GDPR Privacy Requests

Journey Maker — Legal

Your
privacy
matters.

We've kept this policy as simple and straightforward as possible. We only collect what we genuinely need and we never sell your data.

Last updated 11th May 2026
Governed by UK GDPR & Data Protection Act 2018
Contact privacy@journeymaker.com

Contents

Who we are What we collect How we use it Legal basis Who we share with Cookies How long we keep it Your rights Data security Changes to this policy

01

Who we are

Journeymaker is a UK-based travel goods brand and the data controller for the personal information described in this policy. We are subject to the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Our registered address is: 3 Watkins House, Apo Kew Bridge, 705, TW8 0SJ, Brentford, England, United Kingdom.

Questions about this policy? Email us at privacy@journeymaker.com.

02

What information we collect

We only collect information that is genuinely needed to operate our business and serve you well.

  • When you place an order: your name, email address, delivery address, phone number, and payment details (processed securely — we do not store card information ourselves).
  • When you browse our website: basic technical data such as your IP address, browser type, and pages visited, collected via cookies and similar technologies.
  • When you contact us: your name, email address, and the content of your message.
  • When you sign up to our newsletter: your email address and, if you provide it, your name.

03

How we use your information

We use your information only for the following purposes:

  • To process and fulfil your order, including sending you order confirmations and delivery updates.
  • To respond to your enquiries and provide customer support.
  • To send you marketing emails, but only if you have opted in. You can unsubscribe at any time.
  • To improve our website and understand how visitors use it, using anonymised analytics data.
  • To comply with legal obligations, such as tax and accounting requirements.

05

Who we share your data with

We do not sell your personal data. We share it only where necessary with trusted service providers who help us run our business:

  • Payment processors (e.g. Stripe, PayPal) to handle transactions securely.
  • Delivery and fulfilment partners to ship your order.
  • Our website platform and hosting provider (Shopify).
  • Email marketing tools, if you have subscribed to our newsletter.
  • Google LLC, via Google Analytics, to help us analyse website traffic. Data is anonymised before transmission and your full IP address is never stored.
  • Consentmo, our compliance provider, who helps us manage cookie consent and process data rights requests.

All third parties are required to handle your data securely and in accordance with UK data protection law.

06

Cookies

We use cookies to make our website work properly and to understand how it is used. These include essential cookies (required for the site to function) and, with your consent, analytics cookies.

We use Google Analytics, a service provided by Google LLC, to help us understand how visitors use our site. Google Analytics uses cookies to collect anonymised data including pages visited, time on site, and approximate location. We have enabled IP anonymisation so your full IP address is never stored. You can opt out at any time by declining analytics cookies through our cookie consent banner, or by installing the Google Analytics opt-out browser add-on at tools.google.com/dlpage/gaoptout.

You can manage your cookie preferences at any time using the cookie settings on our website, or by adjusting your browser settings.

07

How long we keep your data

  • Order information — kept for 7 years to meet legal accounting obligations.
  • Marketing preferences — until you unsubscribe or ask us to delete your data.
  • Customer enquiries — up to 2 years after the matter is resolved.

08

Your rights

Under UK GDPR, you have the following rights. To exercise any of them, email us at privacy@journeymaker.com — we will respond within 30 days.

Access your data

Request a copy of the personal data we hold about you, including in a portable format (CSV or PDF).

Correct your data

Ask us to correct inaccurate or incomplete personal data, such as a wrong address or misspelled name.

Delete your data

Request deletion of your personal data (the "right to be forgotten"), subject to legal retention requirements.

Restrict or object

Object to or restrict certain processing activities, such as direct marketing or processing based on legitimate interests.

Withdraw consent

Withdraw your consent for marketing or tracking technologies at any time, with immediate effect for future use.

Lodge a complaint

If you're not satisfied, complain to the UK Information Commissioner's Office (ICO) at ico.org.uk.

09

Data security

We take reasonable technical and organisational measures to protect your personal data from unauthorised access, loss, or misuse. Payment transactions are encrypted and handled by our payment processors — we do not store card details ourselves.

10

Changes to this policy

We may update this policy from time to time. When we do, we will update the date at the top of this page. We encourage you to review it periodically.

Continued use of our website after any changes constitutes your acceptance of the updated policy.

Questions about your privacy? Email us at privacy@journeymaker.com and we'll get back to you within 30 days. For data rights requests, you can also use the options managed by our compliance provider on this page.