My Cart


Privacy policy, Cookies, Security


updated 12 August 2022


We are committed to safeguarding the personal information of our service users and website visitors, and to making our platforms safe and enjoyable environments for our audiences.


Information on the Collection of Personal Data and Contact Details of the Controller:
We are pleased that you are visiting our website and thank you for your interest. In the following sections, you can find out details about the handling of your personal data when or after using our website. Personal data is all data with which you can be personally identified.

The controller in charge of data processing on this website, within the meaning of the General Data Protection Regulation (GDPR), is Burn Lamche, 148 Fortess Road London NW5 2HP, United Kingdom, Tel.: +44 (0)207 813 7425, E-Mail: The controller in charge of the processing of personal data is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data.

 This website uses SSL or TLS encryption for security reasons and to protect the transmission of personal data and other confidential content (e.g. orders or inquiries to the controller). You can recognise an encrypted connection by the character string https:// and the lock symbol in your browser line.

By using our website and agreeing to this policy, you consent to our use of cookies in accordance with the terms of this policy. See below for detailed info about our use of cookies.

Our website incorporates privacy controls which affect how we will process your personal data. Additionally, when you share your data with us, you can specify whether you would like to receive digital marketing communications from us.

If you want to edit your details at any point, or unsubscribe from future communications, all emails you receive from Diverse include ‘Update Your Details’ and ‘Unsubscribe’ links at the bottom, or you can email us at to update your preferences at any time.

EU citizens have several important rights under the GDPR, including, but not limited to, the right to be forgotten, the right to object, the right to rectification (or correction) of incomplete or incorrect data, the right of access, and the right of portability. As we are wholly based in the UK, this website is no longer legally bound by the GDPR - however, following the UK's exit from the European Union we have elected to treat all of the data we process in exactly the same manner as previously. A summary follows:

We regulate and monitor, among other things, how we obtain, use, store, and eliminate personal data. 

This policy applies where we are acting as a Data Controller with respect to the Personal Data of our service users and website visitors; in other words, where we determine the purposes and means of the processing of that personal data.

Right to be forgotten: An individual may request that an organisation delete all data on that individual without undue delay.
Right to object: An individual may prohibit certain data uses.
Right to rectification: Individuals may request that incomplete data be completed or that incorrect data be corrected.
Right of access: Individuals have the right to know what data about them is being processed and how.
Right of portability: Individuals may request that personal data held by one organisation be transported to another.

To conclude this introduction, here is a summary of the ways we use any personal data. 

Summary of our use of customers' Personal Data:

Saskia Lamche Ltd does not target any online advertising towards any specific user of our website, or subscribers to our Mailing List. At the present time (August 2022) we make only very simple use of data provided to us by our customers, either via transactions carried out on our website (, or when they opt to subscribe to our Mailing List.

The seeking of consent, collection, storage, purpose, use, sharing or destruction of any Personal Data is date stamped at various stages, carefully monitored and controlled by Saskia Lamche Ltd. This has been the case since this website (and linked email List) first became operational.

Our website, and the majority of payment and / or storage systems associated with it, operate on a platform called Shopify. Shopify is the more important of our two appointed Data Processors. Shopify has in place a wide range of leading industry-standard safeguards to assure the integrity and security of all data collected on this site. Shopify's Privacy Policy does in parts affect users of this website, therefore we recommend our customers also read that; it provides additional technical detail which is not included here. There is other, more detailed information on Shopify later in this Policy. The link to Shopify's Privacy Policy is here.
Shopify's Cookie Policy, part of which may also apply to users of our website, is here.

Our Mailing List Sign-Up Form at and the Mailing List associated with it, as well as our email marketing campaigns are facilitated by the second of our Data Processors, a company called Mailchimp.

Shopify and Mailchimp are appointed Data Processors for users of this website and / or its services. As with Shopify, we have satisfied ourselves that Mailchimp's privacy policies and data security precautions meet strict industry standards and are compliant with GDPR regulation.

Our Mailing List Sign Up Form, if completed by a subscriber, collects a very small subset of personal data, which may be shared with, and / or stored on the Mailchimp platform. The data shared with Mailchimp consists only of: 
a) name
b) email address
c) phone number (this is optional).

Excluding the above, Mailchimp has no access to, and is not provided with any transactional data, or any other Personal Data controlled by Saskia Lamche Ltd. 

