Privacy policy

1. INTRODUCTION

Broken Planet Market Ltd ("we", "us", "our") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you visit our website at www.brokenplanet.com (the "Site"), place an order, or otherwise interact with our services.

We are the data controller for the purposes of the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. If you have questions about this policy, please contact us at support@brokenplanet.com.

2. INFORMATION WE COLLECT

2.1 Information You Provide to Us

When you interact with our Site, you may voluntarily provide us with the following personal information:

• Identity data: first name, last name
• Contact data: email address, phone number, delivery address, billing address
• Financial data: payment card details (processed securely via our payment provider; we do not store full card numbers)
• Transaction data: details of products you have purchased from us, order history, and returns
• Account data: username, password, and preferences if you create an account
• Communication data: any correspondence you send to us, including emails to support@brokenplanet.com and any feedback or reviews you submit

2.2 Information We Collect Automatically

When you visit our Site, we automatically collect certain information through cookies and similar tracking technologies, including:

• Device data: IP address, browser type and version, operating system, device type, screen resolution
• Usage data: pages visited, time spent on pages, click patterns, referral URLs, date and time of visits
• Location data: approximate geographic location derived from your IP address

2.3 Information from Third Parties

We may receive information about you from third parties, including our e-commerce platform provider (Shopify), payment processors, delivery partners, and analytics services.

3. HOW WE USE YOUR INFORMATION

We use your personal information for the following purposes and on the following legal bases:

• To fulfil orders and process payments – processing is necessary to perform our contract with you
• To communicate with you about your orders, deliveries, returns, and customer support enquiries – contractual necessity
• To send marketing communications (e.g. new drops, promotions) – based on your consent, which you can withdraw at any time
• To improve our Site and services by analysing usage patterns and preferences – based on our legitimate interest in enhancing the customer experience
• To prevent fraud and protect the security of our Site and business – based on our legitimate interest and legal obligations
• To comply with legal obligations, such as tax and accounting requirements

4. COOKIES AND TRACKING TECHNOLOGIES

Our Site uses cookies and similar technologies to enhance your browsing experience. When you first visit our Site, you will see a cookie banner stating: "Cookies help us deliver the best experience on our website. By using our website, you agree to the use of cookies." You may accept cookies by clicking "Accept & Continue."

4.1 Types of Cookies We Use

• Strictly necessary cookies: These are essential for the Site to function properly, including session management, shopping cart functionality, and secure checkout. They cannot be disabled.
• Performance and analytics cookies: These help us understand how visitors interact with our Site by collecting anonymous usage data (e.g. pages visited, time on site). We use this information to improve our Site.
• Functionality cookies: These remember your preferences (e.g. language, region) to provide a more personalised experience.
• Marketing and advertising cookies: These may be used to deliver relevant advertisements and track the effectiveness of marketing campaigns.

4.2 Managing Cookies

You can manage or delete cookies through your browser settings at any time. Please note that disabling certain cookies may affect the functionality of our Site. For more information about cookies, visit www.allaboutcookies.org.

5. HOW WE SHARE YOUR INFORMATION

We do not sell your personal data. We may share your information with the following categories of recipients:

• Service providers: including Shopify (e-commerce platform), payment processors, shipping and delivery partners, email service providers, and analytics providers – these parties process data on our behalf and under our instructions
• Professional advisors: such as lawyers, accountants, and insurers where necessary
• Law enforcement or regulators: where we are required to do so by law or to protect our rights
• Business transfers: in connection with any merger, sale of company assets, or acquisition

6. INTERNATIONAL DATA TRANSFERS

Some of our service providers (such as Shopify) may process your data outside the United Kingdom. Where personal data is transferred internationally, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the UK Information Commissioner's Office (ICO), or transfers to countries with an adequacy decision.

7. DATA RETENTION

We retain your personal data only for as long as is necessary to fulfil the purposes for which it was collected, including to satisfy legal, accounting, or reporting requirements. Typical retention periods include:

• Order and transaction data: 6 years from the date of purchase (for tax and legal compliance)
• Account data: retained while your account is active; deleted upon request, subject to legal retention obligations
• Marketing data: retained until you unsubscribe or withdraw consent
• Cookie data: varies by cookie type, generally from session duration up to 2 years

8. YOUR RIGHTS

Under the UK GDPR, you have the following rights regarding your personal data:

• Right of access: request a copy of the personal data we hold about you
• Right to rectification: request correction of inaccurate or incomplete data
• Right to erasure: request deletion of your personal data in certain circumstances
• Right to restrict processing: request that we limit how we use your data
• Right to data portability: request a copy of your data in a structured, machine-readable format
• Right to object: object to processing based on legitimate interests or for direct marketing purposes
• Right to withdraw consent: where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing

To exercise any of these rights, please email us at support@brokenplanet.com. We will respond within one month of receiving your request. If you are unsatisfied with how we handle your data, you have the right to lodge a complaint with the UK Information Commissioner's Office (ICO) at www.ico.org.uk.

9. DATA SECURITY

We take appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include encryption of payment data during transfer, secure hosting through Shopify's infrastructure, and restricted access to personal data on a need-to-know basis. However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

10. CHILDREN'S PRIVACY

Our Site and services are not directed at individuals under the age of 16. We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a child, please contact us at support@brokenplanet.com and we will take steps to delete the information promptly.

11. THIRD-PARTY LINKS

Our Site may contain links to third-party websites. We are not responsible for the privacy practices or content of those sites. We encourage you to review the privacy policies of any third-party sites you visit.

12. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated "Last updated" date. We encourage you to review this policy periodically. Your continued use of the Site after changes are posted constitutes acceptance of the updated policy.

13. CONTACT US