- PRIVACY POLICY -
This privacy policy explains how Zallin Ltd collects, uses, and protects your personal information when you use our services.
Last updated: January 2026
1. Who We Are
Data Controller: Zallin Ltd
Registered Company Number: 16820816
Registered Office: 27 Parliament Hill, London, NW3 2TA, United Kingdom
ICO Registration: To be registered prior to commencing trade
Email: general@zallin.uk
2. What Information We Collect and Why
2.1 Processing and Delivering Your Orders
To fulfil your orders and provide our services, we collect:
- Name and contact details (email, phone number)
- Delivery address
- Payment information (processed securely through our payment provider)
- Order history and purchase details
- Account information (username, password)
2.2 Customer Service and Support
When you contact us with queries, complaints, or claims, we collect:
- Your correspondence with us
- Previous interaction history
- Relevant account and order information
2.3 Marketing Communications (With Your Consent)
If you opt in to receive marketing from us, we use:
- Name and email address
- Marketing preferences
- Purchase history (to personalise offers)
- Records of your consent
2.4 Website Usage and Improvement
To improve our website and understand how it's used, we collect:
- IP address and general location data
- Browser type and device information
- Pages visited and time spent on our site
- Information collected through cookies (see Section 9)
3. Legal Basis for Processing Your Data
Under UK GDPR, we must have a lawful basis to process your personal data. We rely on the following:
3.1 Contractual Necessity
We process your data to fulfil our contract with you when you make a purchase. This includes:
- Processing and delivering orders
- Managing your account
- Processing payments
- Providing customer support related to your orders
3.2 Legitimate Interests
We have a legitimate interest in:
- Improving our website and services
- Preventing fraud and ensuring security
- Responding to queries and complaints
- Analysing website usage to improve customer experience
3.3 Consent
We rely on your consent for:
- Sending marketing emails and communications
- Non-essential cookies (analytics and marketing cookies)
You can withdraw your consent at any time by clicking the unsubscribe link in our emails or contacting us directly.
3.4 Legal Obligation
We may process your data to comply with legal requirements, such as tax and accounting obligations.
4. Where We Get Your Information From
We collect information:
- Directly from you when you create an account, place orders, or contact us
- Automatically when you use our website (through cookies and analytics)
5. Who We Share Your Information With
We only share your information when necessary to provide our services or comply with the law. We share data with:
5.1 Service Providers (Data Processors)
Shopify Inc
- Purpose: E-commerce platform that hosts our online store, processes orders, manages customer accounts, and handles payment processing
- Location: Canada
- Safeguards: UK Addendum to EU Standard Contractual Clauses
DHL Express
- Purpose: Delivery of orders and tracking updates
- Data shared: Name, delivery address, contact number, order details
5.2 Other Third Parties
- Professional advisors (lawyers, accountants) when necessary for legal or business advice
- Regulatory authorities or law enforcement when required by law
- Other suppliers and service providers as necessary to operate our business
6. International Data Transfers
Some of our service providers are based outside the UK. When we transfer your data internationally, we ensure appropriate safeguards are in place to protect your information, including:
- UK Addendum to EU Standard Contractual Clauses (SCCs)
- Transfers to countries with adequacy decisions from the UK government
You can request a copy of the safeguards we use by contacting us at general@zallin.uk
7. How Long We Keep Your Information
We only keep your personal data for as long as necessary for the purposes we collected it. Our retention periods are:
- Order and transaction data: 7 years from the end of the financial year in which the transaction occurred (for tax and accounting purposes)
- Account data: Retained while your account is active, then deleted 12 months after account closure
- Marketing data: Until you unsubscribe or withdraw consent, then deleted within 12 months
- Website analytics (anonymised): 26 months
- Customer service records: 3 years after the matter is resolved
8. How We Protect Your Information
We take the security of your data seriously and have implemented appropriate technical and organisational measures, including:
- Secure encryption for data transmission (SSL/TLS)
- Access controls to limit who can access your data
- Regular security reviews and updates
- Secure payment processing through PCI DSS compliant providers
9. Cookies and Tracking Technologies
Our website uses cookies and similar technologies. Cookies are small text files stored on your device.
9.1 Essential Cookies
These are necessary for the website to function and cannot be disabled. They enable core functionality such as:
- Security and authentication
- Shopping cart functionality
- Remembering your preferences during your session
9.2 Analytics Cookies (With Your Consent)
We use analytics cookies to understand how visitors use our website. This helps us improve our services. These cookies collect anonymised information including:
- Pages visited and time spent on each page
- How you arrived at our website
- General location data (country/city level only)
9.3 Managing Cookies
When you first visit our website, we will ask for your consent to use non-essential cookies. You can change your cookie preferences at any time through:
- Our cookie banner (which will reappear if you clear your browser cookies)
- Your browser settings - most browsers allow you to block or delete cookies
Please note that blocking essential cookies may affect website functionality.
10. Your Rights
Under UK data protection law, you have the following rights:
- Right of access: Request copies of your personal data and information about how we use it
- Right to rectification: Ask us to correct inaccurate or incomplete data
- Right to erasure: Request deletion of your data in certain circumstances
- Right to restriction: Ask us to limit how we use your data
- Right to object: Object to processing based on legitimate interests
- Right to data portability: Receive your data in a structured format to transfer to another provider
- Right to withdraw consent: Withdraw consent at any time where we rely on consent
To exercise any of these rights, please contact us at general@zallin.uk. We will respond within one month of your request.
Please note that some rights may not apply in all circumstances. For example, we may need to retain certain data for legal or contractual obligations even if you request deletion.
11. Children's Privacy
Our services are not intended for children under 13 years of age. We do not knowingly collect personal data from children under 13. If you believe we have inadvertently collected such data, please contact us immediately so we can delete it.
12. Changes to This Privacy Policy
We may update this privacy policy from time to time to reflect changes in our practices or for legal, operational, or regulatory reasons. We will notify you of any significant changes by posting the new policy on our website and updating the 'Last updated' date at the top of this policy. We encourage you to review this policy periodically.
13. How to Complain