Privacy policy

PEPPERFIT PRIVACY POLICY

Last updated: 27 June 2026

Pepperfit is a brand of The Basilverse Limited.

This Privacy Policy explains how we collect, use, store and share personal information when you visit pepperfit.com, purchase from us, contact us, subscribe to our marketing, submit a review or otherwise interact with Pepperfit.

For data protection purposes, The Basilverse Limited is the data controller responsible for your personal information.

  1. CONTACT DETAILS

The Basilverse Limited
Trading as Pepperfit
11 Parkfield Drive
Northolt
Middlesex
UB5 5NR
United Kingdom

Email: info@pepperfit.com

You can contact us using the email address above if you have questions about this policy or how we use your personal information.

  1. PERSONAL INFORMATION WE COLLECT

Depending on how you interact with us, we may collect:

• your name
• billing and delivery addresses
• email address
• telephone number
• order and transaction information
• products purchased or returned
• communications you send to us
• customer-service and complaint records
• marketing preferences
• information submitted through website forms
• reviews, ratings and related content you choose to submit
• technical information such as your IP address, browser, device and website activity
• cookie and analytics information, where you have permitted this
• fraud-prevention and security information

We do not normally receive or store your complete payment-card details. Payments are processed by Shopify and the payment provider selected during checkout.

  1. HOW WE COLLECT YOUR INFORMATION

We collect information:

• directly from you when you place an order, contact us, subscribe, submit a review or complete a form
• automatically when you browse our website, through essential technologies and any optional cookies you accept
• from Shopify and other service providers that help us operate the shop
• from payment, delivery and fraud-prevention providers where necessary to complete or protect a transaction
• from review, email and marketing providers used by Pepperfit
• from social-media platforms or advertising services where you interact with our content or advertising

  1. HOW AND WHY WE USE YOUR INFORMATION

PROCESSING ORDERS

We use your information to:

• accept and process orders
• take payment
• arrange delivery
• provide order confirmations and updates
• manage cancellations, returns and refunds
• respond to questions about your purchase

Our lawful basis is that this processing is necessary to perform our contract with you or to take steps at your request before entering into a contract.

CUSTOMER SERVICE

We use your information to respond to enquiries, investigate problems and provide customer support.

Depending on the circumstances, our lawful basis is performance of our contract with you or our legitimate interest in providing effective customer service.

LEGAL AND REGULATORY RESPONSIBILITIES

We may process and retain information to:

• maintain tax and accounting records
• comply with consumer-protection requirements
• meet product-safety and regulatory responsibilities
• respond to lawful requests from public authorities
• establish, exercise or defend legal claims

Our lawful basis is compliance with a legal obligation or our legitimate interests in protecting the business and its legal rights.

PREVENTING FRAUD AND PROTECTING THE WEBSITE

We may use information to detect suspicious activity, prevent fraud, protect accounts and transactions and maintain the security of our website and systems.

Our lawful basis is our legitimate interest in protecting customers, Pepperfit and our service providers.

IMPROVING OUR PRODUCTS AND WEBSITE

We may analyse general purchasing patterns, website performance, customer feedback and review activity to understand how our products and website are used.

Our lawful basis is our legitimate interest in improving our products, services and customer experience. Where non-essential cookies or similar technologies are involved, we will request consent where required.

EMAIL MARKETING

Where you have subscribed or where another lawful basis permits it, we may use Shopify Email to send information about Pepperfit products, articles, launches and offers.

You can unsubscribe at any time by using the unsubscribe link included in an email or by contacting info@pepperfit.com.

Withdrawing from marketing will not affect service messages relating to an order, delivery, return or enquiry.

CUSTOMER REVIEWS

We currently use Yotpo to support customer reviews.

Where appropriate, your order and contact details may be used to invite you to review a product you have purchased.

If you submit a review, the information you provide may include your name or chosen display name, rating, written comments, images and information about the product reviewed.

Published reviews may be visible publicly on our website.

You should not include private, sensitive or confidential information in a public review.

We may moderate reviews where necessary to remove unlawful, abusive, irrelevant or personally sensitive content, but we will not alter the substance of a genuine customer opinion.

