Skip to Content

Privacy Policy

Barro Local Limited ("Barro", "we", "us", "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, share and protect your personal information when you use our website, mobile app, marketplace, and delivery services.

This Privacy Policy applies to:

  • Customers (residents using our marketplace and delivery services)

  • Retailers (independent local businesses registered on Barro)

  • Franchisees and suppliers

  • Visitors to our website and app

We comply with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and other applicable data protection laws.

1. Data We Collect

We may collect and process the following categories of personal data:

Customers

  • Identity Data: name, email address, phone number, delivery address.

  • Transaction Data: purchase history, payments, refunds.

  • Technical Data: device information, IP address, login credentials, browsing activity on our app/website.

  • Preferences Data: communication preferences, product interests, feedback and survey responses.

Retailers

  • Business Data: shop name, contact details, registered address, bank account details (for payments).

  • Account Data: login credentials, communication with Barro.

Franchisees and Suppliers

  • Identity & Business Data: names, contact information, vehicle details, and payment information.

2. How We Use Your Data

We use your personal data only where lawful. The main purposes include:

  • To provide our services – processing customer orders, delivering items, and managing accounts.

  • To process payments – enabling secure transactions between customers, retailers, and Barro.

  • To communicate with you – updates about orders, service notifications, and customer support.

  • To improve our services – analysing trends, optimising logistics, and developing AI-driven delivery systems.

  • For marketing (with consent) – informing you of offers, discounts, and events.

  • To comply with legal obligations – fraud prevention, regulatory compliance, and tax purposes.

We will not sell your data to third parties.

3. Legal Basis for Processing

We rely on the following legal grounds:

  • Contract: to fulfil our obligations when you place an order or register as a retailer.

  • Consent: for marketing communications (you can withdraw at any time).

  • Legitimate Interests: improving our services, fraud prevention, and network security.

  • Legal Obligation: where required by law.

4. Sharing Your Data

We may share your data with:

  • Delivery franchisees – to fulfil customer orders.

  • Payment providers – to process secure payments.

  • Technology partners (e.g., SIGMA Technology Solutions Ltd., hosting providers).

  • Regulators and law enforcement where legally required.

All partners are contractually bound to comply with data protection laws.

5. Data Retention

We will only retain personal data for as long as necessary to fulfil the purposes for which it was collected, including satisfying legal, accounting, and reporting requirements.

Typical retention periods:

  • Customer order data: 6 years (for tax/accounting purposes).

  • Retailer/franchisee contracts: 6 years after termination.

  • Marketing data: until you withdraw consent.

6. International Transfers

Barro primarily processes data within the UK. Where data is transferred outside the UK (e.g., cloud hosting providers), we ensure adequate safeguards such as UK-approved Standard Contractual Clauses (SCCs).

7. Your Rights

Under UK GDPR, you have the following rights:

  • Right of access – to request a copy of the data we hold.

  • Right to rectification – to correct inaccurate or incomplete data.

  • Right to erasure – to request deletion of your data (where lawful).

  • Right to restrict processing – to limit use of your data in certain circumstances.

  • Right to data portability – to obtain a copy of your data in a structured format.

  • Right to object – to direct marketing or certain legitimate interest processing.

You can exercise your rights by contacting us at privacy@barro.co.uk.

8. Security

We implement appropriate technical and organisational measures to protect your personal data, including encryption, access controls, secure hosting, and ongoing monitoring. However, no system is completely secure, and you share data at your own risk.

9. Cookies

Our website and app use cookies and similar technologies to improve functionality, enhance user experience, and analyse traffic. You can manage cookie preferences through your browser settings.

10. Children's Privacy

Barro is not intended for use by children under 16 years old. We do not knowingly collect personal data from children.

11. Changes to this Policy

We may update this Privacy Policy from time to time. Updates will be published on our website/app with the effective date clearly stated.

12. Contact Us

If you have questions about this Privacy Policy or how your data is handled, please contact:

Barro Local Limited

Registered Office: The Brewery Works, Stanhope Street, Liverpool, L8 5RE

Email: legal@barro.co.uk

You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO) at www.ico.org.uk.