Shopping bag (0)
< Go back a page

Privacy policy

Privacy & security banner

We hate spam and treat your data as we would like ours to be treated - we always have so we comply with the General Data Protection Regulation (GDPR) that came into force in the EU on 25 May 2018 but have updated some information here accordingly.

We fully respect our customers right to privacy and protect their data at all times. is a trading name of Meleniak Ltd. In summary, the two lawful bases on which we process your data are: (a) Consent: the individual has given clear consent for you to process their personal data for a specific purpose such as making a purchase from our website or joining our mailing list for our newsletter. (b) Contract: the processing is necessary for a contract you have with the individual (sale of a good), or because they have asked you to take specific steps before entering into a contract.

This site uses cookies. By continuing to use this web site, you are agreeing to our use of cookies as detailed below in this Privacy policy. We clearly list the cookies and their purpose along with advice on how to manage cookies should you wish to.

This privacy policy sets out how Meleniak Ltd uses and protects any information that you give Once Upon a Belt when you use this website. Meleniak Ltd is committed to protecting the privacy of visitors to its Websites. Should we ask you to provide certain information by which you can be identified when using this website, then you can be assured that it will only be used in accordance with this privacy statement. Meleniak Ltd may change this policy from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes.

Meleniak Ltd analyses aggregate and non-personally identifiable data relating to usage of the Websites. In accordance with the UK Data Protection Act 1998, any personal information collected is done so with the explicit knowledge and authorisation of users upon registration, request or submission of order to the Websites. Information provided at the time of registration or submission will be used to provide the requested information and may be used for marketing research relating to Meleniak Ltd and its various Websites. It will not be used for any unsolicited communication to users unless so authorised by them. Meleniak Ltd will use its best endeavours to ensure that user data is kept secure at all times.

What we collect

We may collect the following information:

  • name
  • contact information including email address
  • demographic information such as postcode, preferences and interests e.g. a belt you emailed to enquire about the availability of it
  • other information relevant to customer surveys and/or offers

Note Meleniak Ltd DOES NOT hold any payment card details on file. For the exhaustive list of cookies we collect see the List of cookies we collect section.

What we do with the information we gather

We require this information to understand your needs and provide you with a better service, and in particular for the following reasons:

  • Internal record keeping.
  • We may use the information to improve our products and services.
  • We may periodically send informational emails about new products, special offers or other information which we think you may find interesting using the email address which you have provided, but only to those people who have EXPLICITLY asked to join our email newsletter mailing list. You will not receive our newsletters by just providing the information required to place an order with us unless you specifically ask to be included.


We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online. For information about our security policy, visit the Payment & non-UK customers page. In the unlikely event of a breach of security that affects your data, you will be informed as soon as is possible.

The GDPR introduces a duty on all organisations to report certain types of personal data breaches to the ICO and, in some cases, to the individuals affected. A personal data breach means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data. We have to notify the ICO of a breach unless it is unlikely to result in a risk to the rights and freedoms of individuals. Where a breach is likely to result in a high risk to the rights and freedoms of individuals, we must notify those concerned directly and without undue delay. In all cases we maintain records of personal data breaches, whether or not they are notifiable to the ICO. We will report a notifiable breach to the ICO without undue delay, but not later than 72 hours after becoming aware of it. The GDPR recognises that it will not always be possible to investigate a breach fully within that time-period and allows us to provide additional information in phases, so long as this is done without undue further delay. Our staff understand what constitutes a personal data breach, and that this is more than a loss of personal data. We have an internal breach reporting procedure in place. This will facilitate decision-making about whether we need to notify the ICO or affected individuals. We have robust breach detection, investigation and internal reporting procedures in place.

How we use cookies

A Cookie is a small file which asks permission to be placed on your computer's hard drive. Once you agree, the file is added and the cookie helps us analyse our web traffic or remember your previously stated preferences when using our site. Cookies allow us to recognise you automatically whenever you visit our site so that we can personalise your experience and provide you with better service. If your web browser is set to refuse cookies from our website, you will not be able to complete a purchase or take advantage of certain features of our website, such as storing items in your Shopping bag or receiving personalised recommendations. As a result, we strongly encourage you to configure your web browser to accept cookies from our website. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.

