Privacy policy

Privacy Policy

Last updated: 29 June 2025

Privacy at a glance

This is a short summary of how NectarMap uses your information. For full details, read the full Privacy Policy further down this page.

Who we are

NectarMap is operated by Cai Niclas Wyn, trading as NectarMap, based in Bangor, Gwynedd, UK.
You can contact us at hello@nectarmap.com or via https://nectarmap.com/contact.

What information we collect

We collect:

  • Details you give us, such as your name, email, address, phone number and login details
  • Order and delivery information when you buy or sell through NectarMap
  • Vendor payout details so we can pay beekeepers and other sellers
  • Basic technical data like IP address, device type and pages you visit, using cookies and similar technologies

How we use your information

We use your information to:

  • Run your account and process orders
  • Take payments from buyers and pay vendors using Stripe, on a regular payout schedule after delivery is confirmed
  • Provide support and communicate about orders and the Service
  • Improve how the website works and protect it from fraud and abuse
  • Send you marketing emails if you’ve agreed to them (you can unsubscribe at any time)

Our main legal reasons for using your data are:

  • To perform a contract with you (for example, when you place an order)
  • Our legitimate interests in running and improving NectarMap
  • Your consent for things like optional marketing and non-essential cookies

Who we share it with

We share information only when needed, for example with:

  • Sellers on NectarMap so they can fulfil your order
  • Stripe for secure payments and vendor payouts
  • Delivery and IT service providers who help us run the site
  • Regulators or law enforcement if we’re legally required

We don’t sell your personal data.

Cookies

We use cookies to:

  • Keep you logged in
  • Remember what’s in your basket
  • Help keep the site secure
  • Understand how the site is used and improve it

Some cookies are essential, others are optional. Where required, we’ll ask for your consent for non-essential cookies and you can change your choices at any time.

How long we keep your information

We keep:

  • Order, payout and accounting records for at least 6 years to meet UK tax and legal requirements
  • Account information while your account is active, and for a period afterwards if needed for questions or disputes
  • Support messages for up to 3 years after they’re resolved
  • Technical logs for up to 24 months

After that, we delete or anonymise your data.

Your rights

You have rights over your personal data, including the right to:

  • Access it
  • Correct it
  • Ask us to delete it in some cases
  • Restrict or object to how we use it
  • Ask for a copy in a portable format
  • Withdraw consent where we rely on consent

To use these rights, email hello@nectarmap.com.

You can also complain to the UK Information Commissioner’s Office (ICO) if you’re unhappy with how we use your information: https://ico.org.uk.

Full Privacy Policy

This Privacy Policy explains how we collect, use and share your personal information when you use NectarMap, and explains your rights under UK data protection law.

By using the Service you agree to the collection and use of information in accordance with this Privacy Policy.

1. Who we are

NectarMap is operated by:
Business / Data Controller
Cai Niclas Wyn, trading as NectarMap
16 Lon Pobty
Bangor
Gwynedd
LL57 1HR
United Kingdom

In this Privacy Policy we call ourselves “NectarMap”, “we”, “us” or “our”.

We operate the website https://nectarmap.com and any related sites or services that link to this Privacy Policy (together the Service).

2. How to contact us

If you have any questions about this Privacy Policy or about how we use your personal data, you can contact us:

You also have the right to complain to the UK data protection regulator, the Information Commissioner’s Office (ICO):

Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Website: https://ico.org.uk

3. What this policy covers

This Privacy Policy applies to:

  • Visitors to our website
  • People who create an account as buyers or sellers
  • People who place orders or list products
  • People who contact us, for example by email or through forms on the website

It explains what personal data we collect, how and why we use it, who we share it with, how long we keep it, and the rights you have.

4. Personal data we collect

We collect information in three main ways.

4.1 Information you give us

When you use the Service you may provide:

  • Contact details such as name, email address and phone number
  • Account details such as username and password
  • Postal address and, where relevant, business address
  • Information needed to fulfil an order, for example delivery address and any delivery notes
  • For vendors, business name, registration details, contact person and payout details
  • Communications such as messages sent through the platform, emails or survey responses
  • Marketing preferences, for example whether you wish to receive newsletters

We do not store your full payment card details on our own servers. Card payments are processed securely by our payment provider. We may receive limited information from them, such as the last four digits of your card and the status of a payment.

