Privacy Policy
Filmswear collects only what we need, uses it only as stated, protects it with industry-standard security, and never sells it β to anyone, ever. Your data belongs to you.
Introduction & Who We Are
Filmswear.com ("Filmswear", "we", "us", "our") is a premium global e-commerce brand specialising in Hollywood-inspired, handcrafted genuine leather jackets β shipped worldwide to customers in the USA, UK, Canada, and the European Union.
We are the Data Controller responsible for all personal information collected through this website. This Privacy Policy explains how we collect, use, store, protect, and share your personal data when you visit Filmswear.com, place an order, or contact our support team.
This policy complies fully with the UK General Data Protection Regulation (UK GDPR), the EU GDPR (2016/679), the UK Data Protection Act 2018, and the UK Privacy and Electronic Communications Regulations (PECR).
We collect only what we need. We use it only for the purpose it was given. We protect it with best-in-class security. We never sell it, rent it, or share it beyond the purposes listed in this policy. Your personal data belongs to you β we are only ever temporary, responsible custodians of it.
Key Definitions
The following terms are used throughout this policy. Understanding them ensures complete clarity about how your information is handled at Filmswear.
What Personal Data We Collect
We collect personal data through three channels: directly from you during your visit, automatically through your browser, and indirectly through third-party services integral to order fulfilment.
- Full name β required for order fulfilment and courier delivery label generation
- Email address β for order confirmation, dispatch notifications, and support correspondence
- Delivery address β complete postal address including country, required for international shipping
- Phone number β optional; requested by some courier partners for delivery coordination only
- Body measurements β only if you voluntarily submit custom sizing specifications with your order
- Order details β jacket selected, size, leather tier, quantity, and any notes you include at checkout
- Payment confirmation data β order total and masked card last 4 digits only; full card numbers never reach Filmswear systems
- Support messages β content of emails or enquiries you send to our customer team
- IP address β used for fraud detection, approximate geographic analytics, and security logging
- Browser type and version β used to ensure website compatibility and optimise your experience
- Device type β desktop, mobile, or tablet β used for responsive layout and design decisions
- Pages visited and session duration β anonymised data processed by Google Analytics with your consent
- Referring URL β which site, search engine, or ad campaign directed you to Filmswear.com
- Cookie identifiers β see our Cookie Policy for full details of every cookie we set
- Full payment card numbers β processed exclusively by Stripe and never transmitted to Filmswear servers
- Government ID, passport numbers, or national insurance / social security numbers of any kind
- Sensitive special-category data β health information, ethnicity, political opinions, religious beliefs, or biometrics
- Children's personal data β Filmswear.com is strictly for users aged 18 and over
How We Use Your Personal Data
Every use of your personal data is tied to a documented purpose and a corresponding lawful basis under UK/EU GDPR. We never use your data for purposes beyond those listed here without seeking fresh, specific consent.
| Purpose | Data Used | Legal Basis |
|---|---|---|
| Processing and fulfilling your order | Name, address, email, order details | Contract |
| Order confirmation & dispatch notifications | Email address, order reference number | Contract |
| Arranging international courier delivery | Name, full address, phone if provided | Contract |
| Secure payment processing via Stripe / PayPal | Email, billing address, payment confirmation | Contract |
| Responding to customer support enquiries | Email, name, order number, message content | Contract |
| Fraud prevention and transaction security | IP address, payment patterns, order data | Legitimate Interest |
| Website analytics and performance improvement | Anonymised session data, IP address | Consent |
| Marketing emails β new collections and offers | Email address, purchase history (opted-in only) | Consent |
| Legal compliance and tax record-keeping | Order data, billing information | Legal Obligation |
| Retargeted advertising on Meta and Google Ads | Cookie identifiers, browsing signals β consented | Consent |
We only send marketing emails if you have explicitly opted in at checkout or via our newsletter sign-up form. We never auto-enrol customers after a purchase. Unsubscribe at any time via the link in any email, or by contacting support@filmswear.com. Opting out of marketing has no effect on your transactional order notifications.
When and With Whom We Share Your Data
Filmswear does not sell, rent, or trade personal data. We share data only with carefully selected third-party service providers that are operationally essential β and only the minimum data required for each specific function.
All third parties processing data on our behalf are bound by Data Processing Agreements (DPAs) that obligate them to handle your data securely, use it only for the stated purpose, and comply with GDPR in full.
- Data brokers, list resellers, or advertising aggregators of any kind
- Other e-commerce retailers, brands, fashion companies, or direct competitors
- Social platforms beyond what you explicitly consent to via cookie preferences
- Any third party for their own independent commercial or marketing activities
- Government or law enforcement β except where legally compelled by a valid court order or statutory requirement
International Data Transfers
Filmswear operates globally, meaning your personal data may be transferred to and processed in countries outside your own. Every international transfer is governed by appropriate GDPR-compliant legal safeguards.
- UK to EU transfers: Covered by UK Adequacy Regulations β no additional safeguards required for transfers to EU member states.
