hello@totemproud.com

Celebrate Your Roots with Africa-inspired Art & Fashion

Free shipping on orders over £50.00

Browse

Want to chat?

Call us toll free +1 789 2000

Social

Privacy Policy

Last Updated: 29 October 2025

Introduction

Totem Proud (“we,” “us,” or “our”) is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, store, and protect your information when you visit our website at https://totemproud.com or purchase our products.

This Privacy Policy complies with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and other applicable data protection laws.

Please read this Privacy Policy carefully. By using our website or purchasing our products, you consent to the collection and use of your information as described in this policy.

1. Information We Collect

We collect several types of information to provide and improve our services.

1.1 Information You Provide Directly

When you place an order:

  • Full name
  • Email address
  • Shipping address (including street, city, postcode, country)
  • Billing address (if different from shipping address)
  • Phone number (optional, for delivery purposes)
  • Payment information (processed securely by our payment provider)

When you create an account:

  • Username and password
  • Email address
  • Order history and preferences

When you contact us:

  • Name and email address
  • Content of your messages
  • Any other information you choose to provide

When you subscribe to our newsletter:

  • Email address
  • Name (optional)
  • Marketing preferences

1.2 Information Collected Automatically

When you visit our website, we automatically collect:

  • IP address
  • Browser type and version
  • Operating system
  • Pages viewed and time spent on pages
  • Referring website
  • Date and time of access
  • Device information

Cookies and similar technologies: We use cookies to enhance your experience. See Section 9 for detailed information about cookies.

1.3 Information from Third Parties

Payment Processors: We receive confirmation of successful payment transactions, but we do not store full credit card details.

Print-on-Demand Fulfilment: Our printer partner receives necessary order information to manufacture and ship your products, including:

  • Recipient name and shipping address
  • Product specifications
  • Order details

Analytics Providers: We use analytics services (such as Google Analytics) that collect data about website usage.

2. Legal Basis for Processing Your Data

We process your personal data under the following legal bases as defined by UK GDPR:

2.1 Contractual Necessity

Processing is necessary to fulfil our contract with you, including:

  • Processing and fulfilling your order
  • Communicating about your order status
  • Providing customer support
  • Processing payments

2.2 Legitimate Interests

Processing is necessary for our legitimate business interests, including:

  • Improving our website and services
  • Preventing fraud and ensuring security
  • Analysing website usage and customer behaviour
  • Maintaining business records
  • Defending legal claims

2.3 Legal Obligations

Processing is necessary to comply with legal requirements, including:

  • Maintaining accounting and tax records
  • Complying with consumer protection laws
  • Responding to law enforcement requests

2.4 Consent

For certain activities, we rely on your consent, including:

  • Sending marketing emails (you can withdraw consent at any time)
  • Using non-essential cookies (you can manage cookie preferences)
  • Processing data for purposes beyond the original collection

3. How We Use Your Information

We use your personal data for the following purposes:

3.1 Order Fulfilment

  • Processing and completing your orders
  • Communicating order status and shipping updates
  • Coordinating with our printer for product manufacturing
  • Arranging delivery through shipping carriers
  • Handling returns, exchanges, and refunds

3.2 Customer Service

  • Responding to your enquiries and support requests
  • Resolving issues with orders or products
  • Processing complaints and disputes
  • Providing product information and assistance

3.3 Website Operation and Improvement

  • Maintaining and improving website functionality
  • Personalising your experience
  • Understanding how customers use our website
  • Testing new features and designs
  • Conducting analytics and research

3.4 Marketing and Communications

  • Sending promotional emails about new products, sales, and cultural events (with your consent)
  • Informing you about updates to our services
  • Conducting surveys and requesting feedback
  • Building customer relationships

3.5 Security and Fraud Prevention

  • Protecting against fraudulent transactions
  • Detecting and preventing security breaches
  • Maintaining the security of our systems
  • Protecting our business and customers

3.6 Legal Compliance

  • Complying with applicable laws and regulations
  • Maintaining records for tax and accounting purposes
  • Responding to legal requests and court orders
  • Enforcing our terms and conditions

4. Sharing Your Information

We share your personal data only in the following circumstances:

4.1 Service Providers

Print-on-Demand Fulfilment Partner: We share necessary order information with our printer to manufacture and ship your products. This includes:

  • Recipient name and shipping address
  • Product specifications and customisation details
  • Order quantity and preferences

Our printer is contractually obligated to:

  • Use your data only for order fulfilment purposes
  • Maintain appropriate security measures
  • Comply with data protection laws
  • Not use your data for their own marketing purposes

Shipping Carriers: We share delivery information with shipping carriers to deliver your orders, including:

  • Recipient name and address
  • Contact information for delivery coordination
  • Package tracking details

Payment Processors: Payment information is transmitted directly to our payment processor using secure encryption. We do not store full credit card details on our servers.