4.2 Information we collect automatically

When you visit or use the Service we may automatically collect:

  • IP address
  • Device and browser type
  • Operating system
  • Pages visited and links clicked
  • Time and date of visits
  • Referring site or campaign information
  • Approximate location based on IP address

This information is collected using cookies and similar technologies, explained in section 7.

4.3 Information from third parties

We may receive information about you from:

  • Payment providers, for example confirmation that a payment has been made or failed
  • Delivery and courier services, for example confirmation of delivery
  • Analytics and marketing partners, to help us understand how people use the Service
  • Social login providers, if we offer “Sign in with” options, in which case we may receive basic profile information such as your name and email address

5. How and why we use your personal data

UK data protection law requires us to have a lawful basis for each use of personal data. This section explains our main purposes and the bases we rely on.

5.1 To provide and run the Service

We use your information to:

  • Create and manage your account
  • Allow you to browse products, place orders and manage purchases
  • Allow vendors to create listings, manage stock and fulfil orders

Legal basis: performance of a contract and steps taken at your request before entering into a contract.

5.2 Payments and payouts

We use Stripe to process card payments securely on our behalf. When you pay for an order, your payment details are sent directly to Stripe and are not stored in full on our servers. Stripe uses your information to process the payment, help prevent fraud and meet its own legal obligations.

For marketplace payouts, NectarMap receives the buyer’s payment, deducts our fees, and then pays the relevant vendor, for example the beekeeper, once the order is confirmed as delivered. Payouts are made to vendors on a regular schedule using Stripe, which is currently weekly after delivery is confirmed. We may change the payout schedule in future, for example to fortnightly, and will update our seller information if we do so.

Depending on the activity, Stripe may process your personal data as our data processor and/or as its own data controller. You can read more in Stripe’s privacy policy, which applies in addition to this Privacy Policy: https://stripe.com/gb/privacy.

Legal basis: performance of our contract with you, to take payment, fulfil orders and pay vendors, and our legitimate interests in running a secure marketplace and preventing fraud.

5.3 To communicate with you

We use your contact details to:

  • Send order confirmations, delivery updates and other important service messages
  • Respond to your questions, support requests and complaints

These are service messages that you cannot opt out of, as they are necessary for the operation of your account or an order.

Legal basis: performance of a contract and our legitimate interests in providing good customer service.

5.4 Marketing communications

With your consent, we may send you newsletters or information about products, offers or updates we think you may like.

You can unsubscribe at any time by using the link in our emails or by contacting us.

Legal basis: your consent, or in some cases our legitimate interests in promoting NectarMap, where this is permitted and you have not opted out.

5.5 To personalise and improve the Service

We analyse how people use the Service in order to:

  • Fix problems and keep the Service secure and reliable
  • Understand which features are used most
  • Improve the design, usability and performance of the website
  • Develop new features and services

Where possible we use aggregated or anonymised information that does not identify you.

Legal basis: our legitimate interests in running, improving and developing the Service.

5.6 To keep the Service safe and prevent abuse

We may use personal data to:

  • Detect and prevent fraud or other illegal activity
  • Protect our rights, property and safety, and that of our users
  • Enforce our Terms of Service

Legal basis: our legitimate interests in protecting the Service and complying with legal obligations.

5.7 To comply with the law

We may process and retain some information to:

  • Meet our tax, accounting and record keeping obligations
  • Respond to lawful requests from regulators, law enforcement or courts

Legal basis: compliance with legal obligations.

6. Marketplace relationships and vendor responsibilities

NectarMap is a marketplace that connects buyers with independent sellers.

When you place an order, we share the information that the seller needs to fulfil it, for example:

  • Your name
  • Delivery address
  • Contact email and phone number
  • Order contents and any delivery notes

Vendors use that information as independent data controllers for their own purposes, such as fulfilling your order and keeping their own records. They are responsible for complying with data protection law in their use of that data and may have their own privacy policies.

If you have a question about how a particular vendor handles your data, you should contact them directly as well as contacting us.

7. Cookies and similar technologies

We use cookies and similar technologies on the Service. Cookies are small text files stored on your device.

Some cookies are essential for the website to work, for example to keep you logged in, remember what is in your basket and maintain security as you move between pages. Because we use CS-Cart software, the site uses first party cookies for sessions, basket contents, login and preferences, as well as any additional cookies set by services we choose to enable, for example analytics or embedded maps.