Since this website went live, Saskia Lamche Ltd has treated the collection of email addresses for marketing purposes as activity which requires affirmative consent and action from either: Any individual in the process of completing our Sign-Up Form, OR any customer or potential customer in the process of placing an order for products or services on our website.
On our Payment / Checkout Page(s), the default Email Marketing setting has always been, and will always be: "I do not consent to receiving Email marketing" - requiring conscious consent e.g. toggling of this option before consent is assumed. 
Our updated Sign-Up Form now seeks 2 forms of consent, both of which need to be actively ticked in order for Diverse to assume consent for that use:
- You provide consent for us to email
- You provide consent for us to deliver "customised online advertising". 

Please note: currently we do not customise our online advertising beyond letting Google know, via a web-form, very generalised preferences we may have e.g. location(s), interest(s), and / or age range(s) with regard to our intended advertising audience. In simple terms this is so that when a member of the public uses Google to perform a search for products or services that we offer, and they match one or more of those preferences, they may have displayed to them a text box containing our details and a link to our website.

As noted above, Mailchimp are technically in possession of the data subset forming the contents of our Mailing List(s) - or any future mailing lists we create on their platform - and are - independent of Saskia Lamche Ltd's own Data Controlling responsibilities - responsible for (at the very least) the secure processing, storage and strong protection of that data once it is entered into their systems.
Therefore if you have the time, we also recommend you read Mailchimp's updated Privacy Policy here.
Their Cookies Policy can be seen here.

Please see below for more detailed info about ours, and all designated 3rd Parties', use(s) of Personal Data, or the placement of cookies on this website, or in our marketing emails, or Text Advertisements placed by Diverse which users of our website might encounter while using Google Search. 

We have also included important text(s) from the Privacy and Cookie Policies of our appointed Data Processors (Shopify and Mailchimp) so that our readers will be able to note these without needing to leave this website.

We do not currently advertise on Facebook, Instagram or Twitter in any Paid Advertising sense. Anyone interacting with us on those platforms is advised to check the Privacy Policies of the respective platform(s) and adjust their Privacy Settings accordingly.

We hope this provides some quick answers to the reader who might skim through Privacy Policies. We engage only in limited, regulated marketing activities which have always required explicit consent. Our website and Mailing List(s) incorporate numerous safeguards to protect the very limited Personal Data we do collect. We never have, nor would we ever sell, trade, exchange or otherwise make available any Personal Data to any individual, entity or company. 

In the event we appoint any other Data Processor(s) in future, or provide any access to Personal Data which we lawfully control to any individual, entity or company not specifically detailed in this Policy, the identity of that individual / entity / company, and the basis for their future appointment as a Data Processor by Saskia Lamche Ltd will be announced in advance via an update to this Policy.

Apart from transactional data (which is handled by Shopify and/or Paypal entirely) the operation of our Email Mailing List is our only current or planned use of any Personal Data offered to us by our customers: we must use their name and email address in order to send them emails. Apart from that, nothing. 

If this changes, we will amend or Append this Privacy Statement immediately.

Now for the detail behind that summary:


In this Section we set out:

(a)    the general categories of personal data that we may process;

(b)    the purposes for which we may process personal data; and

(c)    the legal bases of the processing.

When you browse our store, we may process data about your use of our website and services (“usage data”). The usage data may include your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths, as well as information about the timing, frequency and pattern of your service use. We use Google Analytics to collect this data. This usage data may be processed for the purposes of analysing the use of the website and services. This data is only for internal use and will never be shared with third parties. The legal basis for this processing is our legitimate interests, namely monitoring and improving our website and services.

We may process your personal data that is provided in the course of the use of our services (“service data”). The source of the service data is you. The service data may include your name, email address, telephone number (optional), and / or mailing address. The service data may be processed for the purposes of operating our website, providing our services, enabling the creation of a Customer Account(s), ensuring the security of our website and services, maintaining back-ups of our databases and communicating with you. The legal basis for this processing is our legitimate interests, namely the proper administration of our website and business and in some cases the performance of a contract between you and us and/or taking steps, at your request, to enter into such a contract.

We may process information contained in any enquiry you submit to us regarding goods and/or services (“enquiry data”). The enquiry data may be processed for the purposes of offering, marketing and selling relevant goods and/or services to you. The legal basis for this processing is consent, or legitimate interest, namely the proper administration of our website and business and in some cases the performance of a contract between you and us and/or taking steps, at your request, to enter into such a contract.