Our lawful basis for sending a service-related review invitation is our legitimate interest in gathering customer feedback and improving our products. Where consent is required for a particular communication, we will rely on consent.

If we replace Yotpo with another review provider, we may update this policy to reflect the change.

  1. COOKIES AND SIMILAR TECHNOLOGIES

Our website uses essential technologies required for functions such as navigation, security, basket management and checkout.

We may also use optional analytics, preference, review or marketing technologies. Where consent is required, these will not be used until you make a choice through the website’s cookie controls.

You can change your choices through the Cookie Settings link where available.

More information will be provided in our Cookie Policy.

  1. WHO WE SHARE INFORMATION WITH

We only share personal information where necessary to operate the business, provide your order, meet legal responsibilities or protect our legitimate interests.

Recipients may include:

• Shopify, which provides our ecommerce platform, product catalogue, basket, checkout and Shopify Email
• Lovable, which provides the customer-facing website
• Yotpo, which currently provides customer-review services
• payment providers available through Shopify checkout
• Royal Mail and other postal or courier services
• email, communication and customer-service providers
• website hosting, analytics and security providers
• marketing and advertising providers where these services are enabled
• accountants, professional advisers and insurers
• fraud-prevention and payment-security services
• regulators, courts, law-enforcement bodies or public authorities where legally required
• a purchaser or successor if the business or its assets are sold or reorganised

These organisations may act as processors working on our behalf or as independent data controllers responsible for their own processing.

  1. INTERNATIONAL TRANSFERS

Some service providers may process personal information outside the United Kingdom.

Where personal information is transferred internationally, we require an appropriate legal safeguard where applicable. This may include an adequacy regulation, approved contractual protections or another lawful transfer mechanism.

  1. HOW LONG WE KEEP INFORMATION

We keep personal information only for as long as reasonably necessary for the purpose for which it was collected, including legal, tax, accounting, product-safety and dispute-resolution requirements.

Normally:

• order, payment and accounting records are retained for up to six years after the relevant transaction or accounting period
• customer-service communications are retained for as long as reasonably necessary to resolve the matter and manage any related claim
• marketing information is retained until you unsubscribe or it is no longer required
• submitted reviews may remain published while they remain relevant, unless removal is requested and no overriding reason requires retention
• cookie information is retained for the period stated through the relevant cookie controls
• information needed for legal claims, fraud prevention or regulatory compliance may be retained for longer where necessary

When information is no longer needed, it will be deleted, anonymised or securely disposed of.

  1. YOUR DATA-PROTECTION RIGHTS

Depending on the circumstances, you may have the right to:

• ask for access to the personal information we hold about you
• ask us to correct inaccurate or incomplete information
• ask us to delete your information
• ask us to restrict how your information is used
• object to processing based on legitimate interests
• object to direct marketing
• receive certain information in a portable format
• withdraw consent where processing is based on consent
• complain to the Information Commissioner’s Office

These rights are not absolute and may depend on the reason we process the information.

We will not normally charge a fee for a data-protection request. We may ask for information to confirm your identity before responding.

To exercise your rights, email info@pepperfit.com.

  1. COMPLAINTS

Please contact us first if you have concerns about how we use your information so that we can try to resolve the matter.

You also have the right to complain to the UK data-protection regulator:

Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

Telephone: 0303 123 1113

  1. CHILDREN’S INFORMATION

Our website is intended for adults purchasing Pepperfit products.

We do not knowingly collect personal information directly from children. Where products are purchased for a child or young person, the order should be placed by an adult.

  1. LINKS TO OTHER WEBSITES

Our website may contain links to websites operated by other organisations. Those organisations are responsible for their own privacy practices and policies.

We encourage you to review their privacy information before submitting personal information to them.

  1. SECURITY

We use reasonable organisational and technical measures intended to protect personal information against unauthorised access, loss, misuse, alteration or disclosure.

No internet transmission or electronic storage system can be guaranteed to be completely secure.

  1. CHANGES TO THIS POLICY

We may update this Privacy Policy where our services, suppliers or legal responsibilities change.

The latest version will be published on this page with its updated date.