Privacy Policy

Introduction

Welcome to CapMixy. Your privacy matters to us, and we're committed to protecting your personal information. This Privacy Policy explains clearly and openly how we collect, use, store, and protect your data when you visit our website, make a purchase, or interact with us in any way.

This policy applies to all visitors, customers, and users of playmixy.com. By using our website, you agree to the practices outlined in this document. If you don't agree with how we handle data, please don't use our site or services.

We comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. If you have questions or concerns about how we handle your data, you can contact us anytime at info@playmixy.com.

Who We Are

CapMixy Ltd. is a UK-registered company that designs and sells high-quality, durable caps. We're based in London and operate primarily through our website, playmixy.com. As the data controller, we're responsible for deciding how your personal data is collected and used.

Our mission is simple: make great caps at fair prices. That includes being transparent and responsible with your data. We don't sell your information to third parties, and we only collect what we actually need to run our business and serve you better.

Information We Collect

We collect two main types of information: personal data (information that identifies you) and non-personal data (anonymous information about how you use our site). Here's what we collect and how:

Personal Data

When you place an order, create an account, or contact us, we collect:

• Name: So we know who to send your order to and how to address you.
• Email Address: To send order confirmations, shipping updates, and respond to your questions.
• Shipping Address: So your cap actually gets to you.
• Billing Address: Required for payment processing and fraud prevention.
• Payment Information: We don't store your full card details. Payment processors like Stripe or PayPal handle this securely on their end. We only see a transaction confirmation.
• Order History: What you've bought, when, and how much you paid. This helps us provide better support and understand what products people like.
• Communication Records: Emails, messages, or feedback you send us. We keep these to provide support and improve our service.

Non-Personal Data

We also collect anonymous information about how people use our site:

• Device and Browser Information: Type of device (mobile, desktop), browser (Chrome, Safari, etc.), and operating system. Helps us make sure the site works properly for everyone.
• IP Address: Your internet connection's address. Used for security, fraud prevention, and understanding where our visitors are generally located (not tracking specific individuals).
• Website Usage Data: Pages you visit, how long you stay, what you click on. Collected through cookies and analytics tools like Google Analytics. This helps us improve navigation and content.
• Cookies: Small files stored on your device. See our Cookie Policy for full details.

How We Collect This Information

Data collection happens in several ways:

• Directly from you: When you fill out forms, place orders, create an account, sign up for newsletters, or contact us.
• Automatically: Through cookies, analytics tools, and server logs as you browse the site.
• From third parties: Payment processors and delivery services share minimal information needed to complete transactions and shipments.

How We Use Your Information

We only use your data for legitimate business purposes and to provide you with a good shopping experience. Here's exactly what we do with your information:

• Processing Orders: We use your name, address, and contact details to process, pack, and ship your order. Without this info, we can't get your cap to you.
• Customer Support: When you contact us with questions or issues, we use your information to respond and help solve problems.
• Payment Processing: Your payment details are sent securely to payment processors (Stripe, PayPal, etc.) to complete transactions. We never see or store full card numbers.
• Order Updates: We send emails with order confirmations, shipping notifications, and delivery updates so you know where your cap is.
• Improving Our Service: We analyze website usage data (anonymously) to understand what works, what doesn't, and how we can make the site better.
• Marketing Communications: If you opt in, we'll send occasional emails about new products, sales, or updates. You can unsubscribe anytime by clicking the link in any email.
• Fraud Prevention: We monitor for suspicious activity and use data to protect against fraud, chargebacks, and unauthorized transactions.
• Legal Compliance: Sometimes we're required by law to keep certain records (like transaction data for tax purposes). We only keep what's legally necessary.

Legal Basis for Processing Your Data

Under UK GDPR, we need a lawful reason to process your personal data. Here's the legal basis we rely on:

• Performance of a Contract: When you place an order, we process your data to fulfill that contract - delivering your cap, providing customer service, etc.
• Your Consent: For things like marketing emails or certain cookies, we ask for your explicit permission. You can withdraw consent anytime.
• Legitimate Interests: We have legitimate reasons to process data for fraud prevention, improving our website, and running our business efficiently - as long as it doesn't override your rights.
• Legal Obligations: Some data processing is required by law, like keeping transaction records for tax authorities or responding to valid legal requests.

Cookies and Tracking Technologies

We use cookies - small text files stored on your device - to make our website work properly and understand how people use it. Cookies help us remember your preferences, keep items in your cart, and analyze site traffic.

We use several types of cookies:

• Essential Cookies: Required for the site to function. Can't be disabled without breaking basic features like checkout.
• Functional Cookies: Remember your preferences (language, region, etc.) to improve your experience.
• Analytics Cookies: Help us understand how visitors use the site so we can make improvements.
• Marketing Cookies: Used to show relevant ads and track campaign effectiveness. These require your consent.

You can manage cookies in your browser settings or through our cookie consent banner when you first visit the site. Disabling certain cookies may affect how the site works. For complete details, see our Cookie Policy.

