Who we are
Mighties is a trading name of Horner Tech Ltd, a company registered in England and Wales (Company No. 13876374). We operate the store at mighties.co.uk ("the Store"). When we say "we", "us" or "our", we mean Horner Tech Ltd.
For UK GDPR purposes, we are the data controller of the personal data described in this policy.
You can reach us at any time at support@mighties.co.uk.
What data we collect
We only collect what we need to run the store. Specifically:
- Order data — name, billing & delivery address, email, phone number, and the items you bought.
- Payment data — handled directly by Shopify Payments and partner card networks. We never see or store your full card number.
- Account data — if you create a customer account, the email and password (hashed) you register with, plus your order history.
- Marketing data — your email address if you opt in to our newsletter, and basic engagement signals (opens, clicks) so we can tell what's useful.
- Technical data — IP address, browser, device type, and pages viewed. Collected via cookies and similar technologies (see "Cookies and tracking" below).
- Support data — anything you tell us when you contact support@mighties.co.uk.
Why we use it (and the legal basis)
| What we do | Why | Legal basis under UK GDPR |
|---|---|---|
| Process your order and deliver it | To fulfil our contract with you | Article 6(1)(b) — contract |
| Provide customer support | To respond to your enquiry | Article 6(1)(b) — contract / 6(1)(f) — legitimate interest |
| Send marketing emails | So we can tell you about new products and offers | Article 6(1)(a) — consent (you can withdraw any time) |
| Measure how the site is used (analytics) | To improve the store and fix issues | Article 6(1)(a) — consent |
| Show relevant ads on other websites (marketing pixels) | To reach people who might be interested in Mighties | Article 6(1)(a) — consent |
| Run the website and prevent fraud | To keep the store working and secure | Article 6(1)(f) — legitimate interest |
| Keep records for tax & accounting | To meet our legal obligations | Article 6(1)(c) — legal obligation |
Who we share data with
We only share data with service providers we need to run the business. Each is bound by a data processing agreement.
- Shopify — our e-commerce platform; processes orders, payments, hosts the store, and provides built-in analytics.
- Royal Mail — to deliver your order.
- Omnisend — our email and SMS provider, used to send transactional and (with your consent) marketing messages.
- Shopify Payments, Stripe, Apple Pay, Google Pay — to take card payments securely.
- Meta (Facebook/Instagram) — only if you accept marketing cookies, the Meta Pixel sends events about your visit (page views, add-to-carts, purchases) so we can measure ad performance and show you relevant ads.
- Google — only if you accept analytics or marketing cookies, Google Analytics measures site usage and the Google Ads pixel powers retargeting and conversion measurement.
- Accountants, tax authorities (HMRC), and regulators — where we're legally required to.
We do not sell your personal data. Ever.
International transfers
Some of our processors (Omnisend, Meta, Google, parts of Shopify) are based outside the UK. Where data is transferred outside the UK, we rely on the UK International Data Transfer Agreement or an adequacy decision from the UK Information Commissioner's Office (ICO).
How long we keep your data
- Order records: 7 years (HMRC requirement).
- Marketing data (Omnisend): until you unsubscribe.
- Support correspondence: 2 years from your last message.
- Account data: until you ask us to delete your account.
- Analytics & marketing cookie data: typically up to 24 months (set by Google/Meta).
Cookies and tracking
We use cookies, pixels and similar technologies for three purposes:
- Strictly necessary — keep your cart, login session and checkout working. These are always on and can't be disabled, because without them the store wouldn't function.
- Analytics — Google Analytics tells us things like which pages are most read, how long visitors stay, and which devices they use. We use this to improve the site. Off until you opt in.
- Marketing — the Meta Pixel and Google Ads pixel record events on the site (page views, add-to-cart, purchase) so we can show you our ads on Facebook, Instagram and across the Google network, and so we can measure how well those ads are working. Off until you opt in.
When you first visit the site you'll see a banner asking you to accept all, reject all, or customise your choices. You can change your decision at any time — just click "Cookie preferences" at the bottom of any page.
You can also block cookies in your browser settings, but parts of the site (like the cart) may stop working if you block strictly necessary cookies.
Your rights
Under UK GDPR you have the right to:
- Access the personal data we hold about you.
- Have inaccurate data corrected.
- Have your data erased ("right to be forgotten") where applicable.
- Restrict or object to certain processing.
- Have your data ported to another service.
- Withdraw consent for marketing or tracking at any time (unsubscribe link in every email; "Cookie preferences" link in our footer).
To exercise any of these rights, email support@mighties.co.uk and we'll respond within one month.
If you're not happy with how we've handled your data, you can complain to the Information Commissioner's Office (ICO) at ico.org.uk.
Changes to this policy
We'll update this page if our practices change. The "last updated" date at the top reflects the most recent change. Significant changes will also be emailed to anyone subscribed to our newsletter.
Company information
Mighties is a trading name of Horner Tech Ltd, a company registered in England and Wales (Company No. 13876374).
Registered office: Office 18288, 182-184 High Street North, London, E6 2JA, United Kingdom.
Email: support@mighties.co.uk · Web: mighties.co.uk
Questions about this policy? Email us at support@mighties.co.uk — we usually reply within one working day.