Privacy Policy

We collect personal information when you create an account, make purchases, or interact with our website. This includes your first name, last name, email address, phone number, and date of birth. Your password is stored using industry-standard encryption to protect your account security.

Shipping and billing addresses are collected when you make purchases to ensure proper delivery of products and for payment processing. This includes street address, city, state/province, postal code, and country information.

Account information includes your profile details, preferences, and order history. This helps us provide personalized service and maintain your account functionality.

When you make purchases, we collect order details including product selections, quantities, pricing, payment method information, and shipping preferences. This information is processed securely through our payment partners.

Your shopping cart contents and browsing behavior help us understand your preferences and improve our product recommendations. This includes items you've viewed, added to cart, or purchased.

Payment information is collected securely through Stripe, a PCI-compliant payment processor. We do not store complete credit card numbers on our servers - only encrypted tokens provided by Stripe.

We automatically collect certain technical information when you visit our website, including your IP address, browser type, device information, and general location data. This helps us provide appropriate content and maintain security.

Analytics data is collected through Google Analytics to understand how visitors use our website. This includes pages visited, time spent on site, referral sources, and user journey patterns.

Cookie data is stored on your device to maintain your session, remember your preferences, and provide personalized experiences. You can control cookie settings through your browser preferences.

We process your personal information when necessary to fulfill our contractual obligations to you. This includes processing orders, delivering products, handling payments, and providing customer support services.

Account management and authentication are necessary for providing our services and maintaining your relationship with us as a customer.

Order processing and delivery require your personal information to ensure products reach you correctly and payments are processed securely.

We process certain information based on our legitimate business interests, such as improving our website functionality, personalizing your shopping experience, and preventing fraud or abuse of our services.

Security monitoring and fraud prevention are conducted based on legitimate interests to protect our business and customers from unauthorized activities.

Business analytics help us understand customer behavior and improve our products, services, and overall user experience.

When we process information for marketing purposes, we do so based on your explicit consent. You can withdraw this consent at any time through your account settings or by contacting us.

Cookie usage for analytics and personalization requires your consent, which is obtained through our cookie consent banner when you first visit our website.

Newsletter subscriptions and promotional communications are only sent to users who have explicitly opted in to receive such communications.

Your personal and order information is used to process and ship your orders accurately. This includes verifying your identity, processing payments, and coordinating with shipping carriers.

We send order confirmations, shipping updates, and delivery notifications to keep you informed about your order status and expected delivery dates.

Returns and exchanges are processed using your order information to ensure proper handling of product issues and customer satisfaction.

Your account information enables us to provide personalized services, including saved addresses, order history tracking, and customized product recommendations based on your preferences.

We maintain your profile to ensure consistent experience across devices and sessions, remembering your preferences and settings.

Account security features use your information to protect your account from unauthorized access and provide recovery options if needed.

With your consent, we may use your information to send promotional emails about new products, special offers, and company news that may interest you based on your purchase history and browsing behavior.

Personalized product recommendations will be developed to help you discover products that match your preferences and previous purchases.

Customer insights and shopping patterns analysis will help us tailor our marketing communications to be more relevant and valuable to you.

Website performance analysis helps us identify areas for improvement, optimize loading times, and enhance user experience across different devices and browsers.

User behavior insights allow us to understand how customers navigate our site, which products are popular, and where we can improve the shopping journey.

Conversion tracking and A/B testing help us optimize our website design, product placement, and checkout process to increase customer satisfaction.

We share payment information with Stripe to process credit card and other payment methods securely. Stripe is PCI DSS compliant and handles all payment processing according to industry security standards.

Payment data shared with Stripe includes card information (processed securely), billing addresses, and transaction amounts necessary for payment processing.

Refund processing involves sharing relevant transaction data with Stripe and your financial institution to ensure proper handling of returns and refunds.

Firebase Authentication handles user account creation, login, and password management. This service ensures secure authentication and account recovery features.

Firebase Firestore stores all user data, including profiles, orders, and preferences. All data is stored in the europe-west2 region (London, UK) for compliance with UK data protection laws.

Google Cloud Platform provides the infrastructure for our services, including data storage, computing resources, and security monitoring.

Google Analytics collects anonymous usage data about how visitors interact with our website. This includes page views, session duration, and user behavior patterns.

Analytics data is aggregated and anonymized, meaning individual users cannot be identified from the analytics data we collect.

Performance monitoring tools help us identify and resolve technical issues quickly to maintain optimal website performance.

All customer data is stored primarily in Firebase Firestore located in the europe-west2 region (London, United Kingdom), ensuring compliance with UK GDPR requirements.

Our data infrastructure includes redundant backup systems to prevent data loss and ensure service continuity in case of technical issues.

Regular data backups are performed and stored securely to enable data recovery in case of emergency or system failures.

All data transfers between your browser and our servers are encrypted using SSL/TLS protocols to protect against unauthorized interception.

Passwords are stored using industry-standard encryption methods (bcrypt/hashing) and are never stored in plain text format.

