Privacy Policy

Privacy Policy

Last updated: 2026

This Privacy Policy explains how [BUSINESS NAME] ("we", "our", "us") collects, uses and protects personal data when you visit our store and place an order. It complies with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who we are

[BUSINESS NAME] is the controller responsible for your personal data. Contact us at [EMAIL] or by post at [ADDRESS].

2. Information we collect

  • Account & order details: name, billing & shipping address, email, phone (optional).
  • Payment data: handled by Shopify Payments and Stripe. We do not store full card numbers.
  • Browsing data: pages visited, products viewed, basket activity, device, browser, IP address.
  • Cookies: essential for cart & checkout; analytics & advertising only with your consent.

3. How we use your data

  • To process and fulfil your orders.
  • To send order confirmations, shipping updates and support replies.
  • To improve our website and product range.
  • To send marketing — only if you opt in. Unsubscribe at any time.
  • To prevent fraud and comply with legal obligations.

4. Who we share data with

  • Shopify Inc. — e-commerce platform.
  • Shopify Payments / Stripe — payment processing.
  • Royal Mail, DPD and other carriers — order delivery.
  • Meta (Facebook), Google — analytics & advertising (with consent).
  • Email service providers — transactional & marketing email.

We never sell your personal data.

5. Cookies

Control non-essential cookies through our cookie banner. Essential cookies (cart, checkout, security) cannot be disabled.

6. How long we keep your data

Order records: 7 years (UK tax law). Marketing data: until you unsubscribe. Cookie data: up to 13 months.

7. Your rights under UK GDPR

  • Access a copy of your data.
  • Correct inaccurate data.
  • Erasure ("right to be forgotten").
  • Restrict or object to processing.
  • Data portability.

Email [EMAIL] to exercise any right. You may also complain to the UK Information Commissioner's Office (ico.org.uk).

8. International transfers

Our providers (Shopify, Stripe, Meta) may transfer data outside the UK using Standard Contractual Clauses and the UK Addendum.

9. Children

Our store is not intended for under-16s.

10. Changes

We may update this policy. The "Last updated" date reflects the latest version.

11. Contact

Questions or requests: [EMAIL] · [ADDRESS].