We may process information relating to transactions, including purchases of goods and services, that you enter into with us (“transaction data”). The transaction data may include your contact details and the transaction details. The transaction data may be processed for the purpose of supplying the purchased goods and services and keeping proper records of those transactions. The legal basis for this processing is the performance of a contract between you and us. See Section 6 below which provides further detail about Payments, Security and the handling of sensitive financial data connected with any transactions between you and us.

We may process information that you provide to us for the purpose of subscribing to our email notifications and/or newsletters (“notification data”). The notification data may be processed for the purposes of sending you the relevant notifications and/or newsletters. The legal basis for this processing is consent, or the performance of a contract between you and us.

We may process information contained in or relating to any communication that you send to us (“correspondence data”). The correspondence data may include the communication content and metadata associated with the communication. Our website will generate the metadata associated with communications made using the website contact forms. The correspondence data may be processed for the purposes of communicating with you and record-keeping. The legal basis for this processing is our legitimate interests, namely the proper administration of our website and business and communications with users.

We may process information that you supply us for publication on our website (“publication data”). The publication data – including information and images and / or any content supplied for publication on our website – may be processed for the purposes of enabling such publication and administering our website and services. The legal basis for this processing is consent, or the performance of a contract between you and us.

We may process any of your personal data identified in this policy where necessary for the establishment, exercise or defence of legal claims, whether in court proceedings or in an administrative or out-of-court procedure. The legal basis for this processing is our legitimate interests, namely the protection and assertion of our legal rights, your legal rights and the legal rights of others.

GDPR Article 23 calls for data controllers to hold and process only the data absolutely necessary for the completion of our duties (data minimisation), as well as limiting the access to personal data to those needing to act out the processing. Saskia Lamche Ltd is fully in compliance with Article 23.

Additionally Saskia Lamche Ltd has formulated and compiled a Data Breach Response Plan in the unlikely event that any breach, or suspected breach of Personal Data security takes place.  

How do we get your consent?
When you provide us with personal information to complete a transaction, verify your credit card, place an order, arrange for a delivery or return a purchase, we imply that you consent to our collecting it and using it for that specific reason only.
If we ask for your personal information for a secondary reason, like marketing, we will ask you directly for your expressed consent, and provide you with an equal opportunity to say no.
How can you withdraw your consent?
If after you opt-in, you change your mind, you may withdraw your consent for us to contact you further, or for the continued collection, use or disclosure of your information, at anytime, by contacting us at: 
or mailing us at:
148 Fortess Road 
London NW5 2HP
Great Britain

We may disclose your personal information if we are required by law to do so or if you violate our Terms of Service.

All Personal data relating to completed transactions will be retained for a maximum of 24 months, or until such processing as is necessary for compliance with a legal obligation to which we are subject, is completed, whichever is the first.

In some cases it is not possible for us to specify in advance the periods for which your personal data will be retained. In such cases, we will determine the period of retention based on the following criteria:

(a)    We will hold your personal information on our systems for as long as is necessary for the relevant activity, or as long as is set out in any relevant contract you hold with us.

(b)    If you have not received or requested correspondence from us in the previous two years then your information may be classed as dormant and may be deleted.

(c)    We will hold your personal information relating to our newsletter or email alert list until you manually unsubscribe or request for your details to be removed.

Notwithstanding the other provisions of this Section, we may retain your personal data where such retention is necessary for compliance with a legal obligation to which we are subject.

Our store is hosted by Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you.

A limited subset of your data, consisting only of info provided by you to us, and excluding any credit card or other financial data, is stored through Shopify’s data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall. See below for further details of data required and processed by 3rd parties during the transaction / payment process.

Shopify's Privacy Policy will affect users of this website, and provides additional technical detail as to how Saskia Lamche Ltd, and Shopify protect your Personal Data. 
The link to Shopify's Privacy Policy is here
Shopify's Cookie Policy, parts of which also apply to users of our website, is here.

GDPR mandates that in the event of our using any processes that include fully automated decision-making (that is, without any human intervention), and that will have a significant legal effect on the customer, then we would need the customer’s consent:

Process Requirement
Automated decision making Notification
Fully automated decision making with significant legal effect Consent

In general, Shopify does not engage in any fully automated decision-making with our customers’ personal data. 

The one exception is Shopify's Risk and Fraud screening, where Shopify might automatically block a payment card number, or IP address, after a certain number of unsuccessful payment attempts. Shopify does not believe this has a significant legal effect on customers because the automated blocking lasts only for a short period of time, and we agree with this interpretation. 