We conduct regular security audits, penetration testing, and vulnerability assessments to identify and address potential security issues.

Access to customer data is strictly controlled through authentication, role-based permissions, and comprehensive audit logging.

Account data is retained for as long as your account remains active, or until you request account deletion.

Order and transaction data is retained for 7 years to comply with UK tax and accounting regulations.

Analytics data is retained for 26 months according to Google Analytics standard retention policies to help us understand long-term trends.

Marketing data is retained only until you withdraw consent or request deletion of your marketing preferences.

You have the right to request a copy of all personal data we hold about you. We will provide this in a readable, commonly used electronic format.

Access requests are typically processed within 30 days, though complex requests may require additional time.

You can verify the accuracy of your data and request clarification about how we use your information.

We provide information about the sources of your data if collected from third parties, and the purposes for which we process it.

You can request correction of inaccurate or incomplete personal information we hold about you. We will update our records promptly.

Account details, contact information, and preferences can be updated at any time through your account settings or by contacting customer support.

If you believe information is incorrect, we will take reasonable steps to verify and correct the data based on evidence you provide.

Changes to critical information (like email address) may require additional verification to ensure account security.

You can request deletion of your personal data when it is no longer necessary for the purposes for which it was collected, or if you withdraw consent.

Account deletion results in removal of your profile, order history, and personal information from our active databases.

Certain data may be retained for legal compliance purposes even after account deletion, such as transaction records required for tax purposes.

Marketing preferences can be deleted at any time, and we will cease all marketing communications to you.

You have the right to data portability, allowing you to receive your data in a structured, machine-readable format and transfer it to other service providers.

In certain circumstances, you can request restriction of processing your personal data, such as when accuracy is contested or processing is unlawful.

You can object to processing based on legitimate interests, unless we can demonstrate compelling legitimate grounds for processing that override your interests.

Consent can be withdrawn at any time, and we will cease processing based on consent where technically feasible.

Essential cookies are necessary for our website to function properly, including maintaining your session, managing your shopping cart, and providing security features.

Authentication cookies keep you logged in during your visit and remember your preferences across different pages of our website.

Security cookies help us detect and prevent malicious activities, protecting both our website and your personal information.

Google Analytics cookies collect information about how you use our website, including pages visited, time spent on each page, and your journey through our site.

Analytics data is aggregated and anonymized, meaning it cannot be used to identify individual users personally.

These cookies help us understand which parts of our website are most popular, where users encounter difficulties, and how we can improve the user experience.

You can control cookies through your browser settings, including blocking all cookies, deleting existing cookies, or being notified when cookies are set.

Our website will display a cookie consent banner to obtain your consent for non-essential cookies before they are placed on your device.

Disabling certain cookies may impact website functionality, such as personalized content or shopping cart features.

Cookie preferences can be managed through our cookie settings panel, which allows you to customize which types of cookies you accept.

Our services are only available to individuals who are 18 years of age or older. This restriction applies to account creation, product purchases, and all website interactions.

Age verification is performed during account creation through date of birth collection. Users under 18 are not permitted to create accounts or make purchases.

We do not knowingly collect personal information from individuals under 18, and any such information will be deleted immediately upon discovery.

Parental consent is not accepted as an alternative to the 18+ age requirement for our services.

Date of birth is required during account registration to verify age eligibility. This information is stored securely and used only for age verification purposes.

Age verification checks are performed automatically during signup, and accounts found to be under 18 are immediately blocked and deleted.

We implement special protections for young adults aged 18-25, including enhanced privacy controls and additional security features.

Any user discovered to be under 18 will have their account terminated immediately and all associated data deleted.

All customer data is stored and processed within the United Kingdom and European Economic Area, ensuring compliance with UK GDPR standards.

Our primary data storage is located in London, UK (europe-west2 region), with all processing infrastructure within EEA jurisdiction.

We do not transfer personal data outside the EEA without appropriate safeguards in place to protect your data rights.

UK GDPR compliance is maintained for all data processing activities, regardless of where our customers are located.

When international data transfers are necessary, we use Standard Contractual Clauses (SCCs) approved by the European Commission to ensure adequate protection.

We only transfer data to countries with adequacy decisions from the European Commission, or where appropriate safeguards are in place.

All international transfers include security measures such as encryption and access controls to protect data during transmission.

We regularly review our international transfer mechanisms to ensure continued compliance with evolving data protection regulations.

We may update this privacy policy periodically to reflect changes in our practices, legal requirements, or business operations. All changes will be posted on our website.

Significant changes to our privacy practices will be communicated to affected users via email at least 30 days before the changes take effect.

The last updated date is always displayed at the top of this policy to help you identify when changes were made.

Minor clarifications or corrections may be made without advance notice, but will not materially affect your privacy rights.

We encourage you to review this privacy policy regularly to stay informed about how we protect your information and your rights.

If you have questions about policy changes or how they affect you, please contact our privacy team using the contact information provided.

If you disagree with significant changes to this policy, you may delete your account and request deletion of your personal data.

Continued use of our services after policy changes indicates your acceptance of the updated terms and practices.