Privacy
Privacy policy
This privacy policy explains how Staple & Thread Ltd collects, uses and protects personal information when you visit our website, place an order, or contact our customer service team. We operate from the United Kingdom and take data protection seriously. The policy applies to customers, newsletter subscribers and other visitors to stapleandthread.co.uk. It sets out the types of data we collect, why we collect it, the legal bases for processing, and the rights available to you. We aim for transparency and practical guidance so you can make informed choices about your personal information. If you have questions or need assistance exercising your rights, please contact our data protection point of contact listed at the end of this page.
Information we collect
We collect information you provide directly and data gathered automatically. When you place an order or create an account we collect name, billing and delivery address, email, phone number and payment information used by our payment processors. When you contact support we retain the correspondence to help with enquiries. We also collect technical data such as IP address, browser type and device information to help operate the site and prevent fraud. If you sign up for marketing, we store your consent and email address. We keep product preferences and order history to personalise service and speed up future purchases. We only collect the minimum necessary to deliver our services and to comply with legal obligations, for example for tax and returns processing.
How we use your information
We use personal data to fulfil orders, manage payments, arrange deliveries and handle returns. Personal details allow us to confirm orders, contact you about delivery or resolve order issues. Where you have given consent we may send marketing emails about new collections or promotions and you can unsubscribe at any time. We use aggregated analytics to understand site performance and improve the user experience. We may use data to detect and prevent fraud and to meet legal obligations, such as maintaining records for tax. Processing is based on contract performance, legitimate interests such as fraud prevention and service improvement, and consent for direct marketing. We do not sell personal data to third parties. Where we share information with service providers, we require appropriate contractual safeguards and limit their use to the services they provide for us.
Cookies, tracking and third parties
We use cookies and similar technologies to run the website and provide a better shopping experience. Essential cookies enable checkout and account access. Optional analytics and advertising cookies help us understand site usage and, where you consent, to show relevant promotions. You can accept or reject non-essential cookies via the cookie control on the site. We use trusted third parties for payments and fulfilment. Payment processing is handled by external providers such as Stripe and PayPal. These providers have their own privacy policies and are independent controllers for payment data processed by them. We use analytics providers to measure site performance. Where third parties process data on our behalf we limit their access and require security safeguards. Full details about cookies used on this site are available in the cookie settings panel and can be changed at any time in your browser and via the cookie consent controls on our site.
Data retention and security
We retain personal data only as long as necessary to provide services, comply with legal obligations and resolve disputes. Order information is typically retained for accounting and tax purposes in line with UK requirements. When data is no longer needed we securely delete or anonymise it. We use technical and organisational measures to protect data, including encryption for payment processing and access controls for staff systems. Access to customer data is limited to staff and service providers that need it to perform their responsibilities. We review and maintain security safeguards and require third-party providers to meet industry standard security controls. Despite these measures no online transmission is completely secure, so if you have concerns please contact our data protection contact and we will help to address them promptly.
Your rights
Under UK data protection law you have rights including access to your personal information, correction of inaccuracies, erasure in certain circumstances, restriction of processing, objection to processing based on legitimate interests, and data portability where applicable. You can withdraw consent for marketing at any time without affecting other processing that is lawful. To exercise these rights contact us using the details below. We will verify identity to protect privacy and will respond within statutory timeframes. If you are not satisfied with our response you have the right to lodge a complaint with the Information Commissioner's Office in the United Kingdom. We will cooperate with supervisory authorities and provide information as required by law.
Contact and data controller
Staple & Thread Ltd is the data controller for personal data processed in connection with this website. Registered address: 12 Boundary Street, London E2 7DD, United Kingdom. Phone: +44 20 7946 0958. Email: [email protected]. For privacy enquiries and to exercise your rights contact our privacy team at the email above and include sufficient details to identify your request. We may ask for additional information to help verify your identity. For questions about payment data, the payment provider named at checkout is the controller of payment card information and has its own privacy practices documented at the time of payment.