We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system. No personal identity details are gathered or used in this process.

Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us. You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.

For the exhaustive list of cookies we collect see the List of cookies we collect section.

Links to other websites

Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.

Controlling your personal information

You may choose to restrict the collection or use of your personal information in the following ways:

  • whenever you are asked to fill in a form on a website, look for the box that you can click to indicate that you do not want the information to be used by anybody for direct marketing purposes. Web sites operated by Meleniak Ltd NEVER use any of your personal information for direct marketing purposes other than our email newsletter, nor do we ever pass it on to third parties. We only send our email newsletters to people who have explicitly asked to receive them by ticking an appropriate tick box or filling out a request form. We have always used a double opt in to gain your consent to receive our newsletters although we send them out very rarely.
  • If you have previously agreed to us using your personal information for our email newsletter, you may change your mind at any time by writing to or emailing us at [Please enable JavaScript to view email addresses]

Meleniak Ltd will never sell, rent or otherwise make available any personal data submitted by visitors to its Website to other third-parties, except where it is part of providing a service to you such as selling an item to you and getting it to your desire address e.g. the fulfilment house printing off your order to go pick it and printing off address label, arranging for delivery of goods to you via Royal Mail or other courier, carrying out credit and other security checks to protect us both from fraud, or unless we are required to do so by law. We only ask for a telephone number so that if sending by courier you can get a text message to your phone to advise the hour of delivery or to contact you with an important question about your order or to advise an items ordered is not in stock and to suggest an alternative. If you have asked to have the newsletter sent to you that is the only way you will come to receive it and it is sent using the MailChimp platform, an international entity - we have signed a Data Protection Agreement i.e. a Data Processing Addendum with The Rocket Science Group LLC d/b/a MailChimp ("MailChimp") who will also protect your data. Upon request, Meleniak Ltd will remove users personal information from its database thereby cancelling any registration. Furthermore, upon request, registered visitors may access and/or correct any erroneous information. We are legally required to keep some archived data with regards to invoices for correct financial record keeping.

Any request concerning personal data (to remove it, block or restrict processing and/or cancellation of registration to any services provided through the Meleniak Ltd websites should either be emailed to [Please enable JavaScript to view email addresses] or sent to the following address:

Data Protection
Meleniak Ltd
Unit 4 Homelands
Ringwood Road
Three Legged Cross
BH21 6QZ
United Kingdom

You may request details of personal information which we hold about you under the Data Protection Act 1998. If you would like a copy of the information held on you please write to the address above. However these methods may be quicker and easier - the information held is the same as what is printed on invoice which was given at the time of the order and if you have an account, what you see when you log in to your account. It is free to request what data we have pertinent to you but we are legally entitled to charge a ‘reasonable fee’ when a request is: * manifestly unfounded or excessive, particularly if it is repetitive, unless you refuse to respond; or * for further copies of the same information (that’s previously been provided). Requests will be answered within the legal maximum of one calendar month but usually in a matter of days. Please note to answer a request we are legally required to verify the identity of the person making the request, using “reasonable means”. If the request is made electronically, we will provide the information in a commonly used electronic format.

When processing is restricted, we are permitted to store the personal data, but not further process it. We can retain just enough information about the individual to ensure that the restriction is respected in the future. If we have disclosed the personal data to other organisations (controllers or processors), we must inform them about the restriction, unless it is impossible or involves disproportionate effort to do so. We must inform individuals when we decide to lift a restriction on processing.

If you believe that any information we are holding on you is incorrect or incomplete, please write to or email us as soon as possible, at the above address. We will promptly correct any information found to be incorrect.

Data protection by design etc

Andrew Norton is the Data Protection Officer and senior staff member with responsibility for managing information risks, coordinating procedures put in place to mitigate them and for logging and risk assessing information assets. Under the GDPR, we have a general obligation to implement appropriate technical and organisational measures to show that we have considered and integrated data protection into our processing activities. This is referred to as data protection by design and by default. We have adopted internal policies and implemented measures which help us comply with the data protection principles – this includes data minimisation and transparency measures.

List of cookies we collect / cookie management advice

The table below lists the cookies we collect and what information they store.

