Cookie Policy
Last Updated: June 2026
Fabspot UK Limited ("Fabspot", "we", "our" or "us") is committed to protecting the privacy, security and integrity of personal information. We process personal data in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, the Privacy and Electronic Communications Regulations (PECR) and other applicable data protection legislation.
This policy outlines how we collect, process, store, protect and manage personal information.
Fabspot is committed to ensuring that all personal information is:
• Processed lawfully, fairly and transparently
• Collected for specified and legitimate purposes
• Adequate, relevant and limited to what is necessary
• Accurate and kept up to date
• Stored securely
• Retained only for as long as necessary
• Protected against unauthorised access, loss or misuse
Depending on your interaction with Fabspot, we may collect:
• Name
• Email address
• Telephone number
• Business information
• Device information
• Browser information
• IP address
• Location information
• Wallet card activity
• Marketing preferences
• Website usage data
• Customer support communications
• Transaction information
We do not knowingly collect special category personal data unless required by law and with an appropriate lawful basis.
Fabspot only processes personal data where a lawful basis exists, including:
• Consent
• Performance of a contract
• Compliance with legal obligations
• Legitimate business interests
• Protection of vital interests
Where consent is relied upon, individuals may withdraw consent at any time.
Where consent has been provided, Fabspot may send:
• Email communications
• Promotional offers
• Wallet notifications
• Push notifications
• Platform updates
• Business promotions
Individuals may opt out of marketing communications at any time.
Unsubscribing from marketing communications will not affect essential service communications where required.
Fabspot takes appropriate technical and organisational measures to safeguard personal information, including:
• SSL encryption
• Secure hosting environments
• Password protected systems
• Restricted staff access
• Access control procedures
• Data minimisation practices
• Secure third-party service providers
• Routine security monitoring
While we take all reasonable precautions, no online system can guarantee complete security.
Fabspot does not store or process full payment card details.
All payment transactions are securely processed through Stripe and other authorised payment providers operating in compliance with PCI DSS security standards.
Payment information is subject to the policies and security measures of the relevant provider.
Fabspot does not sell personal information.
Personal information may only be shared where necessary with trusted third-party providers, including:
• Payment processors
• Hosting providers
• Email service providers
• Analytics providers
• Notification providers
• Professional advisers
• Regulatory authorities where legally required
All service providers are expected to maintain appropriate security and confidentiality standards.
Where personal data is transferred outside the United Kingdom, Fabspot will ensure that appropriate safeguards are implemented, including:
• Adequacy decisions
• Standard Contractual Clauses
• Equivalent legal protections
Personal information is retained only for as long as necessary to:
• Deliver services
• Meet contractual obligations
• Comply with legal requirements
• Resolve disputes
• Protect business interests
When no longer required, information will be securely deleted, anonymised or destroyed.
Under UK GDPR, individuals may have the right to:
• Access their personal information
• Correct inaccurate information
• Request deletion of information
• Restrict processing
• Object to processing
• Withdraw consent
• Request data portability
• Lodge a complaint with the Information Commissioner's Office (ICO)
Requests will be handled in accordance with applicable legal requirements.
Individuals may request a copy of the personal information held about them.
Fabspot will respond to valid requests within the timeframes required by law.
Requests should be submitted to:
Fabspot maintains procedures for identifying, investigating and responding to data security incidents.
Where a personal data breach presents a risk to individuals' rights and freedoms, Fabspot will:
• Investigate the incident
• Take appropriate remedial action
• Notify the ICO where required
• Notify affected individuals where legally required
Fabspot services are not intended for individuals under the age of 18.
We do not knowingly collect personal information from children.
Any such information identified will be deleted as soon as reasonably practicable.
Fabspot does not carry out automated decision-making that produces legal or similarly significant effects on individuals without appropriate safeguards.
Fabspot is committed to maintaining records and procedures demonstrating compliance with UK GDPR and applicable data protection legislation.
We regularly review our practices to ensure personal information remains protected and processed responsibly.
For privacy, data protection or GDPR-related enquiries, please contact:
Fabspot UK Limited
Email: hi@fabspot.co.uk
Website: www.fabspot.co.uk
If you are dissatisfied with how your personal information has been handled, you have the right to lodge a complaint with:
Information Commissioner's Office (ICO)
Website: https://ico.org.uk
Telephone: 0303 123 1113
Fabspot UK Limited is committed to maintaining the highest standards of privacy, transparency and data protection and to complying fully with the requirements of UK GDPR and all applicable data protection legislation.