Privacy Policy

Last Updated: January 2026

1. Introduction

SlopyMints ("we", "us", or "our") respects your privacy and is committed to protecting your personal data. This privacy policy will inform you as to how we look after your personal data when you visit our website (regardless of where you visit it from) and tell you about your privacy rights and how the law protects you.

This policy complies with the General Data Protection Regulation (GDPR) and other applicable privacy laws.

2. Controller

SlopyMints is the controller and responsible for your personal data.

If you have any questions about this privacy policy, please contact us at: support@slopymints.com.

3. The Data We Collect

We may collect, use, store and transfer different kinds of personal data about you which we have grouped together follows:

  • Identity Data: first name, last name, username or similar identifier.
  • Contact Data: billing address, delivery address, email address and telephone number.
  • Financial Data: payment card details (processed securely by our payment providers, we do not store full card details).
  • Transaction Data: details about payments to and from you and other details of products you have purchased from us.
  • Technical Data: internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.
  • Profile Data: your username and password, purchases or orders made by you, your interests, preferences, feedback and survey responses.
  • Usage Data: information about how you use our website, products and services.
  • Marketing and Communications Data: your preferences in receiving marketing from us and our third parties and your communication preferences.

4. How We Use Your Personal Data

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

  • Performance of Contract: To process and deliver your order including: (a) Manage payments, fees and charges; (b) Collect and recover money owed to us.
  • Legitimate Interest: To manage our relationship with you which will include: (a) Notifying you about changes to our terms or privacy policy; (b) Asking you to leave a review or take a survey. To administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data).
  • Consent: Generally we do not rely on consent as a legal basis for processing your personal data other than in relation to sending third party direct marketing communications to you via email or text message. You have the right to withdraw consent to marketing at any time by contacting us.

5. Disclosures of Your Personal Data

We may have to share your personal data with the parties set out below for the purposes set out in paragraph 4 above.

  • Service providers acting as processors who provide IT and system administration services (e.g., Supabase, Vercel).
  • Professional advisers acting as processors or joint controllers including lawyers, bankers, auditors and insurers.
  • Revenue & Customs, regulators and other authorities acting as processors or joint controllers who require reporting of processing activities in certain circumstances.
  • Payment processors (e.g., Stripe) to facilitate payments.
  • Delivery services to fulfill your orders.

6. International Transfers

Some of our external third parties are based outside the European Economic Area (EEA) so their processing of your personal data will involve a transfer of data outside the EEA. Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

  • We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission.
  • Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe.

7. Data Security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know.

8. Data Retention

We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. For tax purposes, the law requires us to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for six years after they cease being customers.

9. Your Legal Rights

Under certain circumstances, you have rights under data protection laws in relation to your personal data, including the right to:

  • Request access to your personal data.
  • Request correction of your personal data.
  • Request erasure of your personal data.
  • Object to processing of your personal data.
  • Request restriction of processing your personal data.
  • Request transfer of your personal data.
  • Right to withdraw consent.

If you wish to exercise any of the rights set out above, please contact us.