Privacy policy

Last updated: June 2026

Contents

1. Introduction

This Privacy Notice explains how Blended Moments (“we”, “us”, “our”) collects, uses, stores, shares, and protects your personal data when you visit www.blendedmoments.co.uk, place an order, upload images, or interact with our services.

We specialise in creating personalised digital photo merges deeply sentimental digital artwork. We take privacy seriously, especially with meaningful personal images. All processing complies with the UK General Data Protection Regulation (UK GDPR) and Data Protection Act 2018.

By using our site or services, you confirm you've read and understood this notice.

2. Who We Are (Data Controller)

Business: Blended Moments
Owner: Samantha Taylor
Email: samantha@blendedmoments.co.uk
Location: United Kingdom
Service area: Customers in the UK only
VAT status: Not VAT registered

3. Personal Data We Collect

3.1 Data you provide

  • Full name
  • Email address
  • Telephone number (optional)
  • Order instructions / notes

3.2 Uploaded images

Photos you upload for merging may contain identifiable people (personal data, sometimes special category if sensitive). By uploading, you confirm you own the rights or have permissions from anyone shown.

3.3 Payment data

Handled securely by Shopify Payments, we never store card details.

3.4 Technical data

IP address, browser/device info, site interactions (via cookies if consented).

4. How We Collect Your Data

  • When placing orders or uploading images
  • When contacting us (email/support)
  • Automatically via cookies/technologies (with consent where required)

5. Why We Process Your Data (Purposes)

  • Fulfil orders: create, edit, and provide your finished digital photo merge straight to your email or inbox
  • Communicate: send finished files, handle payment or watermark updates, and manage support queries
  • Process payments/refunds
  • Comply with legal obligations (e.g., records)
  • Improve site/security (limited technical data)
  • Marketing/promotional use of images only with your explicit consent

6. Legal Bases for Processing

  • Performance of a contract: Main basis necessary to create/deliver your ordered digital artwork (including AI-assisted editing and image processing).
  • Consent: For marketing/promotional use of your images (withdrawable anytime).
  • Legal obligation: For tax/records retention.
  • Legitimate interests: Fraud prevention, site analytics/security (balanced against your rights).

7. Use of AI & Image Processing Tools

We use AI assisted tools (primarily Adobe Photoshop built-in professional features like Generative Fill) to support editing: repair areas, improve quality, and sharpen elements for your digital photo merges. AI does not create the full image independently all work is manually reviewed, refined, and finalised by us or our trusted collaborators. This is necessary to fulfil your order (contract basis).

8. How We Store and Secure Your Data

Data (including images) stored securely by order reference. Access limited to us and trusted collaborators bound by strict confidentiality. Files managed during fulfilment; deleted when no longer needed (see retention).

9. Marketing & Promotional Use of Images

We only use your images (originals or merges) for marketing (e.g., social media, ads) with your explicit opt-in consent at order time or separately. Consent is withdrawable anytime email us to opt out/remove.

10. How Long We Keep Your Data

  • Images/order data: Retained only as needed for fulfilment, revisions, support (typically deleted 6–12 months after final delivery unless legal need).
  • Order records: Kept for legal/tax purposes (usually 6 years).
  • Marketing consents: Until withdrawn.

11. Sharing Your Data & Third Parties

We do not sell/rent data. Sharing limited to:

  • Trusted processors (bound by contracts/GDPR): Shopify (payments/hosting), Adobe (editing tools).
  • Trusted third-party collaborators and freelancers who assist with editing tasks, contractually obligated via Non-Disclosure Agreements (NDAs) to uphold confidentiality and data protection laws.

No unnecessary sharing.

12. International Transfers

Some processors (e.g., US-based like Shopify/Adobe) may transfer data outside UK. We use safeguards (e.g., standard contractual clauses, adequacy decisions) to protect it.

13. Your Rights Under UK GDPR

You have rights to: access, correct, delete, restrict processing, object, data portability, withdraw consent. Contact us to exercise — we respond within one month (free unless excessive).

14. Data Security

We use technical/organisational measures (encryption, access controls, secure professional software tools) to protect data. No system is 100% secure, but we take it seriously.

15. Cookies & Similar Technologies

We use essential cookies for site function; analytics/marketing cookies only with consent. See our cookie banner/policy for details/manage preferences.

16. Third-Party Links

Our site may link to external sites, we are not responsible for their privacy practices.

17. Children

Our services not for under 18s. We do not knowingly collect data from children.

18. Changes to This Privacy Notice

We may update this notice (e.g., for law changes). Check back; significant changes notified via email/site notice.

19. Contact Us

Blended Moments
Samantha Taylor
Email: samantha@blendedmoments.co.uk
For complaints: Contact us first; escalate to ICO if needed (ico.org.uk).