Powered by Zavengo™Operated by Zavengo Ltd for POP INs
Last updated: June 28, 2026
The POP INs ordering and delivery service is provided and operated on POP INs's behalf by Zavengo Ltd("the Platform", "we", "us", "our"), a company registered in England and Wales (company number 17138225, registered office 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ, United Kingdom).
Zavengo Ltd is the data controller for personal data processed to operate the POP INs service (popins.uk, the POP INsapps, and related services, together, "the Service") (ICO registration in progress). POP INs is the retail store you order from; where POP INs uses your personal data for its own purposes as a merchant it acts as a separate controller. POP INs is a trading name of PR Thunai Limited, a company registered in England and Wales (company number 15430683), registered office 24 Dunsfold Road, Tilehurst, Reading, RG30 4NP, United Kingdom (VAT registration number 458861152). For data-protection enquiries that concern POP INs's own use of your data as the retailer, contact hello@popins.uk; POP INs's own ICO registration reference is [TO BE COMPLETED BY POP INs].
For data protection enquiries about the Service: privacy@popins.uk. You also have the right to lodge a complaint with the ICO at ico.org.uk/make-a-complaint.
Zavengo™ is a trade mark of Zavengo Ltd (UK trade mark application no. UK00004401578).
Account data
Name, email address, phone number, delivery addresses, password (hashed). Where you have confirmed you are 18 or over to buy age-restricted items, we keep a record that you self-certified and when.
Driver data
Name, email, phone, postcode, vehicle type, availability, location during active deliveries, profile photo, earnings history.
Waitlist data (pre-launch)
Name, email, phone, postcode, vehicle type, collected via our driver waitlist and customer sign-up forms.
Order data
Items ordered, delivery addresses, order history, payment information (processed by Stripe, we do not store card numbers), and a secure delivery PIN generated for each order to confirm receipt at the door.
Age-verification data
For an order containing age-restricted items, we record the doorstep age check: the explicit decision the POP INs staff member makes at handover (for example "clearly over 25", "ID checked", or "refused") and the time it was made. This is a record of the decision only, we do not collect, scan, or store the recipient's date of birth, photograph, or ID document, and no biometric data is captured. We keep this as evidence that the legally required Challenge 25 check was carried out.
Account safety / moderation data
Where our support or admin team identifies a problem with an account (for example suspected fraud, payment disputes, abuse of staff, or repeated policy breaches), we may record an internal flag on the account with a short note and the date. This is used only by our staff to handle the account fairly and consistently; it does not by itself restrict or close the account.
Delivery confirmation data
Your order is confirmed at the door with a secure delivery PIN. Where the POP INs staff member's app is offline at the point of delivery, the app instead records a photo of the delivery (for example the doorstep or the handover) together with the GPS location at which delivery was confirmed, so we have a reliable record that your order arrived. These are stored securely and used only to confirm delivery and resolve any dispute.
Payment dispute data
If a payment is disputed or charged back through your bank or card provider, we record details of the dispute against the relevant order (including the reason and outcome) and the evidence relevant to it (such as the delivery PIN, delivery confirmation, and receipt), so we can respond to your bank and resolve the matter.
Store-credit data
If we issue you store credit (for example as a goodwill gesture after an issue), we keep a record of the amount, the reason, any expiry, and how much remains, so it can be applied to your future orders.
Conversations
Support chats with our team, stored alongside your account so we can troubleshoot and resolve disputes.
Technical data
IP address, browser type, device information, push notification tokens, cookies for authentication.
•To provide the delivery service and process your orders
•To match you with available drivers in your area
•To process payments via Stripe
•To send order updates, OTP codes, and service notifications
•To notify you when the service launches in your area (waitlist)
•To prevent fraud and ensure safety (age verification, dispute resolution)
•To comply with legal obligations
•Contract: processing necessary to fulfil your order, provide the Service, and respond to your support requests (including storing the support chat thread so we can investigate and follow up)
•Consent: waitlist sign-ups, marketing communications
•Legitimate interest: detecting and preventing fraud and abuse, protecting our staff and other customers, the safe operation of the Service (including recording internal account-safety flags and handling payment disputes), service improvement, and analytics
•Legal obligation: age verification for restricted products, tax records
Drivers
Your name, delivery address, and phone number are shared with the driver assigned to your order, solely for delivery purposes.
