Privacy policy

This Privacy Policy explains how SuuFit (“we”, “us”, “our”) collects, uses, and protects your personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who We Are

SuuFit
Unit 2, Marlands Shopping Centre
Civic Centre Road
Southampton
SO14 7SJ
United Kingdom

Email: order@suufit.com

We are the data controller responsible for your personal data.

2. Lawful Bases for Processing

We process your personal data under the following lawful bases:

  • Contract – to process and fulfil your orders
  • Legal obligation – for tax, accounting, and fraud prevention
  • Legitimate interests – to improve services, secure our website, and prevent fraud
  • Consent – for marketing communications and non-essential cookies

3. What Data We Collect

We may collect the following personal data:

  • Identity data (name)
  • Contact data (billing/delivery address, email, phone number)
  • Transaction data (order history, payment status – excluding full card details)
  • Technical data (IP address, browser type, device information)
  • Usage data (pages visited, time spent, interactions)
  • Marketing preferences

4. How We Use Your Data

We use your data to:

  • Process and deliver orders
  • Manage payments and refunds
  • Provide customer support
  • Improve website performance and user experience
  • Prevent fraud and ensure security
  • Send service updates and marketing (where permitted)

5. Shopify Platform

Our online store is hosted on Shopify Inc., which provides the eCommerce platform that enables us to sell our products and services.

Your data may be stored through Shopify’s secure data storage, databases, and application systems. Shopify processes personal data on our behalf to:

  • Host and operate our online store
  • Manage customer accounts and orders
  • Process transactions securely
  • Provide analytics and reporting tools
  • Support website functionality and security

Shopify may store and process data on servers located outside the UK. Where this occurs, Shopify uses appropriate safeguards such as Standard Contractual Clauses (SCCs) and other legally recognised mechanisms to protect your data.

6. Payments (Stripe, Klarna & Other Providers)

We use secure third-party payment providers:

Stripe

Stripe processes debit and credit card payments securely. We do not store full payment card details.

Stripe may process:

  • Transaction data
  • Device and browser information
  • Fraud prevention data

Klarna

If you choose Klarna, they may:

  • Collect personal and order information
  • Perform identity verification and credit checks
  • Share data with credit reference agencies

Klarna acts as an independent data controller under its own privacy policy.

Other Payment Methods

We may also use PayPal, Apple Pay, or Google Pay. Each provider processes your data under its own privacy policy.

7. Fraud Prevention & Security

We may share data with fraud prevention agencies to:

  • Verify identity
  • Prevent fraudulent transactions
  • Comply with legal obligations

Suspicious activity may be reported to relevant authorities.

8. Analytics & Advertising

We use analytics and marketing tools including:

  • Google Analytics
  • Meta (Facebook) Pixel
  • Google Ads

These tools may collect:

  • IP address
  • Device and browser information
  • Website usage behaviour

Data may be transferred outside the UK with appropriate safeguards such as SCCs.

You can manage tracking preferences via cookie settings.

9. Marketing Communications

We may send marketing communications where legally permitted.

You can opt out at any time by:

  • Clicking “unsubscribe” in emails
  • Contacting us directly

10. Sharing Your Data

We may share your data with:

  • Payment processors (Stripe, Klarna, PayPal)
  • Shopify (our eCommerce platform provider)
  • Delivery and logistics partners
  • IT, security, and hosting providers
  • Analytics and advertising partners

All third parties are required to comply with UK GDPR.

11. International Transfers

Some providers may process data outside the UK.

Where this occurs, we ensure:

  • UK adequacy regulations, or
  • Standard Contractual Clauses (SCCs)

12. Data Retention

We retain data only as long as necessary:

  • Order records: up to 6 years (legal requirement)
  • Customer accounts: until deletion requested
  • Marketing data: until consent is withdrawn

13. Your Rights

Under UK GDPR, you have the right to:

  • Access your data
  • Correct inaccurate data
  • Request deletion
  • Restrict processing
  • Object to processing
  • Data portability
  • Withdraw consent
  • Prevent automated decision-making

Contact: order@suufit.com

14. Cookies

We use cookies to:

  • Operate the website
  • Improve user experience
  • Analyse performance
  • Support marketing and advertising

You can control cookies through your browser or cookie banner.

15. Security

We implement appropriate security measures including:

  • SSL encryption
  • Secure servers via Shopify
  • Access controls

However, no online transmission is completely secure.

16. Complaints

If you are unhappy with how we use your data, please contact us first.

You may also contact the Information Commissioner’s Office (ICO):

https://ico.org.uk/

Tel: 0303 123 1113

17. Policy Updates

We may update this Privacy Policy periodically. Please review it regularly.

18. Contact Us

Email: order@suufit.com

Address: SuuFit, Unit 2, Marlands Shopping Centre, Civic Centre Road, Southampton, SO14 7SJ