Mailchimp:  we provide a very limited subset of your personal data to 'Mailchimp' a 3rd Party with whom we carry out email and marketing activity. The subset of data shared with Mailchimp includes only the following data:
- Your name
- Your email address
- Your telephone number, if provided (it is not required).
It does not include your postal mailing address, any financial data or any other data about you (whether provided to us by you, or otherwise) which we may legitimately store in the conduct of our lawful business.

    6 - PAYMENT:
    If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit / debit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.
    All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover.
    PCI-DSS requirements help ensure the secure handling of credit / debit card information by our store and its service providers.
    For more insight, you may also want to read Shopify’s Terms of Service ( or Privacy Statement (, as well as their recent Data Processing Addendum, incorporating new GDPR changes: (

     Use of Payment Service Providers:

    When you pay via PayPal, credit card via PayPal, direct debit via PayPal or - if offered - "purchase on account" or "payment by instalments" via PayPal, we transmit your payment data to PayPal (Europe) S.a.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter "PayPal"). The transfer takes place in accordance with Art. 6 (1) point b GDPR and only insofar as this is necessary for payment processing.

    PayPal reserves the right to carry out credit checks for the payment methods credit card via PayPal, direct debit via PayPal or, if offered, "purchase on account" or "payment by installments" via PayPal. For this purpose, your payment data may be passed on to credit agencies on the basis of PayPal's legitimate interest in determining your solvency pursuant to Art. 6 (1) point f GDPR. PayPal uses the result of the credit assessment in relation to the statistical probability of non-payment for the purpose of deciding on the provision of the respective payment method. The credit report can contain probability values (so-called score values). If score values are included in the result of the credit report, they are based on recognized scientific, mathematical-statistical methods. The calculation of the score values includes, but is not limited to, address data. For further information on data protection law, including the credit agencies used, please refer to PayPal's data protection declaration at:

    You can object to this processing of your data at any time by sending a message to PayPal. However, PayPal may still be entitled to process your personal data if this is necessary for contractual payment processing.

    In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.
    However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions.
    For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.
    In particular, remember that certain providers may be located in or have facilities that are located a different jurisdiction than either you or us. So if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.
    Once you leave our store’s website or are redirected to a third-party website or application, you are no longer governed by this Privacy Policy or our website’s Terms of Service.
    When you click on links on our store, they may direct you away from our site. We are not responsible for the privacy policies of other sites and encourage you to read their privacy statements.

    8 - SECURITY
    To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
    If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption. We follow all PCI-DSS requirements and implement additional generally accepted industry standards. 

    Saskia Lamche Ltd does not store your credit card, debit card or Paypal account details on its server or systems. All information held is kept by the company in a secure password-protected server and, the previous exceptions excluded, is never released to any Third Parties whatsoever. 


    A cookie is a small amount of information that’s downloaded to your computer or device when you visit certain websites. We use a number of different cookies on the Diverse website, including necessary, functional, performance and targeting cookies. Cookies make your browsing experience better by allowing the website to remember your actions and preferences (such as login and region selection). This means you don’t have to re-enter this information each time you return to the site or browse from one page to another. Cookies also provide information on how people use the website, for instance whether it’s their first time visiting or if they are a frequent visitor. We use this information to improve the browsing experience for all of our users.

    Cookies may be either “persistent” cookies or “session” cookies: a persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.

    Cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies.

    We may use cookies for the following purposes:

    (a)    authentication – we may use cookies to identify you when you visit our website and as you navigate our website (cookies used for this purpose identify the uses and their session(s), but are not linked to the user’s personal details)

    (b)    personalisation – we may use cookies and local storage to hold information about your preferences and to personalise the website for you (cookies used for this purpose track: recently viewed collections or products). 

    (c)    security – we use cookies as an element of the security measures to protect our website and services generally.

    (d)    advertising –  we may use Google AdWords to serve targeted adverts to relevant audiences. This service uses cookies to help us display advertisements that will be relevant to you, and to track the conversion rate of these advertisements.

    (e)    analysis – we use cookies to help us to analyse the use and performance of our website and services (cookies used for this purpose are linked to Google Analytics) 

    (f)     cookie consent – we use cookies to store your preferences in relation to the use of cookies more generally 

    Our service providers use cookies and those cookies may be stored on your computer when you visit our website.