Service providers (data processors)
| Provider | Purpose | Location |
|---|---|---|
| Stripe | Payments + Stripe Issuing (driver virtual cards) | US |
| Pusher Channels | Realtime messaging (order updates + support chat) | GB |
| Cloudflare | CDN + WAF + Zero Trust Access (investors.zavengo.com) | US |
| Vercel | Web hosting + edge runtime | US |
| Neon | Postgres database hosting | US |
| AWS S3 | Object storage (receipt photos, customer avatars) | EU |
| OpenFoodFacts | Public barcode + product lookup (no PII sent) | FR |
| postcodes.io | UK postcode geocoding (postcode only) | GB |
| Sentry | Error monitoring + Crashlytics-equivalent | US |
| Firebase Cloud Messaging | Push notifications (Android + iOS) | US |
| Resend | Transactional email (verify, receipts) | US |
Where data is transferred outside the UK, we rely on Standard Contractual Clauses (SCCs) or UK adequacy decisions to ensure appropriate safeguards.
We do not sell your personal data to third parties.
We take reasonable measures to protect your data, including:
•AES-256-GCM encryption of sensitive personal data (names, emails, phone numbers, addresses) at rest
•Passwords hashed with scrypt (never stored in plaintext)
•HTTPS encryption for all data in transit
•Role-based access control for staff
•UK geo-restriction to limit service area
•Account data: retained while your account is active, deleted within 30 days of account deletion request
•Waitlist data: retained until the service launches in your area, or until you request deletion
•Order data: retained for 6 years for tax and legal compliance (HMRC requirement)
•Delivery-confirmation photos and GPS records: retained with the order for as long as the order record is kept, so they remain available to resolve a later query, dispute, or chargeback
•Support chats: retained for 24 months so the team can investigate later complaints, refunds, and disputes; deleted on request once any related order is settled
•Push notification tokens: automatically cleaned up after 30 days of inactivity
Under UK GDPR, you have the right to:
•Access your personal data (Subject Access Request)
•Rectify inaccurate or incomplete data
•Erase your data ("right to be forgotten")
•Restrict processing in certain circumstances
•Data portability, receive your data in a structured, machine-readable format
•Object to processing based on legitimate interest
•Withdraw consent at any time where processing is based on consent
To exercise any of these rights, contact privacy@popins.uk. We will respond within 30 days.
We use only essential cookies required for the Service to function:
•Session cookie (next-auth.session-token), keeps you logged in
•Site auth cookie, for development site access
We do not use advertising, analytics, or tracking cookies. No cookie consent banner is required as we only use strictly necessary cookies.
We do not carry out any solely-automated decision-making that produces a legal or similarly significant effect about you. Every order is reviewed and physically purchased by a human Driver, and the final charge is set by the actual till receipt, not by any automated estimate.
While an active order is assigned to a Driver, the Driver app shares their live location with our servers so customers and admin can see the delivery progress. Live sharing of a Driver's location to the customer ends automatically when the order reaches DELIVERED or CANCELLED status.
A Driver's most recent location is retained while they are signed in and available for work, it is used to match them to nearby orders and to calculate distance-based delivery pricing (the distance between the Driver and the customer's address). It is not deleted when an individual order completes; it is cleared when the Driver goes offline or signs out.
Drivers can review and disable background location at any time in their iOS/Android settings; doing so prevents them from receiving new jobs.
The Service is not intended for children under 18. We do not knowingly collect data from anyone under 18. Age-restricted products (alcohol, tobacco, vapes) require a Challenge 25 age check upon delivery: this is a visual inspection and, where needed, a sight of the recipient's physical photo ID. We record only the outcome of the check (see "Age-verification data" in section 2), we do not scan, photograph, or store the recipient's ID or date of birth.
We may update this privacy policy from time to time. Material changes will be communicated via email or in-app notification. The "last updated" date at the top reflects the most recent revision.
If you are unhappy with how we handle your data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):
Information Commissioner's Office
Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
Phone: 0303 123 1113
Website: ico.org.uk