Privacy Policy

1. Introduction

Cape & Co. is the trading name of The Murfield Collective. We operate an online retail store via Shopify and are committed to protecting your personal information and your right to privacy. This Privacy Policy explains what data we collect, how we use it, and what rights you have in relation to it.

This policy applies to all personal data collected through our website, including when you browse, make a purchase, sign up for our newsletter, or contact us.

We are a Data Controller under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. If you have any questions about this policy, please contact us at the details below.

2. Who We Are

Trading name: Cape & Co.

Registered business name: The Murfield Collective

Email: [insert contact email address]

Website: [insert website URL]

Postal address: [insert registered address, UK]

If you have any privacy-related questions or concerns, please contact us at the email address above.

3. What Personal Data We Collect

We may collect the following categories of personal data:

3.1 Identity & Contact Information

Full name

Billing address and delivery address

Email address

Telephone number

3.2 Transaction & Payment Data

When you place an order, payment is processed securely through Shopify Payments and/or third-party payment processors such as Stripe or PayPal. We do not store your full card details on our systems. We do retain records of your transaction history (order reference, products purchased, value, and date).

3.3 Technical & Usage Data

IP address and browser type

Pages visited and time spent on our website

Referring URLs

Device information

This data is collected through cookies and analytics tools (see Section 7 – Cookies).

3.4 Marketing Preferences

If you opt in to receive marketing communications, we collect your email address and record your consent. You can withdraw consent at any time (see Section 8 – Your Rights).

4. How We Use Your Personal Data

We only use your personal data where we have a lawful basis to do so under UK GDPR. The following list sets out our purposes for processing your information and the corresponding lawful basis for each:

Process and fulfil your orderData Used: Name, address, email, phone, and transaction data.Lawful Basis: Performance of a contract.
Send order confirmation and shipping updatesData Used: Name, email, and address.Lawful Basis: Performance of a contract.
Process payments securelyData Used: Transaction data (via Shopify, Stripe, or PayPal).Lawful Basis: Performance of a contract.
Send marketing emails (with your consent)Data Used: Email address and marketing preferences.Lawful Basis: Consent.
Improve our website and analyse trafficData Used: Technical data, usage data, and cookies.Lawful Basis: Legitimate interests.
Comply with legal obligations (e.g. tax records)Data Used: Transaction and identity data.Lawful Basis: Legal obligation.
Prevent fraud and protect our businessData Used: IP address and transaction data.Lawful Basis: Legitimate interests.

5. Who We Share Your Data With

We do not sell your personal data. We may share it with trusted third parties who assist us in running our business, under strict contractual obligations to protect your data. These include:

E-commerce platform provider — processes orders, payments, and stores customer data on our behalf. Shopify is certified under the EU–US Data Privacy Framework and maintains appropriate safeguards. View Shopify's privacy policy at shopify.com/legal/privacy.: Shopify Inc.

For secure card and payment processing.: Payment processors (e.g. Stripe, PayPal)

To ship orders to your specified address.: Delivery and fulfilment partners

To send marketing emails where you have given consent.: Email marketing services (e.g. Klaviyo, Mailchimp)

To help us understand how our website is used. These providers may set cookies on your device (see Section 7).: Analytics providers (e.g. Google Analytics, Meta Pixel)

Where required by law or to protect our legal rights.: Legal and regulatory authorities

Where third parties are located outside the UK, we ensure appropriate safeguards are in place (such as Standard Contractual Clauses or adequacy decisions).

6. How Long We Keep Your Data

We retain personal data only for as long as necessary for the purposes it was collected, or as required by law. Our standard retention periods are:

7 years (to comply with HMRC and tax obligations).: Order and transaction records

For the duration of your account, plus 2 years after the last activity.: Customer account data

Until you unsubscribe or withdraw consent, after which we will suppress rather than delete to honour your opt-out preference.: Marketing email lists

Typically 26 months (as per Google Analytics default settings).: Website analytics data

See Section 7 for individual cookie durations.: Cookies

After the applicable retention period, data is securely deleted or anonymised.

