PRIVACY POLICY

Last Updated: 1 September 2025

At Black Zebra, we believe in transparency and trust. Your privacy is incredibly important to us, and we are committed to protecting your personal data. This Privacy Policy explains how Black Zebra collects, uses, stores, and shares your personal information when you visit or make a purchase from www.blackzebra.co.uk (the "Site").

We operate in the United Kingdom, and as such, we comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who We Are

Black Zebra operates this website. For the purposes of data protection law, Black Zebra is the "data controller" of your personal data. This means we are responsible for deciding how we hold and use personal information about you.

2. What Personal Data Do We Collect?

When you visit the Site, we collect certain information about your device, your interaction with the Site, and information necessary to process your purchases. We may also collect additional information if you contact us for customer support. In this Privacy Policy, we refer to any information that can uniquely identify an individual (including the information below) as "Personal Data".

a. Information You Provide Directly: This includes information you give us when you:

Create an account: Your name, email address, password.

Make a purchase: Your name, billing address, shipping address, payment information (e.g., credit card numbers), email address, phone number.

Contact customer support: Any information you choose to share with us, such as your name, email, phone number, and details about your query.

Sign up for our newsletter: Your email address.

Participate in surveys or promotions: Your responses and contact details.

b. Information Collected Automatically (Device Information): When you visit our Site, we automatically collect certain information about your device, including information about your web browser, IP address, time zone, and some of the cookies that are installed on your device. As you browse the Site, we also collect information about the individual web pages or products that you view, what websites or search terms referred you to the Site, and information about how you interact with the Site. We collect this Personal Data using the following technologies:

Cookies: Data files that are placed on your device or computer and often include an anonymous unique identifier. For more information about cookies, and how to disable cookies, visit http://www.allaboutcookies.org.

Log files: Track actions occurring on the Site, and collect data including your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps.

Web beacons, tags, and pixels: Electronic files used to record information about how you browse the Site.

c. Information from Third Parties: We may receive information about you from third parties, such as payment processors (e.g., Shopify Payments, PayPal) who provide us with transaction details, or analytics providers. We only receive information that is necessary for their services and for us to fulfil your order or provide our services.

3. How Do We Use Your Personal Data?

We use the Personal Data we collect for various purposes, primarily to operate our business and provide you with our services:

To fulfil your orders: To process your payment information, arrange for shipping, and provide you with invoices and order confirmations.

To communicate with you: To respond to your enquiries, send you order updates, and provide customer support.

For marketing and promotional purposes: To send you newsletters, special offers, and information about new products or services that may be of interest to you (if you have opted in to receive these communications).

To improve our Site and services: To analyse how customers browse and interact with the Site, allowing us to enhance user experience, optimise our marketing and advertising campaigns, and develop new products.

For security and fraud prevention: To screen orders for potential risk or fraud.

For legal compliance: To comply with applicable laws and regulations, such as tax laws or consumer protection laws.

4. What is Our Lawful Basis for Processing Your Personal Data?

Under UK GDPR, we must have a lawful basis to process your Personal Data. We rely on the following legal bases:

Contractual Necessity: We process your Personal Data to fulfil our contract with you, such as processing your order and delivering your products.

Legal Obligation: We process your Personal Data when necessary to comply with a legal obligation, such as maintaining records for tax purposes.

Legitimate Interests: We process your Personal Data for our legitimate business interests, provided these do not override your rights and freedoms. This includes:

Improving our Site and services.
Preventing fraud and ensuring the security of our Site.
Understanding customer behaviour to optimise our marketing.
Responding to customer service enquiries.

Consent: Where required, we will obtain your explicit consent to process your Personal Data for specific purposes, such as sending you marketing communications. You have the right to withdraw your consent at any time.

5. Who Do We Share Your Personal Data With?

We share your Personal Data with third parties to help us provide our services and fulfil our contracts with you, as described above. These third parties include:

Shopify: Our online store is hosted on Shopify. You can read more about how Shopify uses your Personal Data here: https://www.shopify.com/legal/privacy.

Payment Processors: We share payment information with payment gateways (e.g., Shopify Payments, PayPal) to process your purchases securely. We do not store full credit card details on our servers.

Shipping Carriers: We share your shipping address and contact details with delivery companies (e.g., Royal Mail, DPD) to deliver your orders.

Analytics Providers: We use analytics services (e.g., Google Analytics) to understand how our customers use the Site. You can read more about how Google uses your Personal Data here: https://policies.google.com/privacy. You can also opt-out of Google Analytics here: https://tools.google.com/dlpage/gaoptout.

Marketing Partners: We may share data with marketing platforms to send you relevant advertisements or emails, but only with your consent where required.

Legal & Regulatory Authorities: We may share your Personal Data if required to do so by law, or in response to a valid request from a public authority (e.g., a court order or government agency).

6. International Data Transfers

As we use global service providers like Shopify, your Personal Data may be transferred to, and processed in, countries outside the UK, including the United States. When your Personal Data is transferred outside the UK, we ensure that appropriate safeguards are in place to protect your data, such as relying on adequacy decisions or using standard contractual clauses approved by the UK government.

7. Data Security

We implement appropriate technical and organisational measures to protect your Personal Data from unauthorised access, alteration, disclosure, or destruction. While we strive to protect your Personal Data, no method of transmission over the Internet or electronic storage is 100% secure.

8. How Long Do We Retain Your Personal Data?

We retain your Personal Data only for as long as necessary to fulfil the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. For example, we will retain order information for 7 years for tax and warranty purposes. When we no longer need your data, we will securely delete or anonymise it.

9. Your Data Protection Rights (UK GDPR Rights)

As a UK resident, you have important rights regarding your Personal Data:

The right to be informed: To know how your data is being used.

The right of access: To request a copy of the Personal Data we hold about you.

The right to rectification: To request that we correct any inaccurate or incomplete Personal Data.

The right to erasure ('right to be forgotten'): To request that we delete your Personal Data in certain circumstances.

The right to restrict processing: To request that we limit the way we use your Personal Data in certain circumstances.

The right to data portability: To request that we transfer your Personal Data to another organisation, or to you, in a structured, commonly used, machine-readable format.

The right to object: To object to our processing of your Personal Data in certain circumstances, including for direct marketing.

Rights in relation to automated decision-making and profiling: To not be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.

The right to withdraw consent: Where we rely on your consent to process your Personal Data, you have the right to withdraw that consent at any time.

To exercise any of these rights, please contact us using the details provided below. We will respond to your request within one month.

Complaints: If you are unhappy with how we have used your data, you have the right to make a complaint to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues. You can find their contact details on their website: www.ico.org.uk.

10. Cookies and Similar Technologies

We use cookies and similar tracking technologies to collect information about your browsing behaviour. This helps us to improve your experience on our Site, analyse traffic, and personalise content and ads. You can manage your cookie preferences through your browser settings. 

11. Children's Privacy

Our Site is not intended for individuals under the age of 18. We do not knowingly collect Personal Data from children. If you are a parent or guardian and believe your child has provided us with Personal Data, please contact us, and we will take steps to remove such information from our records.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or for other operational reasons. We will post the updated Privacy Policy on this page and revise the "Last Updated" date at the top. We encourage you to review this policy periodically.

13. Contact Us

For more information about our privacy practices, if you have questions, or if you would like to exercise any of your data protection rights, please contact us by email at: info@blackzebra.co.uk.