Privacy Policy

Last updated: May 2026. This is a working placeholder — please review with a qualified data protection professional before launch, particularly if you process EU personal data.

1. Who We Are

PackTight ("we", "us", "our") is the data controller for personal data collected through this website. Our contact details are available on our Contact page.

2. Data We Collect

We collect the following categories of personal data:

• Identity data: first name, last name
• Contact data: email address, billing and delivery address, phone number
• Transaction data: purchase history, payment method (we do not store full card details)
• Technical data: IP address, browser type, device identifiers, cookies
• Usage data: pages visited, products viewed, time spent on site
• Marketing data: email subscription preferences

3. Legal Bases for Processing (GDPR / UK GDPR)

We process your data on the following legal bases:

• Contract performance: processing your order, managing returns, customer service
• Legal obligation: accounting records, tax compliance
• Legitimate interests: fraud prevention, site security, internal analytics
• Consent: marketing emails, non-essential cookies (you can withdraw consent at any time)

4. How We Use Your Data

We use your personal data to: process and fulfil your orders; communicate with you about your order; send marketing communications (with your consent); improve our website and products; comply with legal obligations; and prevent fraud.

5. Data Sharing

We share data with trusted third parties only as necessary:

• Shopify Inc.: our e-commerce platform and hosting provider (150 Elgin Street, Ottawa, ON K2P 1L4, Canada)
• Payment processors: Stripe, PayPal, Apple, Google — for payment processing only
• Shipping carriers: to fulfil and track your delivery
• Email marketing: to send transactional and marketing emails

We do not sell your personal data to third parties.

6. International Transfers

Some service providers are located outside the EEA or UK. Where transfers occur, we ensure adequate safeguards are in place (Standard Contractual Clauses or equivalent).

7. Data Retention

We retain your data for as long as necessary to fulfil the purposes for which it was collected. Order data is retained for 7 years for accounting and legal compliance. Marketing data is retained until you unsubscribe or withdraw consent.

8. Your Rights

Under GDPR and UK GDPR, you have the right to: access your data; correct inaccurate data; request erasure; restrict or object to processing; data portability; and withdraw consent at any time. To exercise your rights, contact us at the address on our Contact page. You also have the right to lodge a complaint with your national supervisory authority (e.g. ICO in the UK, CNIL in France).

9. Cookies

We use cookies to improve your browsing experience and for analytics. Please see our Cookie Policy for details. You can manage your cookie preferences at any time.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting a notice on our website.

11. Contact

For privacy-related enquiries, please contact us via our Contact page.