Analytics and Third-Party Services

We use third-party tools to help run our business. These services have their own privacy policies and data protection practices:

• Google Analytics: Tracks anonymous website usage data to help us understand traffic patterns and improve navigation.
• Payment Processors (Stripe, PayPal): Handle payments securely. They're PCI-DSS compliant and maintain their own strict security standards.
• Email Service Providers: Send transactional emails (order confirmations, shipping updates) and marketing emails (if you opt in).
• Shipping Carriers (Royal Mail, DPD, etc.): Receive your name and address to deliver packages.
• Hosting Providers: Store website data and customer information on secure servers.

These partners are contractually required to protect your data and only use it for the specific purposes we've agreed on. We choose partners carefully and only work with those who meet high security and privacy standards.

How We Store and Protect Your Data

We take data security seriously and use industry-standard measures to protect your information:

• Encryption: All data transmitted between your browser and our servers is encrypted using HTTPS/SSL technology.
• Secure Servers: Your data is stored on secure servers with firewalls, intrusion detection, and regular security audits.
• Access Controls: Only authorized team members can access customer data, and only when necessary for their job.
• Payment Security: We never store full credit card details. Payment processors handle this using PCI-DSS compliant systems.
• Regular Backups: Data is backed up regularly to prevent loss.
• Staff Training: Our team is trained on data protection principles and follows strict internal policies.

Data Retention: We keep your personal data only as long as necessary. Order information is typically retained for 7 years to meet tax and accounting requirements. Marketing data is kept until you unsubscribe or request deletion. If you haven't interacted with us for a long time, we may delete or anonymize your data.

While we take all reasonable precautions, no system is completely secure. If we ever experience a data breach that affects your information, we'll notify you and the relevant authorities as required by law.

Sharing Information with Third Parties

We don't sell, rent, or trade your personal information. Ever. We only share data with third parties when it's necessary to provide our service or required by law:

• Service Providers: Companies that help us run our business (payment processors, shipping companies, email providers, hosting services). They're bound by contracts to protect your data and only use it for specified purposes.
• Legal Requirements: If required by law, court order, or government authority, we may disclose information. We'll only share what's legally required.
• Business Transfers: If CapMixy is sold or merged with another company, customer data may be transferred as part of that transaction. The new owner would be bound by this privacy policy.
• Fraud Prevention: We may share information with fraud detection services or law enforcement if we suspect illegal activity.

All third parties we work with are carefully selected and required to maintain appropriate data protection standards. We ensure they comply with UK GDPR and handle your data responsibly.

International Data Transfers

We're based in the UK, but some of our service providers operate in other countries. This means your data may occasionally be transferred outside the UK or European Economic Area (EEA). When this happens, we ensure appropriate safeguards are in place:

• Adequacy Decisions: We may transfer data to countries that the UK government has deemed to have adequate data protection laws.
• Standard Contractual Clauses: For transfers to other countries, we use standard contractual clauses approved by the UK Information Commissioner's Office (ICO).
• Binding Corporate Rules: Some larger service providers have approved binding corporate rules that ensure consistent data protection globally.

If you have questions about where your data is stored or how international transfers are protected, contact us at info@playmixy.com.

Your Rights Under UK GDPR

You have significant rights over your personal data. Here's what you can do and how to do it:

To exercise any of these rights, email us at info@playmixy.com with details of your request. We'll respond within one month. For complex requests, we may need an additional two months - we'll let you know if that's the case.

Children's Privacy

Our website and products are not intended for children under 16 years of age. We do not knowingly collect, store, or process personal information from anyone under 16. If you're under 16, please don't use our site or provide us with any personal information.

If you're a parent or guardian and believe your child has provided us with personal information, please contact us immediately at info@playmixy.com. We'll delete that information from our systems as quickly as possible.

UK GDPR requires us to ensure we have appropriate consent mechanisms for children. Since our products are designed for adults, we don't have child-specific consent processes in place.

Links to Other Websites

Our website may contain links to external sites - social media platforms, partner stores, blog references, or recommended products. Once you click a link and leave playmixy.com, this Privacy Policy no longer applies.

We don't control external websites and aren't responsible for their privacy practices or content. Each site has its own privacy policy, which you should read before providing any personal information.

We try to link only to reputable sites, but we can't guarantee their practices or take responsibility for how they handle your data.

Updates to This Policy

We may update this Privacy Policy occasionally to reflect changes in our practices, technology, legal requirements, or business operations. When we make changes, we'll update the "Last updated" date at the top of this page.

For minor changes (like clarifying existing practices or fixing typos), we'll simply post the updated policy. For significant changes that affect how we use your data, we'll notify you by email (if we have your address) or through a prominent notice on our website.

We encourage you to review this policy periodically to stay informed about how we protect your data. Continued use of our website after changes are posted means you accept the updated policy.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or how we handle your personal data, we're here to help. You can reach us at:

We aim to respond to all privacy inquiries within 5 working days. For formal Subject Access Requests or other rights under UK GDPR, we'll respond within one month as required by law.