- Transfers to the USA (Stripe, Google, Meta): Protected by Standard Contractual Clauses (SCCs) incorporated into each provider's Data Processing Agreement, providing GDPR-equivalent protections.
- Production workshop transfers: Our workshop team receives only the minimum data required to craft your jacket β size and design specifications only. Contact details such as email or address are never shared with production staff. These limited transfers follow strict internal data handling protocols.
- Courier transfers: Delivery address data is shared under the Contract legal basis β necessary to deliver your order. All major international courier partners maintain their own GDPR-compliant privacy policies.
Under UK and EU GDPR you may request a copy of the specific safeguards we rely upon for any international data transfer. Email support@filmswear.com and we will respond within 30 calendar days.
How Long We Keep Your Data
We retain personal data only as long as necessary to fulfil the original collection purpose or satisfy a legal obligation. The schedule below sets out our specific retention periods by data category.
| Data Category | Retention Period | Justification |
|---|---|---|
| Order records (name, address, items, value) | 7 Years | UK tax law and financial audit compliance requirement |
| Email address (transactional) | 7 Years | Retained alongside order record for legal purposes |
| Customer support correspondence | 3 Years | To resolve future disputes or post-sale warranty queries |
| Marketing consent records | Until withdrawn + 3 Years | Proof of consent record required under GDPR |
| Google Analytics session data | 14 Months | Maximum duration configured in our Analytics account |
| Cookie consent preference | 12 Months | Duration of consent cookie β refreshed annually |
| Payment confirmation records | 7 Years | Financial audit trail required by HMRC |
| Fraud investigation logs | 5 Years | Required for insurance and legal defence purposes |
| Deleted account data | 90 Days, then purged | Recovery window before permanent anonymisation |
After the relevant retention period, data is securely and permanently deleted or irreversibly anonymised so it can no longer be attributed to any individual. Anonymised aggregate statistics may be retained indefinitely as they contain no personal identifiers.
How We Protect Your Data
We have implemented layered technical and organisational security measures to protect your personal data against unauthorised access, accidental loss, alteration, or disclosure at every stage of processing.
- 256-bit SSL/TLS encryption on all pages β your entire connection to Filmswear.com is encrypted in transit at all times
- PCI-DSS Level 1 compliance via Stripe β the highest internationally recognised payment card security standard
- Stripe-hosted payment environment β card data is entered directly into Stripe's secure system and never passes through our servers
- Two-factor authentication required for all team members accessing order management and customer data systems
- Encrypted, access-controlled database backups with strict geographic and personnel access restrictions
- Regular security patching and active monitoring of all website and hosting infrastructure
Should a personal data breach occur that poses a risk to your rights and freedoms, Filmswear will notify the UK ICO within 72 hours and will inform affected individuals directly without undue delay β as required under UK GDPR Articles 33 and 34. We will clearly communicate what occurred, what data was affected, and every step taken to mitigate the harm.
Your Eight Data Protection Rights
Under UK and EU GDPR you hold eight legally enforceable rights over your personal data. Filmswear is obligated to facilitate each one at no charge. Exercise any right by emailing support@filmswear.com at any time.
- Email support@filmswear.com with subject line "Data Rights Request β [Right Name]"
- Include your full name and the email address associated with your Filmswear order or account
- Clearly state which right you wish to exercise and any relevant context or supporting details
- We acknowledge your request within 5 business days and respond in full within 30 calendar days
- We may verify your identity using the minimum necessary information before processing sensitive requests
- All rights requests are processed completely free of charge β no exceptions
Children's Privacy
Filmswear.com is strictly for users aged 18 and over. Our products are premium adult consumer goods and our website, marketing, and all communications are directed exclusively at adult audiences. We do not knowingly collect personal data from anyone under 18.
- All personal data associated with the submission will be immediately and permanently deleted
- Any associated order will be cancelled and fully refunded to the original payment method without delay
- If you are a parent or guardian and believe your child has submitted data to Filmswear.com, contact us immediately at support@filmswear.com
Links to Third-Party Websites
Filmswear.com may contain links to external websites β for example, IMDb film references, courier tracking portals, or our social media profiles. These sites operate under their own independent privacy policies that Filmswear has no control over and accepts no responsibility for.
- We recommend reviewing the privacy policy of any third-party website you visit via a link from Filmswear.com.
- The presence of a link on our website does not constitute an endorsement of that site's privacy practices.
- Filmswear accepts no liability for the data handling practices of third-party websites accessed via outbound links from our pages.
Policy Updates & Contact Details
Filmswear reserves the right to update this Privacy Policy at any time to reflect changes in applicable law, our business practices, or the services we use. Material updates will be communicated by revising the effective date at the top of this page. For changes significantly affecting your rights, existing customers will be notified by email.
- Governing Law: This policy is governed by the laws of England and Wales under the UK GDPR and UK Data Protection Act 2018.
- UK Supervisory Authority: Information Commissioner's Office (ICO) β ico.org.uk. EU customers may also contact their local national Data Protection Authority.
- Last Reviewed: January 2025 β reviewed at minimum annually, or whenever our data practices change materially.