PRIVACY POLICY

LAST UPDATED: FEBRUARY 2026

1. INTRODUCTION

Welcome to Lost in Town Brewery Ltd ("we," "our," or "us"). We are committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your information in compliance with UK GDPR and applicable data protection laws.

Company Details:
Lost in Town Brewery Ltd
Company Number: 15162932
Address: 92 York Street, London, W1H 1QX
Email: hello@lostintown.co.uk

2. INFORMATION WE COLLECT

We collect and process the following types of personal data:

2.1 Information You Provide

• Order Information: Name, email address, delivery address, phone number
• Account Information: Email address, password (encrypted)
• Payment Information: Processed securely by Stripe (we do not store full card details)
• Communication: Any correspondence you send us via email or contact forms
• Marketing Preferences: Your consent to receive marketing emails

2.2 Automatically Collected Information

• Browsing Data: IP address, browser type, device information, pages visited
• Cookies: See our Cookie Policy below
• Age Verification: Your confirmation that you are 18+ (stored locally in your browser)

3. HOW WE USE YOUR INFORMATION

We use your personal data for the following purposes:

• Order Fulfillment: Processing and delivering your orders
• Customer Service: Responding to inquiries, handling returns and refunds
• Marketing: Sending promotional emails (only with your consent)
• Site Improvement: Analyzing website usage to improve user experience
• Legal Compliance: Meeting tax, accounting, and legal obligations
• Fraud Prevention: Protecting against fraudulent transactions

4. DATA STORAGE & SECURITY

Your data is stored securely using Firebase/Firestore cloud services. We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction.

All payment information is processed securely through Stripe, which is PCI DSS compliant. We do not store full credit card details on our servers.

5. COOKIES

We use cookies and similar technologies to:

• Essential Cookies: Enable basic site functionality (age verification, shopping cart)
• Analytics Cookies: Track site usage via Google Analytics to improve our service
• Preference Cookies: Remember your settings and preferences

You can control cookies through your browser settings. Note that disabling essential cookies may affect site functionality.

6. THIRD-PARTY SERVICES

We share your data with trusted third-party service providers:

• Stripe: Payment processing
• Mailchimp/Klaviyo: Email marketing (only if you opt in)
• Google Analytics: Website analytics
• Firebase/Firestore: Cloud data storage
• Delivery Partners: UK courier services for order fulfillment

These providers are contractually obligated to protect your data and use it only for the purposes we specify.

7. DATA RETENTION

• Order Data: Retained for 6 years to comply with UK tax and accounting requirements
• Marketing Data: Retained until you unsubscribe or withdraw consent
• Browsing Data: Analytics data anonymized after 26 months
• Inactive Accounts: Deleted after 3 years of inactivity

8. YOUR RIGHTS

Under UK GDPR, you have the following rights:

• Right to Access: Request a copy of the personal data we hold about you
• Right to Rectification: Correct inaccurate or incomplete data
• Right to Erasure: Request deletion of your data (subject to legal obligations)
• Right to Portability: Receive your data in a machine-readable format
• Right to Withdraw Consent: Unsubscribe from marketing at any time
• Right to Object: Object to processing based on legitimate interests
• Right to Restrict Processing: Request limitation on how we use your data

To exercise any of these rights, contact us at hello@lostintown.co.uk. We will respond within 30 days.

9. AGE RESTRICTION

Our products are only available to individuals aged 18 and over. We do not knowingly collect personal data from anyone under 18. If we become aware that we have inadvertently collected data from a minor, we will delete it immediately.

10. INTERNATIONAL TRANSFERS

Your data may be transferred to and stored on servers outside the UK (e.g., Firebase servers). We ensure that any such transfers comply with UK GDPR requirements and that adequate safeguards are in place.

11. CHANGES TO THIS POLICY

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated "Last Updated" date. We encourage you to review this policy periodically.

12. CONTACT US

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:

Email: hello@lostintown.co.uk
Address: Lost in Town Brewery Ltd, 92 York Street, London, W1H 1QX
Website: www.lostintown.co.uk

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) if you believe your data protection rights have been violated: www.ico.org.uk