Email Service Providers: We use email service providers to send order confirmations, shipping notifications, and marketing emails (with your consent).

Analytics Providers: We use analytics services (such as Google Analytics) to understand website usage. These services collect anonymised or pseudonymised data.

Hosting and Technology Providers: Our website and data are hosted by third-party providers who maintain appropriate security measures.

4.2 Legal Requirements

We may disclose your information to:

  • Law enforcement or regulatory authorities when legally required
  • Courts and legal advisors in connection with legal proceedings
  • Government agencies for tax or regulatory compliance
  • Third parties to protect our rights, property, or safety

4.3 Business Transfers

If Totem Proud is acquired, merged, or undergoes a business restructuring:

  • Your information may be transferred to the new entity
  • You will be notified of any such change
  • The new entity will be bound by this Privacy Policy

4.4 With Your Consent

We may share your information with third parties when you have given explicit consent.

5. International Data Transfers

5.1 Print-on-Demand Fulfilment

Our printer operates fulfilment centres in multiple countries, including:

  • United Kingdom
  • European Union (Spain, Latvia)
  • United States
  • Mexico
  • Canada
  • Australia
  • Japan
  • Brazil

When your order is fulfilled from a facility outside the UK/EU, your data is transferred internationally. We ensure appropriate safeguards are in place, including:

  • Standard contractual clauses approved by the UK Information Commissioner’s Office
  • Adequacy decisions where applicable
  • Appropriate technical and organisational security measures

5.2 Other International Transfers

Some of our service providers (such as hosting, analytics, or email services) may process data in countries outside the UK/EU. We ensure these transfers comply with UK GDPR through:

  • Standard contractual clauses
  • Adequacy decisions
  • Other approved transfer mechanisms

6. Data Security

We implement appropriate technical and organisational measures to protect your personal data:

6.1 Technical Measures

  • Encryption: Website traffic is encrypted using SSL/TLS certificates (HTTPS)
  • Secure Payment Processing: Payment data is transmitted directly to our payment processor using industry-standard encryption
  • Access Controls: Limited access to personal data based on job requirements
  • Firewalls and Security Software: Protection against unauthorised access
  • Regular Security Updates: Software and systems are kept up to date

6.2 Organisational Measures

  • Staff Training: Employees are trained on data protection principles
  • Confidentiality Agreements: Staff and contractors sign confidentiality agreements
  • Incident Response Plan: Procedures for responding to security breaches
  • Regular Audits: Periodic reviews of security practices
  • Vendor Management: Assessment of third-party security practices

6.3 Limitations

While we strive to protect your personal data:

  • No method of transmission over the internet is 100% secure
  • No storage system is completely secure
  • You are responsible for keeping your account credentials secure
  • Notify us immediately if you suspect unauthorised access

7. Data Retention

We retain your personal data only as long as necessary for the purposes outlined in this Privacy Policy.

7.1 Retention Periods

Order and Customer Data:

  • Active Orders: Retained until order completion and any potential returns/disputes are resolved
  • Completed Orders: Retained for 7 years to comply with UK tax and accounting requirements
  • After 7 Years: Personal data is securely deleted or anonymised

Account Information:

  • Active Accounts: Retained while your account is active
  • Inactive Accounts: Accounts inactive for 3+ years may be deleted after notification
  • Deleted Accounts: Personal data is erased within 30 days of account deletion

Marketing Data:

  • Newsletter Subscribers: Retained until you unsubscribe
  • After Unsubscribe: Removed from marketing lists within 7 days (but transaction data retained for accounting purposes)

Website Usage Data:

  • Analytics Data: Anonymised after 26 months
  • Server Logs: Retained for 12 months for security purposes

Communications:

  • Customer Service Emails: Retained for 3 years
  • Complaints: Retained for 6 years in case of legal disputes

7.2 Exceptions

We may retain data longer when:

  • Required by law (e.g., tax records)
  • Necessary for legal claims or disputes
  • You have explicitly consented to longer retention
  • Data has been anonymised and can no longer identify you

8. Your Rights Under UK GDPR

You have the following rights regarding your personal data:

8.1 Right of Access

  • Request a copy of the personal data we hold about you
  • Receive information about how we process your data
  • How to Exercise: Email [Your Data Access Email] with your request