    We use Google Analytics to analyse the use of our website. Google Analytics gathers information about website use by means of cookies. The information gathered relating to our website is used to create reports about the use of our website. Google’s privacy policy is available at:

    We have used a simple linking system to our website products in Instagram, but have never used Facebook Ads Manager to serve targeted adverts to relevant audiences. 

    Our Mailing List platform Mailchimp has a Cookies Policy which can be seen hereWe reproduce the following excerpt, as it lists and describes the potential use of cookies contained in the emails we send to subscribers to our mailing list. 

    Please note that 'user' in the following text refers to Saskia Lamche Ltd, as the 'user' of Mailchimp's services & technology.

    "Cookies served through the Services - User email campaigns:

    We automatically place single pixel gifs, also known as web beacons, in every email sent by our users. These are tiny graphic files that contain unique identifiers that enable us and our users to recognize when their subscribers have opened an email or clicked certain links. These technologies record each subscribers email address, IP address, date, and time associated with each open and click for a campaign. We use this data to create reports for our users about how an email campaign performed and what actions subscribers took.

    User sites:

    If a user elects to use certain MailChimp add-ons or features, the use of those may permit or require additional cookies or tracking technologies to be employed. If a user connects his or her website or e-commerce store (in each case, a “Site”) to a MailChimp account, MailChimp installs a JavaScript tracking snippet (“Snippet”) on that user’s Site. This Snippet will allow cookies, pixels, and other technologies to be set on that user’s Site to facilitate the use of certain automations, features and functionality offered by MailChimp through the Services. The specific cookies, pixels, or other technologies that will be set on a user’s Site depend on the particular add-ons or features that the user chooses to use as part of the Services. Subscribers should therefore review the relevant user’s privacy notice and cookie disclosures for further information about the specific types of cookies and other tracking technologies used on the Site."

    Most browsers allow you to refuse to accept cookies and to delete cookies. The methods for doing so vary from browser to browser, and from version to version. You can however obtain up-to-date information about blocking and deleting cookies via these links:

    (a) (Chrome);

    (b) (Firefox);

    (c) (Opera);

    (d) (Internet Explorer);

    (e) (Safari); and

    (f) (Edge).

    Blocking all cookies will have a negative impact upon the usability of many websites, including ours. If you block cookies, you may not be able to use all the features on our website.

    Here is a list of cookies that we use. We’ve listed them here so you that you can choose if you want to opt-out of cookies or not:

    _session_id, unique token, sessional
      allows Shopify to store information about your session (referrer, landing page, etc).
    _shopify_visit  no data held, Persistent for 30 minutes from the last visit, Used by our website provider’s internal stats tracker to record the number of visits
    _shopify_uniq  no data held, expires midnight (relative to the visitor) of the next day, Counts the number of visits to a store by a single customer.
    cart unique token, persistent for 2 weeks, Stores information about the contents of your cart.
    _secure_session_id  unique token, sessional
    storefront_digest  unique token, indefinite If the shop has a password, this is used to determine if the current visitor has access.

    We may update this policy from time to time by publishing a new version on our website. You should check this page occasionally to ensure you are happy with any changes to this policy. We may notify you of changes to this policy by email if you have consented to receive our newsletter or email alerts, or have undertaken a contract with us for the completion of services.

    By using this site, you represent that you are at least the age of majority in your country, state or region of residence, and you have given us your consent to allow any of your minor dependents to use this site.

    16 - OUR DETAILS
    Our head office is located at:

    Saskia Lamche Ltd

    Tel:  44 (0) 20 7813 7425

    This website is owned and operated by Saskia Lamche Ltd trading as Diverse.

    We are registered in England and Wales and our registered office is at 148 FORTESS ROAD LONDON NW5 2HP UNITED KINGDOM. Our UK Company No. is 10016985 and our VAT No. is 238098287.

    Our principal place of business is at 148 FORTESS ROAD LONDON NW5 2HP UNITED KINGDOM.

    (a)    by post, to the postal address given above

    (b)    by telephone, on 020 7813 7425

    (c)    by email, using

    If you would like to: access, correct, amend or delete any personal information we have about you, register a complaint, or want more information about our Privacy or Cookie policies, please contact Burn Lamche: 
    or by mail at:
    [Data Protection and Compliance]
    148 Fortess Road 
    NW5 2HP

    Copyright January 2022 Diverse. 

    Credit: Parts of this document were created using a template from SEQ Legal (