Privacy Policy

Last updated 01/10/25

Million Circles (“we”, “our”, “us”) respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose and protect information when you visit our website millioncircles.com (the “Site”) or use our services (the “Services”).

By using our Site or Services, you agree to the terms of this Privacy Policy.

1. Information We Collect

We may collect the following categories of personal information:

  • Identity & Contact Data – name, email address, phone number, billing/shipping address.

  • Account Data – login details, preferences, service history.

  • Transaction Data – payment details (processed via third-party payment providers), purchase history.

  • Technical Data – IP address, browser type, operating system, device identifiers, cookies.

  • Usage Data – how you interact with our Site (pages viewed, links clicked, time spent).

  • Marketing Data – preferences for receiving marketing communications.

2. How We Collect Your Data

We collect personal data in the following ways:

  • Directly from you (e.g. when you fill out forms, sign up for newsletters, purchase services).

  • Automatically when you use the Site (through cookies, analytics tools, and server logs).

  • From third parties (e.g. payment providers, social media platforms if you interact with us there).

3. How We Use Your Data

We use your information for:

  1. Providing and managing our Services.

  2. Processing transactions and delivering purchases.

  3. Responding to enquiries and providing customer support.

  4. Sending service updates, marketing communications, and newsletters (where you have consented or where permitted by law).

  5. Improving the Site, Services, and user experience.

  6. Complying with legal obligations.

4. Legal Bases for Processing

We process personal data under one or more of the following lawful bases:

  • Consent – where you have given clear permission (e.g. marketing emails).

  • Contract – where processing is necessary for performing a contract with you.

  • Legal obligation – where required by law or regulation.

  • Legitimate interests – where processing is necessary for our business interests and your rights do not override these.

5. Sharing Your Data

We may share your information with:

  • Service providers and partners who support our operations (e.g. hosting, analytics, payment processing).

  • Professional advisers (e.g. accountants, legal consultants).

  • Authorities, regulators, or law enforcement where required by law.

  • In the event of a business transfer (e.g. merger, acquisition, sale of assets).

We do not sell your personal data to third parties.

6. Cookies & Tracking

Our Site uses cookies and similar technologies to:

  • Improve site functionality.

  • Analyse site traffic and usage.

  • Provide personalised experiences and marketing.

You can manage or disable cookies through your browser settings, but some features may not function correctly.

7. Data Retention

We keep your personal data only for as long as necessary for the purposes described in this Policy, or to comply with legal, accounting, or reporting requirements.

8. Data Security

We implement appropriate technical and organisational measures to protect your data against loss, misuse, unauthorised access, disclosure, alteration or destruction. However, no method of transmission over the internet is 100% secure.

9. Your Rights

Under UK GDPR, you have rights including:

  • Access – request a copy of the personal data we hold about you.

  • Rectification – request corrections to inaccurate or incomplete data.

  • Erasure – request deletion of your data (“right to be forgotten”).

  • Restriction – request limits on processing your data.

  • Portability – request transfer of your data to another provider.

  • Objection – object to certain processing (e.g. direct marketing).

  • Withdraw consent – where processing is based on consent, you may withdraw at any time.

To exercise these rights, please contact us at [insert contact email].

10. International Data Transfers

If we transfer your data outside the UK/EEA, we will ensure it is protected by appropriate safeguards, such as standard contractual clauses or adequacy decisions.

11. Third-Party Links

Our Site may link to third-party websites. We are not responsible for their privacy practices. We encourage you to read their privacy policies.

12. Children’s Privacy

Our Services are not directed at children under 16. We do not knowingly collect data from children. If you believe we have, please contact us to delete it.

13. Changes to This Policy

We may update this Privacy Policy from time to time. Updates will be posted on this page with a new “Last Updated” date.