Privacy & Cookies Policy

1. Introduction

Poptastica Limited (“Poptastica”, “we”, “us”, “our”) is committed to protecting and respecting your privacy.

This Privacy & Cookies Policy explains how we collect, use, store, and protect your personal data when you visit www.poptastica.com (the “Website”) or purchase products from us.

We process personal data in accordance with:

  • The UK General Data Protection Regulation (UK GDPR)

  • The Data Protection Act 2018

  • The Privacy and Electronic Communications Regulations (PECR)

We may update this policy from time to time. The latest version will always be available on our Website.

 

 

2. The Information We Collect

We may collect and process the following categories of personal data:

Information you provide directly

  • Full name

  • Billing and delivery address

  • Email address

  • Telephone number

  • Date of birth (where provided)

  • Payment details (processed securely via payment providers)

  • Account login details

  • Communications when you contact us

Information collected automatically

  • IP address

  • Device type and operating system

  • Browser type

  • Location data (based on IP address)

  • Website usage data

  • Purchase history

  • Marketing preferences

  • Responses to promotions

We also collect website usage information through cookies and similar technologies.

 

 

3. How We Use Your Information

We use your personal data to:

  • Process and fulfil your orders

  • Arrange delivery

  • Prevent fraud and conduct security checks

  • Manage your account

  • Provide customer service

  • Send service-related communications

  • Improve our Website and services

  • Comply with legal obligations

Where you have opted in, we may also use your data to:

  • Send marketing communications

  • Inform you about new products and promotions

  • Personalise your shopping experience

 

 

4. Lawful Bases for Processing

Under UK GDPR, we rely on the following lawful bases:

  • Contract – to fulfil orders and manage transactions

  • Legal obligation – to comply with tax and regulatory requirements

  • Legitimate interests – to improve services, prevent fraud, and operate our business

  • Consent – for marketing communications and certain cookies

You may withdraw consent at any time.

 

 

5. Marketing Communications

If you opt in to receive marketing communications, we may send you emails or SMS messages about products, offers, and updates.

You may unsubscribe at any time by:

  • Clicking the “unsubscribe” link in marketing emails

  • Replying STOP to SMS messages

  • Contacting us at contact@poptastica.com

Please allow up to 3 working days for your preferences to update.

 

 

6. Remarketing & Targeted Advertising

We may use cookies, pixels, and similar technologies to show relevant adverts on third-party websites and social media platforms.

These adverts may be based on:

  • Products you have viewed

  • Previous purchases

  • Website browsing activity

You can manage advertising preferences through your browser settings or social media account settings.

 

 

7. Hosting & Payment Processing

Our online store is hosted by Shopify Inc..

Your data is stored through Shopify’s secure data storage systems and protected by industry-standard safeguards.

Payments

If you choose a direct payment gateway, your card data is encrypted in accordance with the Payment Card Industry Data Security Standard (PCI-DSS).

We may also use third-party payment providers such as:

  • PayPal

  • Klarna

These providers process payment information in accordance with their own privacy policies.

We do not store full credit or debit card details on our systems.

 

 

8. Third-Party Service Providers

We may share personal data with trusted third parties where necessary to provide our services, including:

  • Payment processors

  • Courier and delivery services (e.g. Royal Mail and Evri)

  • Website analytics providers (e.g. Google Analytics)

  • Marketing and social media platforms

Third-party providers only receive the data necessary to perform their services and are required to protect it.

Where data is transferred outside the UK, we ensure appropriate safeguards are in place.

 

 

9. Email Tracking & Profiling

We may use tracking pixels within marketing emails to understand:

  • Whether emails are opened

  • Links clicked

  • Device type used

  • Approximate location (based on IP address)

This allows us to tailor communications and improve customer experience.

You can opt out by unsubscribing from marketing communications.

 

 

10. Social Media

If you interact with us on social media platforms, we may collect publicly available information relating to that interaction.

If you tag us in content, you grant us permission to repost that content unless you request otherwise.

 

 

11. SMS Communications

If you opt in to SMS marketing, we may send order updates or promotional messages.

Cart reminder messages may be triggered using cookie-based tracking of abandoned baskets.

SMS opt-in data and consent are not shared with third parties for their marketing purposes.

 

 

12. Data Retention

We retain personal data only for as long as necessary to:

  • Fulfil contractual obligations

  • Comply with legal requirements

  • Resolve disputes

  • Enforce agreements

You may request deletion of your data at any time, subject to legal retention requirements.

 

 

13. Data Security

We implement appropriate technical and organisational measures to protect your personal data, including:

  • SSL encryption

  • Secure servers

  • Access controls

  • PCI-DSS compliance for payments

While no online system is completely secure, we follow industry best practices.

 

 

14. Cookies

Cookies are small text files stored on your device to improve website functionality.

We use:

  • Strictly necessary cookies

  • Analytics cookies

  • Personalisation cookies

  • Marketing and targeting cookies

You can manage cookie preferences through our cookie banner or browser settings.

For detailed information, please refer to our Cookie Policy section below.

 

 

15. Your Rights

Under UK GDPR, you have the right to:

  • Access your personal data

  • Rectify inaccurate data

  • Request erasure (“right to be forgotten”)

  • Restrict processing

  • Object to processing

  • Data portability

  • Withdraw consent

To exercise your rights, contact us at contact@poptastica.com.

You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO).

 

 

16. Children

We do not knowingly collect personal data from individuals under 18.

 

17. Children

We may update this Privacy Policy from time to time. Any changes will be posted on this page.

If Poptastica Limited is acquired or merged, your information may be transferred to the new owner in accordance with applicable data protection laws.

 

18. Contact Us

For questions about this Privacy & Cookies Policy or to exercise your data rights, please contact:

Privacy Compliance Officer
Poptastica Limited
Email: contact@poptastica.com