Skip to main content

Privacy Policy

This Privacy Policy explains how Fat Fungi ("we", "us", "our") collects, uses, and protects your personal data when you visit fatfungi.com or purchase from us. We are committed to handling your information in accordance with UK GDPR and the Data Protection Act 2018.

1. Who we are

Fat Fungi

Unit 1B Bishopsgate Works, Rolfe St, Smethwick, Birmingham, B66 2AR, United Kingdom

We are the data controller for the personal information collected through this website.

2. What data we collect

We may collect the following personal data from you:

  • Name and billing/delivery address
  • Email address and telephone number
  • Payment information (processed securely via our payment provider — we do not store card details)
  • Order history and preferences
  • IP address and browser type (via cookies and analytics tools)
  • Any messages you send us through our contact form

3. How we use your data

We use your personal data to:

  • Process and fulfil your orders and send you order confirmations
  • Handle returns, refunds, and customer support queries
  • Send you marketing emails if you have opted in (you can unsubscribe at any time)
  • Improve our website and understand how customers use it
  • Comply with our legal obligations

Our legal basis for processing your data is: contract performance (to fulfil your order), legitimate interests (to improve our services), consent (for marketing emails), and legal obligation (for financial record keeping).

4. Sharing your data

We do not sell your personal data. We share it only with:

  • Delivery couriers (e.g. Royal Mail, Evri) to fulfil your order
  • Our payment processor, to handle transactions securely
  • BigCommerce, our e-commerce platform provider
  • HMRC or other authorities if required by law

All third-party providers are required to handle your data securely and only for the purposes we specify.

5. Cookies

Our website uses cookies to provide core functionality, remember your basket, and understand how visitors use the site. By continuing to use our site, you agree to our use of cookies. You can manage cookie preferences in your browser settings.

6. How long we keep your data

We retain order records for 7 years to comply with HMRC requirements. Marketing consent is retained until you withdraw it. If you create an account, your data is retained until you request deletion.

7. Your rights

Under UK GDPR, you have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate data
  • Request deletion of your data ("right to be forgotten")
  • Object to or restrict our processing of your data
  • Withdraw consent for marketing at any time
  • Lodge a complaint with the ICO (ico.org.uk) if you believe we have mishandled your data

To exercise any of these rights, email us. We will respond within 30 days.

8. Data security

We use industry-standard security measures to protect your data, including SSL encryption on all pages. Our e-commerce platform (BigCommerce) is PCI-DSS compliant for payment handling.

9. Changes to this policy

We may update this Privacy Policy from time to time. The date at the top of this page will always reflect the latest version. We will notify you of significant changes by email where possible. This policy was last updated 16 March 2026.

!