Orbit Commerce

Privacy Policy

Last updated: 17 September 2025

1. Introduction

This Privacy Policy explains how Funky Monkey Limited ("we", "us", or "our") collects, uses, and protects your personal information when you use our Orbit Commerce platform and related services (the "Service").

We are committed to protecting your privacy and complying with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and other applicable data protection laws.

By using our Service, you agree to the collection and use of information in accordance with this Privacy Policy.

2. Data Controller

Funky Monkey Limited is the data controller for your personal information. Our contact details are:

Funky Monkey Limited

Email: hello@orbitcommerce.com

Address: 22 Epping Walk, Daventry, NN11 9RN

Company Registration Number: 07259336

3. Information We Collect

3.1 Information You Provide

We collect information you directly provide to us, including:

  • Account registration details (name, email address, password)
  • Business information (company name, address, VAT number)
  • Payment information (processed securely by third-party payment processors)
  • Profile information and preferences
  • Communications with our support team
  • Content you create or upload to your store

3.2 Information We Collect Automatically

When you use our Service, we automatically collect:

  • Usage data (pages visited, features used, time spent)
  • Device information (IP address, browser type, operating system)
  • Log data (access times, error logs, performance metrics)
  • Cookies and similar tracking technologies

3.3 Information from Third Parties

We may receive information from:

  • Payment processors and financial institutions
  • Third-party integrations you connect to your store
  • Analytics and marketing service providers
  • Social media platforms (if you choose to connect them)

4. How We Use Your Information

We use your personal information for the following purposes:

4.1 Service Provision

  • Providing and maintaining the Orbit Commerce platform
  • Processing transactions and managing your account
  • Enabling store functionality and e-commerce features
  • Providing customer support and technical assistance

4.2 Communication

  • Sending service-related notifications and updates
  • Responding to your inquiries and support requests
  • Sending marketing communications (with your consent)
  • Providing product updates and feature announcements

4.3 Improvement and Analytics

  • Analyzing usage patterns to improve our Service
  • Conducting research and development
  • Monitoring and analyzing trends and usage
  • Ensuring security and preventing fraud

4.4 Legal Compliance

  • Complying with legal obligations and regulations
  • Protecting our rights and interests
  • Investigating and preventing illegal activities
  • Responding to legal requests and court orders

5. Legal Basis for Processing

Under UK GDPR, we process your personal information based on:

  • Contract Performance: Processing necessary to provide our Service and fulfill our contractual obligations
  • Legitimate Interests: Processing for our legitimate business interests, such as improving our Service and ensuring security
  • Consent: Where you have given explicit consent for specific processing activities
  • Legal Obligation: Processing required to comply with legal requirements
  • Vital Interests: Processing necessary to protect someone's life or physical safety

6. Information Sharing and Disclosure

We do not sell your personal information. We may share your information in the following circumstances:

6.1 Service Providers

We share information with trusted third-party service providers who help us operate our Service, including hosting providers, payment processors, email services, and analytics providers.

6.2 Business Transfers

If we are involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

6.3 Legal Requirements

We may disclose your information if required by law, regulation, legal process, or government request.

6.4 Protection of Rights

We may share information to protect our rights, property, or safety, or that of our users or others.

7. Data Security

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit and at rest
  • Regular security assessments and updates
  • Access controls and authentication mechanisms
  • Employee training on data protection practices
  • Incident response procedures

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your personal information, we cannot guarantee absolute security.

8. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

Specific retention periods include:

  • Account information: Until account deletion plus 30 days
  • Transaction records: 7 years for tax and accounting purposes
  • Support communications: 3 years from last contact
  • Marketing data: Until consent is withdrawn
  • Log data: 12 months from creation

9. Your Rights Under UK GDPR

You have the following rights regarding your personal information:

9.1 Right of Access

Request copies of your personal information we hold.

9.2 Right to Rectification

Request correction of inaccurate or incomplete information.

9.3 Right to Erasure

Request deletion of your personal information in certain circumstances.

9.4 Right to Restrict Processing

Request limitation of how we process your information.

9.5 Right to Data Portability

Request transfer of your information to another service provider.

9.6 Right to Object

Object to processing based on legitimate interests or for marketing purposes.

9.7 Right to Withdraw Consent

Withdraw consent for processing activities that require your consent.

To exercise these rights, please contact us using the details provided in Section 2. We will respond to your request within one month, unless the request is complex, in which case we may extend this by two months.

10. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience on our Service. These technologies help us:

  • Remember your preferences and settings
  • Analyze how you use our Service
  • Provide personalized content and features
  • Measure the effectiveness of our marketing campaigns

Types of cookies we use:

  • Essential cookies: Necessary for the Service to function properly
  • Performance cookies: Help us understand how visitors interact with our Service
  • Functionality cookies: Remember your choices and preferences
  • Marketing cookies: Used to deliver relevant advertisements

You can control cookies through your browser settings. However, disabling certain cookies may affect the functionality of our Service.

11. International Data Transfers

Your personal information may be transferred to and processed in countries outside the UK. When we transfer your information internationally, we ensure appropriate safeguards are in place, including:

  • Adequacy decisions by the UK government
  • Standard contractual clauses approved by the UK authorities
  • Binding corporate rules
  • Certification schemes and codes of conduct

12. Children's Privacy

Our Service is not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If you become aware that a child has provided us with personal information, please contact us immediately, and we will take steps to remove such information.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of any material changes by:

  • Posting the updated policy on our website
  • Updating the "Last updated" date at the top of this policy
  • Sending you an email notification (for significant changes)
  • Displaying a prominent notice on our Service

Your continued use of our Service after any changes indicates your acceptance of the updated Privacy Policy.

14. Complaints and Supervisory Authority

If you have concerns about how we handle your personal information, please contact us first using the details in Section 2. We will investigate and respond to your complaint promptly.

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK's supervisory authority for data protection matters. You can contact the ICO at ico.org.uk or by calling their helpline at 0303 123 1113.

15. Contact Information

If you have any questions about this Privacy Policy or our data processing practices, please contact us:

Data Protection Officer

Funky Monkey Limited

Email: hello@orbitcommerce.com

Address: 22 Epping Walk, Daventry, NN11 9RN

Company Registration Number: 07259336

This Privacy Policy is effective as of the date last updated above and will remain in effect until modified in accordance with the terms described herein.