8.2 Right to Rectification

  • Request correction of inaccurate or incomplete personal data
  • How to Exercise: Update your account information or contact us

8.3 Right to Erasure (“Right to be Forgotten”)

  • Request deletion of your personal data in certain circumstances
  • Limitations: We may need to retain data for legal compliance (e.g., tax records)
  • How to Exercise: Contact [Your Data Protection Email]

8.4 Right to Restrict Processing

  • Request that we limit how we use your personal data
  • How to Exercise: Contact us with your specific restrictions

8.5 Right to Data Portability

  • Receive your personal data in a structured, commonly used format
  • Request transfer of your data to another service provider
  • How to Exercise: Contact us to request a data export

8.6 Right to Object

  • Object to processing based on legitimate interests
  • Object to direct marketing at any time
  • How to Exercise:
    • Marketing: Click “unsubscribe” in any email or contact us
    • Other processing: Contact [Your Data Protection Email]

8.7 Rights Related to Automated Decision-Making

  • We do not use automated decision-making or profiling that produces legal effects

8.8 Right to Withdraw Consent

  • Withdraw consent at any time where processing is based on consent
  • Does not affect: Processing that occurred before withdrawal
  • How to Exercise: Contact us or update your preferences

8.9 How to Exercise Your Rights

To exercise any of these rights:

  1. Email us at [Your Data Protection Email]
  2. Provide your name, email address, and order number (if applicable)
  3. Specify which right you wish to exercise
  4. We will respond within 30 days

Verification: We may request additional information to verify your identity before processing requests.

No Fee: Exercising your rights is free, unless requests are manifestly unfounded or excessive.

8.10 Right to Complain

If you’re unhappy with how we handle your personal data:

  1. Contact us first at [Your Data Protection Email]
  2. If unresolved, you can complain to the UK Information Commissioner’s Office (ICO):
    • Website: https://ico.org.uk
    • Phone: 0303 123 1113
    • Address: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF

9. Cookies and Tracking Technologies

9.1 What Are Cookies?

Cookies are small text files stored on your device when you visit our website. They help us provide a better experience and understand how our website is used.

9.2 Types of Cookies We Use

Essential Cookies (Always Active): These cookies are necessary for the website to function:

  • Shopping cart functionality
  • Checkout process
  • User authentication
  • Security features

Analytics Cookies (Optional): Help us understand how visitors use our website:

  • Google Analytics (visitor behaviour, popular pages)
  • Session duration and bounce rates
  • Traffic sources

Marketing Cookies (Optional): Used for targeted advertising and measuring campaign effectiveness:

  • Social media pixels (Facebook, Instagram)
  • Retargeting cookies
  • Conversion tracking

Preference Cookies (Optional): Remember your choices and preferences:

  • Language preferences
  • Cookie consent choices
  • Display settings

9.3 Managing Cookies

Cookie Banner: When you first visit our website, you’ll see a cookie banner allowing you to:

  • Accept all cookies
  • Reject non-essential cookies
  • Customise your cookie preferences

Browser Settings: You can also control cookies through your browser settings:

  • Block all cookies
  • Delete existing cookies
  • Set preferences for specific websites

Important: Blocking essential cookies may prevent the website from functioning properly.

Change Your Mind: You can update your cookie preferences at any time by clicking [Cookie Settings] at the bottom of our website.

9.4 Third-Party Cookies

Some cookies are placed by third-party services:

  • Google Analytics: Tracks website usage (opt-out available)
  • Payment Processors: Facilitate secure transactions
  • Social Media Platforms: Enable sharing and advertising features

These third parties have their own privacy policies governing their use of cookies.

9.5 Do Not Track

We respect “Do Not Track” browser settings where technically feasible. However, there is no industry standard for responding to Do Not Track signals.

10. Marketing Communications

10.1 Types of Marketing

With your consent, we may send:

  • Email Newsletters: New products, sales, cultural events
  • Promotional Offers: Discounts and special offers
  • Product Recommendations: Based on your purchase history
  • Cultural Content: African heritage features and stories

10.2 Consent

How We Obtain Consent:

  • Opt-in checkbox during checkout
  • Subscription form on our website
  • Account creation process

Your consent is:

  • Freely given
  • Specific and informed
  • Unambiguous
  • Separate from other terms and conditions

10.3 How to Opt-Out

Unsubscribe from Marketing:

  • Click “unsubscribe” at the bottom of any marketing email
  • Update preferences in your account settings
  • Email us at [Your Marketing Preferences Email]

Processing Time: You will be removed from marketing lists within 7 business days.