We group cookies into the following types:

  • Strictly necessary cookies
    These are needed for the website to function, for example to log you in, process your basket and maintain security. You cannot switch these off through our cookie tools, although you can block them in your browser settings.
  • Analytics and performance cookies
    These help us understand how the site is used, for example which pages are visited and how people move through the site. We use this information to improve the Service.
  • Functionality cookies
    These remember choices you make, for example language or site preferences.
  • Advertising and social media cookies
    If used, these help us or our partners show you more relevant adverts or measure marketing performance.

Where the law requires it, we ask for your consent before placing non-essential cookies on your device. You will see a cookie banner when you first visit the site. You can change your cookie preferences at any time using the cookie settings on the site or your browser settings.

A more detailed description of the cookies we use may be provided in a separate Cookie Policy.

8. Who we share your personal data with

We share personal data only when necessary for the purposes set out in this Privacy Policy. This may include sharing with:

  • Vendors on NectarMap, to enable them to fulfil your orders and manage disputes
  • Payment service providers such as Stripe, to process payments and prevent fraud
  • Delivery and logistics providers, to deliver orders
  • IT and hosting providers, who help us operate the website and store data
  • Analytics and marketing providers, who help us understand usage and run campaigns
  • Professional advisers, such as accountants or lawyers, where necessary
  • Authorities or law enforcement, where we are required to do so by law or where this is necessary to protect our rights or the rights and safety of others

Where we use external service providers, we only share the information they need to perform their services, and we require them to keep your information secure and to use it only as instructed.

We do not sell your personal data.

9. International transfers

Our own servers are located in the United Kingdom or in other locations in the European Economic Area where possible. Some of our service providers may process data in countries outside the UK and the EEA.

Where we transfer personal data outside the UK or EEA, we take steps to ensure a similar level of protection, for example by:

  • Using countries that the UK government has decided provide an adequate level of protection, or
  • Putting in place standard contractual clauses approved for use in the UK, together with any additional safeguards that are required.

You can contact us for more information about international transfers.

10. How long we keep your personal data

We keep personal data only for as long as we need it for the purposes described in this Privacy Policy, or for as long as we are required to keep it by law.

In practice this means:

  • Orders, payouts and accounting records
    Kept for at least six years from the end of the financial year they relate to, in line with UK tax and accounting rules.
  • Account information
    Kept while your account is active, and for up to six years after your last order where needed to deal with queries, disputes or legal requirements.
  • Support communications
    For example emails and contact form messages, normally kept for up to three years after we resolve your query, unless they need to be kept with order records as above.
  • Marketing information
    For example your newsletter subscription, kept until you unsubscribe, or until we remove you from our list due to long term inactivity.
  • Technical logs and security logs
    Normally kept for up to twenty four months, unless we need to keep them longer to investigate or resolve security issues.

When we no longer need personal data, we will delete it or anonymise it so that it can no longer be linked to you.

11. Your rights

Under UK data protection law you have a number of rights over your personal data. These include the right to:

  • Access the personal data we hold about you
  • Correct inaccurate or incomplete data
  • Request deletion of your data in certain circumstances
  • Restrict our use of your data in certain circumstances
  • Object to our processing of your data, particularly where we rely on legitimate interests or use your data for direct marketing
  • Request data portability in some cases, to receive your data in a structured, commonly used and machine readable format
  • Withdraw consent where we rely on consent for processing

To exercise any of these rights, please contact us at hello@nectarmap.com.

We may need to verify your identity before we act on your request. Some rights may not apply in all situations, for example where we must keep data for legal reasons. If that is the case, we will explain why.

You also have the right to lodge a complaint with the ICO using the contact details given in section 2.

12. Security

We take reasonable technical and organisational measures to protect your personal data from loss, misuse, unauthorised access, alteration or destruction. This includes:

  • Using secure servers and encryption where appropriate
  • Limiting access to personal data to staff and service providers who need it
  • Requiring our service providers to protect your information

However, no internet transmission or storage system can be guaranteed to be completely secure.

13. Children’s privacy

Our Service is not aimed at children under 13 and we do not knowingly collect personal data from children under 13. If you believe a child has provided us with personal data, please contact us and we will delete it.

Where we process data about children in connection with an order or legal requirement, we do so only where necessary and in accordance with applicable law.

14. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. If we make significant changes, we will take reasonable steps to let you know, for example by email or by a notice on the website.

You can always see the latest version at: https://nectarmap.com/privacy-policy.

The “Last updated” date at the top shows when it was last changed.