Privacy Policy

1. Introduction

1.1. This Privacy Policy explains how White Cross Limited, trading as Preorda (“we”, “us”, “our”), collects, uses, stores, and shares your personal data when you use the Preorda platform (“Platform”).

1.2. We are the data controller for the personal data we process through the Platform. Our contact details for data protection matters are: privacy@preorda.com.

1.3. We are committed to protecting your privacy and processing your personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. Data We Collect

2.1. Buyer Account Data

When you create an account or place an order, we collect:

• Email address
• First name and last name
• Password (stored in hashed form; we cannot read your password)
• Google ID or Apple ID (if you sign in via social login)

2.2. Order Data

When you place an order, we collect:

• Delivery address (for physical products): country, address lines, city, postal code
• Phone number (optional, where provided)
• Order details: product, variant, quantity, price, currency
• Payment intent identifier (a reference linking your order to Stripe; we do not receive or store your card number, expiry date, or CVV)

2.3. Seller Data

When you register as a Seller, we additionally collect:

• Shop name, description, and branding (logo, banner)
• Contact email, website, social media links
• Shop country, city, and region
• Stripe Connect account identifier (linking to your Stripe Express account; bank account and identity verification data is provided directly to Stripe, not to us)

2.4. Promoter Data

When you participate in the Bounty programme, we additionally collect:

• Stripe Connect account identifier for payout purposes
• Referral activity data (clicks, attributions, commissions)

Referral attribution is handled server-side using referral identifiers passed in URLs. We do not use third-party advertising cookies, cross-site tracking, or behavioural profiling for referral attribution.

2.5. Guest Subscribers and Waitlist Signups

If you subscribe to a shop’s updates or join a waitlist without creating an account, we collect your email address only.

2.6. Automatically Collected Data

When you use the Platform, we may automatically collect:

• IP address (for rate limiting and abuse prevention)
• Browser type and version (via standard HTTP headers)
• Pages visited, referral sources, and actions taken on the Platform for operational analytics, fraud prevention, and service improvement purposes

We do not use third-party advertising networks or behavioural advertising technologies. Analytics and performance-monitoring technologies may be used as described in this policy and our Cookie Policy.

2.7. Reviews

If you submit a review, we collect the review text, rating, and your display name. Reviews are publicly visible and associated with the product and seller. By submitting a review, you grant us a non-exclusive, royalty-free, perpetual licence to display, reproduce, and use the review on the Platform and in marketing materials. Reviews may remain publicly visible after account deletion and may be used in promotional excerpts.

3. How We Use Your Data

We process your personal data for the following purposes and legal bases:

3.1. To Provide the Platform (Contract Performance)

• Creating and managing your account
• Processing orders and payments (via Stripe)
• Facilitating fulfilment (sharing delivery details with Sellers)
• Sending transactional emails (order confirmation, dispatch notification, digital access delivery, account activation)
• Providing order tracking via token-based tracking links (possession of a tracking link permits access to limited order-status information without authentication)
• Processing refunds and cancellations

3.2. To Operate the Bounty Programme (Contract Performance)

• Tracking referral attributions via server-side referral identifiers
• Calculating and paying commissions
• Resolving commission disputes

3.3. To Communicate With You (Legitimate Interest / Consent)

• Sending seller announcements to followers (you can unsubscribe at any time)
• Sending review request emails following completed orders
• Sending notification emails about campaign updates, status changes, and payout activity (configurable via notification preferences)

Email delivery depends on third-party providers and is not guaranteed. Spam filtering and inbox placement are outside our control. You are responsible for maintaining a valid and accessible email address on your account.

3.4. To Protect the Platform (Legitimate Interest)

• Rate limiting and abuse prevention
• Fraud detection and investigation using automated systems, risk scoring, behavioural analysis, and payment-risk signals
• Enforcing our Terms of Service and Acceptable Use Policy
• Responding to payment disputes and chargebacks (order records, fulfilment records, tracking data, and communication logs may be included in dispute evidence submissions to payment providers)
• Maintaining audit logs of administrative actions
• Cooperating with payment providers, law enforcement, and regulators where reasonably necessary

Automated systems assist with fraud detection and risk assessment. Significant enforcement actions (such as account suspension or termination) are subject to human review where reasonably practicable. You have the right to request human review of any automated decision that significantly affects you.