Important:

  • Unsubscribing from marketing does not affect transactional emails (order confirmations, shipping updates)
  • We may still contact you about your orders or account

11. Children’s Privacy

11.1 Age Restrictions

Our website and services are not intended for children under 18 years of age.

We do not knowingly:

  • Collect personal data from children under 18 without parental consent
  • Market to children
  • Sell products directly to children

11.2 Parental Consent

If a child under 18 wishes to make a purchase:

  • Parental or guardian consent is required
  • The parent/guardian is responsible for the purchase
  • The parent/guardian controls the child’s personal data

11.3 If We Learn We Have Collected Children’s Data

If we discover we have inadvertently collected data from a child under 18 without proper consent:

  • We will delete the information as quickly as possible
  • We will not use the data for any purpose

Parents/Guardians: If you believe we have collected your child’s data, contact us immediately at [Your Data Protection Email].

12. Changes to This Privacy Policy

12.1 Updates

We may update this Privacy Policy from time to time to reflect:

  • Changes in laws or regulations
  • New features or services
  • Improvements to our data practices
  • Business changes

12.2 Notification

How We Notify You:

  • Updated “Last Updated” date at the top of this page
  • Email notification for significant changes (to marketing subscribers and customers)
  • Notification on our website

Your Responsibility: Please review this Privacy Policy periodically for changes.

12.3 Continued Use

Your continued use of our website after changes are posted constitutes acceptance of the updated Privacy Policy.

13. Third-Party Websites

13.1 External Links

Our website may contain links to third-party websites, including:

  • Social media platforms
  • Payment processors
  • Partner websites
  • Resource links

13.2 Not Our Responsibility

We are not responsible for:

  • The privacy practices of third-party websites
  • The content of external websites
  • How third parties collect or use your data

We recommend:

  • Reading the privacy policies of any website you visit
  • Understanding how your data will be used
  • Exercising caution when sharing personal information

14. California Privacy Rights

If you are a California resident, you may have additional rights under the California Consumer Privacy Act (CCPA). While we are UK-based, we respect California privacy rights for California customers.

California residents may have the right to:

  • Know what personal information we collect
  • Know if we sell or share personal information (we do not sell personal data)
  • Opt-out of the sale of personal information (not applicable as we don’t sell data)
  • Request deletion of personal information
  • Non-discrimination for exercising privacy rights

To exercise California rights: Contact [Your Data Protection Email] with “California Privacy Request” in the subject line.

15. Additional Information

15.1 Data Controller

The data controller responsible for your personal data is:

Totem Proud
[Your Business Address]
Email: [Your Data Protection Email]

15.2 Data Protection Officer

For privacy-related queries, contact our Data Protection Officer:

  • Email: [Your DPO Email]

15.3 Representative (if applicable)

If required by law, our EU/UK representative contact details will be provided here.

16. Contact Us

16.1 Privacy Questions

For any questions about this Privacy Policy or our data practices:

Email: [Your Data Protection Email]
Subject Line: Privacy Enquiry
Mail: Totem Proud, [Your Business Address]

16.2 Response Time

We aim to respond to all privacy enquiries within:

  • Initial Response: 48 hours
  • Full Resolution: 30 days

16.3 What to Include

When contacting us, please provide:

  • Your full name
  • Email address associated with your account
  • Order number (if applicable)
  • Clear description of your question or request

17. Summary of Key Points

What data do we collect?
We collect information you provide (name, email, address, payment details) and information collected automatically (IP address, cookies, website usage).

Why do we collect your data?
To process orders, provide customer service, improve our website, send marketing (with consent), and comply with legal obligations.

Who do we share your data with?
Our printer (for order fulfilment), shipping carriers, payment processors, and analytics providers. We don’t sell your personal data.

How long do we keep your data?
Active order data until completion, completed orders for 7 years (tax compliance), marketing data until you unsubscribe.

What are your rights?
Access, rectification, erasure, restriction, portability, objection, and to complain to the ICO.

How can you control cookies?
Manage preferences through our cookie banner or your browser settings.

How can you opt-out of marketing?
Click “unsubscribe” in any marketing email or contact us.

Thank you for trusting Totem Proud with your personal data. We are committed to protecting your privacy while helping you celebrate your African heritage with pride.

This Privacy Policy is effective as of 29 October 2025 and may be updated from time to time. Please check this page regularly for updates.

Free Worldwide shipping

On all orders above $50

Easy 30 days returns

30 days money back guarantee

International Warranty

Offered in the country of usage

100% Secure Checkout

PayPal / MasterCard / Visa