COOKIE name COOKIE Description
CART The association with your shopping cart enabling you to add to bag.
CATEGORY_INFO Stores the category info on the page, that facilitates quicker display of pages.
COMPARE Any items that you have in the Compare Products list.
CURRENCY Your preferred currency.
CUSTOMER An encrypted version of your customer id within the store. Affects users with an account only.
CUSTOMER_AUTH An indicator if you are currently logged into the store. Affects users with an account only.
CUSTOMER_INFO An encrypted version of the customer group you belong to e.g. retail or wholesale. Affects users with an account only.
CUSTOMER_SEGMENT_IDS Stores the Customer Segment ID. Affects users with an account only.
EXTERNAL_NO_CACHE A flag, which indicates whether caching is disabled or not. Caching is used to speed up display of pages.
FRONTEND Your session ID on the server.
GUEST-VIEW Allows guests (those without accounts) to edit their orders.
LAST_CATEGORY The last category you visited.
LAST_PRODUCT The most recent product you have viewed.
NEWMESSAGE Indicates whether a new message has been received. Affects users with an account only and we do not use messaging but it is built into our ecommerce system.
NO_CACHE Indicates whether it is allowed to use cache.
PERSISTENT_SHOPPING_CART A link to information about your shopping cart and viewing history if you have asked the site.
POLL The ID of any polls you have recently voted in. We do not use this but it is built into our ecommerce system.
POLLN Information on what polls you have voted on. We do not use this but it is built into our ecommerce system.
RECENTLYCOMPARED The items that you have recently compared.
STF Information on products you have emailed to friends.
STORE The store view or language you have selected. We do not use this but it is built into our ecommerce system.
USER_ALLOWED_SAVE_COOKIE Indicates whether a customer allowed site to use cookies if asked upfront.
VIEWED_PRODUCT_IDS The products that you have recently viewed.
WISHLIST An encrypted list of products added to your Wishlist.
WISHLIST_CNT The number of items in your Wishlist.
ie6check, fbIE6Shown Microsoft Internet Explorer version 6 warning override (an alert shown to IE6 users only).
fbAutoShown Autoshow preference for video display.
_utma, _utmb, _utmc, _utmz Google Analytics.
Information about how visitors use our site. This information is anonymous and tells us for example the number of users visiting the site, what % of users are using which internet browser, most popular pages and % that found us through search engines and which ones etc.

To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit

To opt out of being tracked by Google Analytics across all websites visit

We embed videos from our official YouTube channel using YouTube’s privacy-enhanced mode. This mode may set cookies on your computer once you click on the YouTube video player, but YouTube will not store personally-identifiable cookie information for playbacks of embedded videos using the privacy-enhanced mode. To find out more please visit YouTube’s embedding videos information page .

Use of Javascript

You must have javascript enabled in your browser in order to be able to fully use the shop pages. It is a requirement of our eCommerce software and without it, the shop pages will not provide the full functionality required to purchase products. Quite simply, you will not be able to use our site for product browsing and shopping without the Javascript functionality enabled. This is consistent with many other leading eCommerce retailers. Our website should display a yellow banner at the top of the screen indicating that Javascript is not available if you have it switched off.

Javascript is a programming language that runs in your browser and is used to perform screen manipulation, validation and image loading. Rest assured that the web site does not contain any malicious scripts or threats to your privacy and security. We run regular security checks and reporting on our servers and software to ensure our system and data integrity is never breached. Javascript is not required to view the main site content pages apart from active mail links and contact management.

Please note that customers using Microsoft Internet Explorer version 6, will receive warning banners and pop-up information recommending the upgrade of their web browser to a newer browser. This is perfectly normal behaviour from our site and does not indicate any malicious behaviour. Internet Explorer v6 is now a very old and inefficient browser with many non-standard quirks and anomalies. Consistant with most modern internet sites, Once Upon a Belt no longer fully supports this browser and users are likely to experience poor response, corrupted screen layout and problems with the category filters. Whilst it IS possible to successfully use our site with this browser, we do not officially support it and recommend you upgrade immediately to one of the many excellent alternative modern browsers available today.

The host server for this Website is located in the UK and the company is British – differences are subject to the courts of England and Wales and United Kingdom data protection laws.