Skip to content
Tasty Truck Logo

Legal

PRIVACY POLICY

How we collect, use, and protect personal information when you browse the site, place orders, or create an account.

BUSINESS & CONTACT

Tasty Truck
[email protected]
Links: Terms of ServicePrivacy Policy

Last updated: 21 January 2026

This Privacy Policy explains how we collect, use, share, and protect your personal information when you use the Tasty Truck website and services (the "Services").

1. Who we are (data controller)

The data controller is Tasty Truck (the business details shown above under "Business & Contact").

2. Information we collect

  • Contact details: name, email address, phone number.
  • Delivery/collection details: delivery address (if delivery), selected time slot/day, special instructions.
  • Order details: items ordered, selected options/add-ons, prices, order notes (including any allergen information you provide).
  • Account details (if you create an account): login email and password (stored securely, not in plain text).
  • Device/usage data: IP address, basic device/browser information, and logs needed for security and troubleshooting.
  • Payment data: payments are processed by our payment provider (Stripe). We do not store full card details on our servers.

3. How we use your information

  • To provide the Services (for example, process orders, take payment, deliver or prepare food, and communicate about your order).
  • To manage accounts if you choose to create one.
  • To provide customer support and handle issues, refunds, or complaints.
  • To improve our Services and keep them reliable.
  • To keep our Services secure and prevent fraud or abuse.

4. Lawful bases for processing (UK GDPR)

  • Contract: processing necessary to take and fulfil your order.
  • Legitimate interests: improving and securing our Services, preventing fraud, and responding to requests.
  • Legal obligation: complying with applicable law.
  • Consent: where required (for example certain marketing). You can withdraw consent at any time.

5. Sharing your information

We do not sell your personal data. We may share information with trusted service providers (processors) to operate the Services, including Stripe, Resend, Shipday, and hosting or infrastructure providers.

These providers process data under contractual terms and only as needed to provide their services.

6. International transfers

Some service providers may process data outside the UK. Where this occurs, we take steps to ensure appropriate safeguards are in place.

7. Data retention

We keep personal data only as long as necessary for the purposes described above, including to meet legal, accounting, and reporting requirements.

8. Cookies

We use essential cookies to keep the site working. With your consent, we also use analytics cookies (Google Analytics 4) and marketing cookies (Google Ads and Meta Pixel) to measure performance and improve our ads. You can manage your preferences at any time using "Cookie settings" in the footer or via your browser settings.

9. Security

We use appropriate technical and organisational measures designed to protect personal data. However, no method of transmission or storage is 100% secure.

10. Your rights

Under UK GDPR, you may have rights including access, rectification, erasure, restriction, objection, and data portability. To exercise your rights, contact us using the details shown above.

You also have the right to complain to the UK Information Commissioner's Office (ICO). See ico.org.uk.

11. Changes to this policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date.

We use cookies for analytics and marketing to understand performance and improve ads. Privacy Policy.