
  • Analytics and search engine providers that assist us in the improvement and optimisation of our site.
  • To contact you via email to invite you to review any services and/or products you received from us in order to collect your feedback and improve our services and products (the “Purpose”). We may use an external company to collect your feedback which means that we will share your name, email address and reference number with the company for the Purpose.
  • Business transfers: In the event of a merger, acquisition, or sale of our business, your data may be transferred as part of the transaction.
  • Legal requirements: If required by law or to protect our rights, we may disclose your data to law enforcement or regulatory authorities.

    data security and retention

    We implement appropriate technical and organisational measures to secure your personal data against unauthorised access, loss, or misuse. Your data is stored securely and retained only as long as necessary for the purposes outlined in this policy or as required by law. Once your data is no longer needed, we will delete or anonymise it.

      international data transfers

      We do not transfer personal data outside of the United Kingdom (UK). All personal data is stored and processed on secure servers hosted by Krystal.io within the UK.

       If this policy changes in the future and we need to transfer data outside the UK, we will:

       Seek explicit consent from you before doing so.

      • Ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) or equivalent legal mechanisms.
      • Clearly specify the types of data shared, the purpose of the transfer, and the third-party recipients.

        contact

        If you have any questions about this Privacy Policy or wish to exercise your rights, please contact us at:

        If you are unhappy with how we process your data, please contact us first so we can address your concerns. If you are still not satisfied, you can lodge a complaint with the Information Commissioner’s Office (ICO) which regulates the use of information in the UK. They can be contacted by:

        Telephone: 0303 123 1113
        Write to the ICO: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
        Or by going online to www.ico.org.uk/concerns.

        If you are based outside of the UK, the complaint should be directed to the relevant Data Protection Supervisory Authority in that Country.

        changes to this policy

        We may update this Privacy Policy from time to time. Any changes will be posted on our website with an updated ‘Effective from’ date. We encourage you to review this policy periodically.

        QUICK LINKS

        home

        marketplace

        inspiration

        acceptable use policy

        ABOUT

        our story

        our values

        sustainability

        our journal

        CUSTOMER CARE

        contact

        help & faqs

        LEGAL

        privacy policy

        cookie policy

        terms & conditions

        EXTERNAL

        press enquiries

        partnerships

        investor relations

        © 2025 Lagom Hem®. All rights reserved | Hosted by krystal.io