Privacy Policy – PouchMate

1) Who We Are

Trading name & Legal entity: Pouchmate LTD.

Contact email: info@pouchmate.co.uk

2) What Data We Collect

A) Data You Provide

  • Waitlist / newsletter: name, email, preferences/consents.
  • Contact forms/support: name, email, message content and any attachments you send.
  • Purchases: name, email, phone, billing/shipping address, order details; limted payment info (handled by our payment provider).
  • Account (if enabled): login details and profile settings.
  • Surverys & questionnaires (optional): answers you choose to give about your experience, needs, and opinions. We design most surveys to be anonymous and avoid collecting identifiers, but depending on the tool or if you provide details in free-text answers, some technical data (e.g., IP address) may still be processed.

B) Data Collected Automatically

  • Device and usage data: IP address, country/region, browser type, device identifiers, pages viewed, referring/exit pages, timestamps.
  • Cookies and similar tech: to run the site, remember preferences, measure performance, and (if you consent) for analytics/marketing.

C) Data from Third Parties (Where Lawful)

  • Payment providers (e.g. Stripe/PayPal): confirmation of payment status (no card numbers stored by us).
  • Email services (e.g., MailPoet): subscription status, bounces, engagement.
  • Analytics providers (e.g., Google Analytics): aggregated insights about how the site is used.
  • Survey tools (if used): may capture limited techincal data like IP address – see their privacy policies.

3) Why We Use Your Data (Purposes & Lawful Bases)

PurposeExamples
Lawful basis
Operate our website & servicesLoad pages, secure the site, prevent abuse, respond to messagesLegitimate interests (running a secure, functional site) and, for strictly necessary cookies, PECR exemption.
Waitlist & newslettersSend updates you requested; manage your subscriptionConsent (you can withdraw anytime)
Sales & fulfilmentProcess orders, deliver products, handle returns & warrantiesContract (to perform a contract or pre-contract steps.
PaymentsProcess payments securely via a providerContract + legitimate interests (fraud prevention)
Surveys & questionnairesCollect insights on challenges faced in daily condition management and ideas for new products; analyse responses in aggregate to improve our products and servicesConsent (participation is voluntary) For anonymous surverys with no personal data, GDPR/UK GDPR does not apply
AnalyticsUnderstand and improve site performance.Consent (for non-essential cookies/trackers)
Legal & complianceKeep records, respond to lawful requests, tax & accountingLegal obligation
Security & fraud preventionDetect, investigate, and prevent incidentsLegitimate interests

4) Cookies & Similiar Technologies

We use:

  • Strictly necessary cookies (essential for security, load balancing, forms).
  • Preferences (remember selections).
  • Analytics (e.g., Google Analytics) – only with your consent.
  • Marketing (if ever used) – only with your consent.

You’ll see a cookie banner the first time you visit. You can change or withdraw consent at any time via the banner link in our footer. You can also set your browser to block cookies (site features may break).

5) How We Share Data

We do not sell your personal data. We share it only with:

  • Service providers (processors) under contract who help us run the site and services, such as:
    • Web hosting & infrastructure
    • Email/newsletters
    • Analytics
    • Payments
    • Order fulfilment / couriers
  • Professional advisers (lawyers, accountants) under confidentiality.
  • Authorities when required by law or to defend legal rights.
  • Business transfers (e.g., merger, acquistion) – your data may be part of the transferred assets, subject to this Policy.

6) International Transfers

Some providers may process data outsider your country. Where required, we rely on lawful transfer mechanisms such as:

  • UK/EU adequacy regulations/decisions, and/or
  • Standard Contractual Clauses (SCCs) and UK Addendum.

7) Data retention

We keep personal data only as long as needed fro the purpose collected:

  • Newsletter/waitlist: until you unsubscribe or we prune inactive lists (we may keep minimal suppression records to honour opt-outs).
  • Orders & finace: generally 6-7 years for tax/accounting.
  • Support messages: typically 24 months unless a longer period is needed to resolve issues.
  • Analytics: aggregated or anonymised wherever possible; raw event data kept for typically 14 months

When we no longer need data, we delete or irreversibly anonymise it.

8) Security

We use technical and organisational measures appropriate to the risk, including encryption in transit (HTTPS), server hardening, access controls, role-based permissions, backups, and staff/contractor confidentiality obligations. No system is 100% secure; if we detect a breach affecting your data, we’ll notify you and regulators when legally required.

9) Your Rights

Depending on where you live, you can:

  • Access a copy of your data.
  • Rectify inaccurate or incomplete data.
  • Delete your data (in certain cases).
  • Restrict or object to processing (including to our legitimate interests).
  • Data portability for data you provided to us.
  • Withdraw consent at any time (this won’t affect past processing).
  • Complain to a data protection authority.

How to exercise: email info@pouchmate.co.uk. We may need to verify your identity.

Supervisory Authorities:

  • UK: Information Commissioner’s Office (ICO) – ico.org.uk

10) Children

Do not provide personal data of children without appropirate consent/authority.

Our site may link to third-party websites. Their privacy practices are their own; please review their policies.

12) Changes To This Policy

We may update this Policy to reflect changes in law or our services. We’ll post the new version with a new “Last updated” date. If changes are significant, we’ll give additional notice.

13) Contact Us

Questions or requests about this Policy or your data:

Email: info@pouchmate.co.uk.

14) Additional Information

Amazon

We sell on Amazon and may fulfil orders via Amazon (MCF). Amazon acts as an independent controller for marketplace purchases – see Amazon’s privacy notice.

Comments

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Media

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.