3.5. To Comply With Legal Obligations (Legal Obligation)

• Retaining transaction records for accounting and tax purposes
• Responding to lawful requests from authorities
• Maintaining records of disputes and chargebacks as required by payment regulations

4. Data Sharing

4.1. With Sellers

When you place an order, the Seller receives your name, email address, delivery address (for physical products), phone number (where provided), order details, and fulfilment status. The Seller is the merchant of record and processes this data as a separate, independent data controller. Once your data is shared with the Seller for fulfilment purposes, the Seller independently determines how that customer data is processed and is responsible for their own compliance with applicable data protection laws. Preorda is not responsible for the Seller’s independent handling of customer data once shared for fulfilment purposes.

4.2. With Payment Processors

We use Stripe to process payments. Your card details are transmitted directly from your device to Stripe and are never received by our servers. Stripe processes your payment data as an independent data controller under its own privacy policy. We share order amounts, currency, and our platform fee with Stripe to facilitate transactions.

For Sellers and Promoters, identity verification and bank account details are provided directly to Stripe during Connect onboarding. We store only the Stripe account identifier.

We may cooperate with Stripe in connection with fraud investigations, chargebacks, sanctions compliance, and abuse pattern detection.

4.3. With Email Service Providers

We use Postmark to send transactional emails. Postmark receives your email address and the content of emails sent to you. Postmark processes this data as a data processor on our behalf. Email content and metadata may be processed in the United States, safeguarded via Standard Contractual Clauses.

4.4. With Authentication Providers

If you sign in via Google or Apple, the authentication provider receives a sign-in request and returns your account identifier and email address. These providers may process data in the United States or other jurisdictions, subject to their own privacy policies and applicable transfer safeguards. We do not share additional data with these providers.

4.5. With Courier Services (Indirectly)

We do not share your data directly with couriers. Sellers independently arrange shipping and provide your delivery details to their chosen courier. When we generate tracking links for your convenience, only the tracking number appears in the URL — no personal data is transmitted to courier websites by us.

4.6. With AfterShip (When Active)

We may use AfterShip to register shipment tracking numbers for automated delivery status updates. When active, AfterShip receives only the courier name and tracking number — no buyer personal data.

4.7. With Analytics and Performance Providers

We may use Google Analytics and Vercel Analytics to understand Platform usage, measure traffic, diagnose performance issues, and improve the Platform. These providers may receive usage data, device and browser information, referral sources, approximate location, and interaction data. We do not use this data for behavioural advertising.

4.8. We Do Not Sell Your Data

We do not sell, rent, or trade your personal data to third parties for marketing or advertising purposes.

5. Data Retention

We retain personal data for as long as reasonably necessary to fulfil the purposes for which it was collected, comply with legal and accounting obligations, resolve disputes, prevent fraud, and enforce our agreements.

5.1. Account Data

Your account data is retained for as long as your account is active. If you delete your account, your account profile data (name, email, password, social login IDs) is anonymised. However, transactional and order records associated with your account are retained separately — this includes reservation-level data such as delivery addresses, order amounts, and fulfilment history, which may be retained for accounting, dispute resolution, fraud prevention, chargeback defence, and tax compliance purposes.

5.2. Order and Transaction Data

Order records, payment records, and fulfilment records are retained for as long as reasonably necessary to comply with legal, accounting, fraud prevention, dispute resolution, audit, and security obligations. This data is necessary for chargeback defence, promoter attribution integrity, tax compliance, and platform accountability.

5.3. Communication Records

Notification event records (recording which emails were sent, when, and to whom) are retained for operational, audit, fraud prevention, deliverability, and dispute-resolution purposes for as long as reasonably necessary.

5.4. Stripe Webhook Logs

Records of payment events received from Stripe are retained for dispute resolution, debugging, and security purposes for as long as reasonably necessary. These contain payment event data (amounts, statuses, identifiers) but not card details.

