Privacy Policy

Data Controller and Owner:

Rebecca Johnstone

Trading as:

Dainty Dora Surface Pattern Design + Print
Johnstone, Renfrewshire, Scotland, UK

Contact email:

Security of your data:

When you purchase something from our store, as part of the buying and selling process, we collect the personal information you give us such as your name, address and email address.

We promise not to pass on any private/personal details such as name, address, email, phone number, and if applicable, the details of your purchase, to any third party. This information will be used solely for the purpose of:

  • Fulfilling your order
  • To communicate with you about your order
  • For legal reasons (like paying taxes)

All payment information is managed and secured by external payment transaction providers: Stripe, PayPal and ApplePay (depending on your chosen payment method). Payment information is never received, collected or held by us. 

Once you leave our store’s website or are redirected to a third-party website or application, you are no longer governed by this Privacy Policy or our website’s Terms of Service.

Data Retention

I retain your personal information only for as long as necessary to provide you with my services and as described here in my Privacy Policy. However, I may also be required to retain this information to comply with my legal and regulatory obligations, to resolve disputes, and to enforce my agreements. I generally keep your data for the following time period: 6 years.

Website Cookies:

A cookie is a text-only string of information created by a web site on your computer. The web site uses this cookie to identify you when you return to the site.

Session cookies are temporary cookies that remain in the cookie file of your browser until you leave the site. Our cookies cannot harm your computer and do not contain any personal or private information.

Most computers are sold with cookies enabled, but you can set your computer to disable cookies if you prefer. However, not all elements of this site may work if you have disabled cookies.

The UK rules on cookies are covered by the Privacy and Electronic Communications Regulations and enforced by the Information Commissioner’s Office (ICO). 

Mailing List:

By entering your name/email address into the embedded mailing list sign-up form, you are opting in to receive regular updates on our products and services, however you can opt-out at any time by clicking the relevant link in your original sign-up email, any subsequent email received from us, or by contacting

As MailChimp is our chosen mailing list integration provider, all personal data given, i.e. name and email address, are stored securely by MailChimp. We do not share our mailing list with anyone else.

All details are taken in compliance with UK Spam Laws detailed in the Privacy and Electronic Communications Regulations 2003. All personal details relating to subscriptions are held securely and in accordance with the Data Protection Act 1998. 

MailChimp certify that they follow the principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. 

When we send emails via MailChimp, we'll sometimes track who opened the emails and who clicked the links. We do that to measure our Email Campaigns’ performance and to improve our features for specific segments of our subscribers. To do this, we include single pixel gifs, also called web beacons, in emails we send. Web beacons allow us to collect information about when subscribers open the email, their IP address, their browser or email client type, and other similar details. We use the data from those Web Beacons to create reports about who has or hasn’t opened emails or clicked links.

Two-factor authentication is enabled on our MailChimp account to ensure security of access to all information held therein.

In compliance with UK Spam Laws and the Privacy and Electronic Communications Regulations 2003 subscribers are given the opportunity to unsubscribe at any time through an automated system. This process is detailed at the footer of each email campaign.

MailChimp has annually certified their agreement to EU/US and Swiss Safe Harbor Frameworks since 2007. 

Since the Safe Harbor Frameworks have been replaced by the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework, they have certified their agreement with these Privacy Shield Frameworks. As we are located in the European Economic Area (EEA) or Switzerland and/or send to anyone in the EEA or Switzerland, then we have completed and subscribe to MailChimp's Data Protection Agreement. You can view a copy of the Data Processing Addendum upon request. Please send such requests to:

View MailChimp's Privacy Policy 

View MailChimp's Terms of Use

View MailChimp's Cookie Statement

External Links:

When you click on links on our store, they may direct you away from our site. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.

Your Rights:

If you reside in certain territories, including the EU, you have a number of statutory rights in relation to your personal information. While some of these rights apply generally, certain rights apply only in certain limited cases. I describe these rights below:

  • Access. You may have the right to access and receive a copy of the personal information I hold about you by contacting me using the contact information detailed at the start of this policy (email:
  • Change, restrict, delete. You may also have rights to change, restrict my use of, or delete your personal information. Absent exceptional circumstances (like where I am required to store data for legal reasons) I will generally delete your personal information upon request.
  • Object. You can object to (i) my processing of some of your information based on my legitimate interests and (ii) receiving marketing messages from me after providing your express consent to receive them. In such cases, I will delete your personal information unless I have compelling and legitimate grounds to continue using that information or if it is needed for legal reasons.
  • Complain. If you reside in the EU and wish to raise a concern about my use of your information (and without prejudice to any other rights you may have), you have the right to do so with your local data protection authority.

Find out more at the ICO website.

Your Consent:

While we make every effort to ensure that any personal information we collect from you is kept secure and processed lawfully, the internet is not a totally secure medium. If you do not agree with this policy, you should not submit your personal information on this website.

We reserve the right to modify this privacy policy at any time, so please review it frequently. Changes and clarifications will take effect immediately upon their posting on the website. 


Updates to our data and privacy policy will be published here. This policy has been fully reviewed and updated in relation to the General Data Protection Regulation (GDPR) in May 2018.

Thank you