7. Cookies

Our website uses cookies — small text files placed on your device — to make our site work properly, understand how it is used, and (where you have consented) to show relevant advertising.

7.1 Types of Cookies We Use

Required for the website to function (e.g. your shopping cart, secure checkout). These cannot be disabled.: Essential / Strictly necessary

Help us understand visitor behaviour (e.g. Google Analytics). These are only set with your consent.: Analytics cookies

Used to show you relevant ads on other platforms (e.g. Meta Pixel/Facebook). These are only set with your consent.: Marketing / Advertising cookies

Remember your preferences to improve your experience.: Functional cookies

7.2 Managing Cookies

When you first visit our website, you will be shown a cookie consent banner. You can choose which non-essential cookies to accept or reject. You can change your preferences at any time by clearing your browser cookies and revisiting the site, or by using your browser's cookie settings.

Please note that disabling certain cookies may affect the functionality of our website.

8. Your Rights Under UK GDPR

You have the following rights in relation to your personal data. To exercise any of these rights, please contact us at [insert contact email]. We will respond within one calendar month.

You can request a copy of the personal data we hold about you (a Subject Access Request).: Right of access

You can ask us to correct inaccurate or incomplete data.: Right to rectification

You can ask us to delete your data ('right to be forgotten'), subject to certain exceptions (e.g. legal obligations).: Right to erasure

You can ask us to pause processing of your data in certain circumstances.: Right to restrict processing

Where processing is based on consent or a contract, you can request your data in a structured, machine-readable format.: Right to data portability

You can object to processing based on legitimate interests, or to direct marketing at any time.: Right to object

Where we rely on consent (e.g. marketing emails), you can withdraw it at any time by clicking 'Unsubscribe' in any email or by contacting us.: Right to withdraw consent

You have the right to complain to the Information Commissioner's Office (ICO) at ico.org.uk or by calling 0303 123 1113 if you believe we have not handled your data correctly.: Right to lodge a complaint

9. How We Protect Your Data

We take the security of your personal data seriously and have implemented appropriate technical and organisational measures, including:

SSL/TLS encryption for all data transmitted through our website

Shopify's PCI-DSS compliant payment infrastructure

Restricted access to personal data on a need-to-know basis

Regular review of our security practices

While we take every reasonable step to protect your data, no internet transmission is ever completely secure. If you have concerns about security, please contact us immediately.

10. Links to Other Websites

Our website may contain links to third-party websites. We are not responsible for the privacy practices of those sites. We encourage you to read their privacy policies before providing any personal information.

11. Children's Privacy

Our website is not directed at children under the age of 13. We do not knowingly collect personal data from children. If you believe we have inadvertently collected such data, please contact us immediately and we will delete it.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. The updated policy will be published on our website with a revised 'Last updated' date. Where changes are significant, we will notify you by email or a prominent notice on our website.

13. Contact Us

If you have any questions about this Privacy Policy, wish to exercise your rights, or have a complaint about how we have handled your personal data, please contact us:

Cape & Co. (trading as The Murfield Collective)

Email: [insert contact email address]

Post: [insert registered address, UK]

Website: [insert website URL]

You also have the right to lodge a complaint with the UK supervisory authority:

Information Commissioner's Office (ICO)

Website: ico.org.uk

Phone: 0303 123 1113

3m x 3m Pergola

4m x 3m Pergola

6m x 3m Pergola

All Pergolas

Pergola Buying Guide 2026

Juniper Collection

Callen Collection

Thorne Collection

Terra Collection

JUNIPER CORNER DINING SET

All Garden Parasols

Cantilever Parasols

Traditional Parasols

A GUIDE TO THE BEST PARASOLS FOR 2026

Garden Sofa Sets

Outdoor Dining Sets

Garden Lounge & Bistro Sets

Rising Table Sets

Sun Lounger Sets

Pergola & Parasol Bundles

All Ranges