5.5. Admin Audit Logs

Records of administrative actions (account suspensions, campaign interventions, dispute resolutions) are retained for accountability, legal compliance, anti-fraud, and security investigation purposes for as long as reasonably necessary. These logs may be retained for extended periods given their role in platform integrity and regulatory accountability.

5.6. Reviews

Published reviews are retained for as long as the associated campaign or shop exists and may be retained thereafter for platform integrity purposes. If your account is deleted, your review remains publicly visible but is no longer linked to an identifiable account.

5.7. Inactive Accounts

We may periodically review inactive accounts. We reserve the right to anonymise or delete accounts that have been inactive for an extended period, after providing reasonable notice to the email address on file.

6. Your Rights

Under the UK GDPR, you have the following rights:

6.1. Right of Access

You may request a copy of the personal data we hold about you. Contact privacy@preorda.com.

6.2. Right to Rectification

You may update your account information at any time through your account settings. For corrections to order data, contact privacy@preorda.com.

6.3. Right to Erasure

You may request deletion of your personal data. You can delete your account through your account settings, which anonymises your account profile data. Please note that we may retain certain data where we have a legal obligation or legitimate interest, including reservation-level data (delivery addresses, order details, payment records) associated with completed transactions, which may be retained for accounting, tax compliance, dispute resolution, fraud prevention, and chargeback defence purposes.

6.4. Right to Restrict Processing

You may request that we restrict processing of your data in certain circumstances (for example, while we verify the accuracy of data you have challenged).

6.5. Right to Data Portability

You may request a machine-readable copy of the personal data you have provided to us. Contact privacy@preorda.com. Please note that data portability applies to data you provided directly; it does not extend to data held by third-party services (such as Stripe payment records, courier tracking data, or authentication provider data), which must be requested from those providers separately.

6.6. Right to Object

You may object to processing based on our legitimate interests. We will cease processing unless we can demonstrate compelling legitimate grounds. You may opt out of non-essential communications at any time through your notification preferences.

6.7. Right to Withdraw Consent

Where we process data based on your consent, you may withdraw consent at any time without affecting the lawfulness of prior processing.

6.8. Right Regarding Automated Decisions

Where we use automated systems for fraud detection or risk assessment, you have the right to request human review of any automated decision that significantly affects you. Contact privacy@preorda.com.

6.9. Right to Complain

You have the right to lodge a complaint with the Information Commissioner’s Office (ICO) at ico.org.uk if you believe your data protection rights have been violated.

7. Security

7.1. We implement reasonable technical and organisational measures to protect your personal data, including encrypted connections (HTTPS), hashed passwords (bcrypt), rate limiting on sensitive endpoints, webhook signature verification, and access controls.

7.2. Payment card data is handled entirely by Stripe and never touches our servers. Stripe is PCI DSS Level 1 certified.

7.3. API authentication uses bearer tokens. These tokens do not auto-expire; you should log out of devices you no longer use and contact us if you believe a token has been compromised.

8. International Transfers

8.1. Our servers and primary data processing occur within infrastructure provided by our hosting providers, which may process data in the United Kingdom, European Economic Area, United States, or other jurisdictions depending on service configuration. The following third-party services may process data outside the United Kingdom:

• Stripe (payments, identity verification) — may process data in the United States and other jurisdictions
• Postmark (transactional email) — processes email content and metadata in the United States
• Google and Apple (authentication) — may process sign-in data in the United States and other jurisdictions

8.2. Where data is transferred outside the UK, we rely on appropriate safeguards such as Standard Contractual Clauses, adequacy decisions, or other mechanisms recognised by UK data protection law.

9. Cookies and Local Storage

9.1. For details of the cookies, local storage, and similar technologies used by the Platform, please see our separate Cookie Policy.

9.2. Our Cookie Policy explains the client-side storage mechanisms used by the Platform and will be updated as the Platform evolves.

10. Children

10.1. The Platform is not intended for use by anyone under 18 years of age. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child, we will take steps to delete it.

11. Changes to This Policy

11.1. We may update this Privacy Policy from time to time. We will notify registered users of material changes via email. The latest version will always be available on the Platform.

12. Contact

For privacy and data protection requests: privacy@preorda.com

For general enquiries: support@preorda.com

White Cross Limited
[Registered Address]
Company Number: 01537610