Privacy Policy

Privacy Policy (EU / GDPR)

This Privacy Policy describes how The Fresh Step (“we”, “us”, “our”) collects, uses, and shares your personal information when you visit or make a purchase from (the “Site”).

Who we are (Data Controller)

For the purposes of EU data protection law, The Fresh Step is the data controller of your personal information.

Personal Information We Collect

Device Information
When you visit the Site, we automatically collect certain information about your device, including your web browser, IP address, time zone, and some cookies installed on your device. We also collect information about the pages/products you view, referral sources (websites or search terms), and how you interact with the Site.

We collect Device Information using technologies such as:

• Cookies (you can learn more at http://www.allaboutcookies.org)

• Log files

• Pixels / tags / web beacons

Order Information
When you make (or attempt to make) a purchase, we collect information such as: name, billing/shipping address, payment information, email address, and phone number.

Customer support information
If you contact us, we collect information you provide (e.g., messages, order number, photos you send for support).

“Personal Information” in this policy includes Device Information, Order Information, and Customer Support Information.

Legal Bases (GDPR) — Why we process your data

We process personal information under these legal bases:

• Contract performance (Art. 6(1)(b)) — to process orders, payments, shipping, returns, and customer service.

• Legal obligation (Art. 6(1)(c)) — for accounting/tax records and compliance.

• Legitimate interests (Art. 6(1)(f)) — to prevent fraud, secure the Site, improve performance, and understand how customers use our store (where these interests don’t override your rights).

• Consent (Art. 6(1)(a)) — for non-essential cookies, certain analytics/advertising, and marketing communications where required. You can withdraw consent at any time.

How We Use Your Personal Information

We use Order Information to:

• Fulfill orders (payments, shipping, confirmations, invoices);

• Provide customer support, returns and exchanges;

• Screen orders for fraud/risk;

• Send order-related messages (transactional emails/SMS).

We use Device Information to:

• Operate and secure the Site;

• Understand usage and improve the Site;

• Measure marketing performance (where applicable, and subject to consent settings for cookies/trackers).

Cookies & Similar Technologies (EU)

We use cookies and similar technologies. Non-essential cookies (e.g., some analytics/advertising) are used only where required after your consent via our cookie banner. You can change your preferences at any time via [Cookie Settings link if you have one] or your browser settings.

Sharing Your Personal Information

We share personal information with service providers who help us run the store, for example:

• Shopify (e-commerce platform): https://www.shopify.com/legal/privacy

• Payment providers (to process payments)

• Shipping and logistics providers (to deliver orders)

• Analytics providers such as Google Analytics (if enabled): https://www.google.com/intl/en/policies/privacy/
  Opt out: https://tools.google.com/dlpage/gaoptout

We may also share information to comply with law or protect our rights.

International Data Transfers

Some of our service providers may process data outside the EEA/UK (for example in the United States). Where this occurs, we rely on appropriate safeguards such as Standard Contractual Clauses (SCCs) and/or other lawful transfer mechanisms recognized under GDPR.

Your Rights (EU/EEA/UK)

If you are in the EU/EEA/UK, you have the right to:

• Access your personal data

• Correct inaccurate data

• Delete your data (in certain cases)

• Restrict processing (in certain cases)

• Object to processing based on legitimate interests (including profiling)

• Data portability (receive your data in a usable format)

• Withdraw consent at any time (where processing is based on consent)

• Lodge a complaint with your local data protection authority

Data Retention

We keep Order Information for as long as needed to provide our services and comply with legal obligations (e.g., tax/accounting). We may keep limited data longer for fraud prevention and security. You can request deletion where applicable.

Marketing Preferences

If you opt in to marketing, you can unsubscribe at any time via the link in our emails (or contact us). Transactional emails about your order will still be sent when necessary.

Changes

We may update this policy to reflect operational, legal, or regulatory changes. We will post updates on this page.