Free shipping on orders over £30
Privacy Policy
Welcome to TCG Tavern. We value your privacy and are committed to protecting your personal data. This privacy policy will inform you as to how we look after your personal data when you visit our website and tell you about your privacy rights and how the law protects you.
1. Data Collection
2. How We Use Your Data
We only collect information that is necessary to process your order and communicate with you. This includes:
Name, email address, and delivery address (for order fulfilment)
Payment information (processed securely by Wix Payments or PayPal — we never see or store your full card details)
Order history and any messages you send us
IP address and basic device information collected via our analytics service (see Section 5)
We use your personal information to:
Process and fulfil your orders, including shipping and returns
Send you order confirmations and updates
Respond to your enquiries and provide customer support
Improve our website and understand how visitors use it
Comply with our legal obligations under UK law
We do not collect sensitive personal data such as financial account numbers, government IDs, or health information.
We will only contact you for marketing purposes if you have given us your consent to do so. You can opt out at any time.
3. Legal basis for processing (UK GDPR)
4. Sharing your data
We do not sell your personal data. We may share it with trusted third parties only where necessary:
We process your personal data under the following lawful bases:
Contract performance — processing your order and delivering your items
Legitimate interests — understanding website traffic and improving our service
Legal obligation — retaining transaction records as required by HMRC and UK law
Consent — sending marketing emails where you have opted in
Wix — our website and e-commerce platform (wix.com)
Payment processors — Wix Payments, PayPal, or Stripe for secure transaction handling
Shipping carriers — Royal Mail, Evri, or similar, for delivering your order
eBay — if you purchase through our eBay store, eBay's own privacy policy applies
All third-party providers are required to handle your data in accordance with applicable data protection law.
5. Analytics — TWIPLA
6. How long we keep your data
TWIPLA is a website analytics service that measures traffic on our website and collects general information from our website visitors. We create statistics to improve the experience of our website visitors. We never use cookies for this purpose. As a website operator using TWIPLA to conduct reach measurement, depending on the level of data protection we have activated, we may process information about the device you are using and its characteristics, information about technical characteristics of the website visit, the number of page visits and statistically relevant behavior of our website visitors. The technology does not use the collected data to identify individual visitors or to match the data with additional information about an individual user. Depending on the location from which you access our website, TWIPLA may not collect any information about the device you are using due to our technical settings.
We retain your order and account data for up to 6 years in line with HMRC requirements for financial records. If you ask us to delete your account, we will remove your personal data except where we are legally required to keep it.
Analytics data collected by TWIPLA is aggregated and anonymised, and is not linked to identifiable individuals.
7. Your rights
8. Data security
Under the UK GDPR, you have the right to:
We take reasonable steps to protect your personal data from unauthorised access, loss, or disclosure. Our website is hosted on Wix, which maintains industry-standard security measures including SSL encryption.
Access the personal data we hold about you
Request correction of inaccurate data
Request deletion of your data (the "right to be forgotten")
Object to or restrict how we process your data
Data portability — receive your data in a structured, machine-readable format
Withdraw consent at any time, where processing is based on consent
No method of transmission over the internet is 100% secure. If you have concerns about the security of your data, please contact us.
To exercise any of these rights, please contact us at support@tcgtavern.shop. We will respond within 30 days.
If you are unhappy with how we have handled your data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.
9. Changes to this policy
We may update this privacy policy from time to time. When we do, we will update the date at the top of this page. We encourage you to check back periodically if you want to stay informed about how we handle your data.