Cookie Policy
Cookie Policy
Last updated: 3 June 2026
This Cookie Policy explains how ZWIM uses cookies and similar technologies on zwim.com (the "Site"), what they do, and the choices you have. It applies to visitors everywhere in the world. Read it alongside our Privacy Policy, which explains how we handle your personal data more generally.
1. Who we are
ZWIM is the trading name of two companies that act as joint controllers under Article 26 of the EU and UK GDPR:
- ZEN8 Sports Ltd (United Kingdom) — registered office: 7 Bell Yard, London, England, WC2A 2JR. The contracting and selling entity.
- ZEN8 Sports Portugal Unipessoal Lda (Portugal) — registered office: Rua Professor Sousa da Câmara 207, 3E, 1070-216 Lisboa, Portugal. Our research-and-development and EU establishment.
For any question about this policy or your data, contact us at privacy@zwim.com. You can exercise your rights against either entity; both remain jointly responsible.
2. What are cookies and similar technologies?
Cookies are small text files placed on your device when you visit a website. We also use technologies that work in a similar way, and we refer to all of them as "cookies" in this policy:
- Cookies — first-party (set by us) or third-party (set by a partner), and either "session" (deleted when you close your browser) or "persistent" (stay until they expire or you delete them).
- Pixels and tags — tiny images or snippets of code that record that a page or email was opened.
- Local storage — data stored in your browser to remember settings and improve performance.
- Software development kits (SDKs) and device identifiers used within our connected apps.
- Session-replay technology that records anonymised interactions (such as clicks and scrolls) to help us understand how the Site is used.
3. Why we use cookies
- To make the Site work — keep you signed in, remember your cart, and process checkout securely.
- To keep the Site safe and prevent fraud.
- To remember your preferences, including your cookie choices and language.
- To understand how the Site is used so we can improve it.
- To measure and, where you allow it, personalise our marketing.
4. The categories of cookies we use
Strictly necessary (always active)
These are essential for the Site to function and cannot be switched off. They are set in response to actions you take, such as adding to cart, logging in, or saving your privacy choices. We do not need your consent for these, but you can block them in your browser (the Site may then not work properly).
Performance and analytics (consent required)
These help us count visits and traffic sources and see how people move around the Site, including anonymised session replay, so we can measure and improve performance. If you do not allow them, we will not know you have visited.
Functional (consent required)
These enable enhanced functionality and personalisation, such as remembering choices you make. If you do not allow them, some features may not work as well.
Advertising and targeting (consent required)
These are set by us and our advertising partners to build a profile of your interests and show you relevant ads on other sites, and to measure the effectiveness of our campaigns. They do not store directly identifying information but are based on uniquely identifying your browser and device.
5. The cookies on this Site
The table below lists the main providers we use today. Because we maintain and update our consent tools, the most current, automatically scanned list of every cookie is shown in the cookie banner's preference panel (open it any time using the "Cookie settings" control described in section 7).
| Provider | What it does | Category | Typical duration |
|---|---|---|---|
| Shopify | Runs the store: cart, checkout, sessions, security and fraud prevention. | Strictly necessary | Session to 1 year |
| Pandectes (consent management) | Stores and applies your cookie choices. | Strictly necessary | Up to 1 year |
| Google Analytics 4 | Measures Site traffic and how the Site is used (aggregated). | Performance and analytics | Up to 2 years |
| Microsoft Clarity | Anonymised session replay and heatmaps to improve usability. | Performance and analytics | Session to 1 year |
| Google Ads | Measures ad conversions and supports remarketing. | Advertising and targeting | Up to 1 year |
| Klaviyo | Recognises waitlist and email subscribers and measures email engagement. | Functional / marketing | Up to 2 years |
6. Consent and the legal basis
Where the law requires consent (for example across the EU/EEA, the UK, and Switzerland), we only set analytics, functional, and advertising cookies after you agree through our cookie banner. Strictly necessary cookies are set on the basis of our legitimate interest in running a secure, working website and do not require consent.
We use Google Consent Mode so that our analytics and advertising tags respect your choice. Your consent is recorded so we can demonstrate it, and you can change or withdraw it at any time (section 7). Withdrawing consent does not affect anything done before you withdrew it.
7. How to manage or withdraw your choices
- On our Site: open the consent panel at any time using the "Cookie settings" link in our footer (or the cookie icon shown on the page), change your selections, and save.
- In your browser: most browsers let you block or delete cookies in their settings. Blocking strictly necessary cookies may stop parts of the Site working. See aboutcookies.org for step-by-step help.
- Analytics opt-out: you can install the Google Analytics opt-out browser add-on.
- Advertising opt-out: manage Google ad personalisation at adssettings.google.com, and use industry tools such as youronlinechoices.eu (EU), optout.aboutads.info (US), and optout.networkadvertising.org.
- US residents: see our Your Privacy Choices page to opt out of the "sale" or "sharing" of personal information and targeted advertising.
8. Your rights and choices by region
European Economic Area, United Kingdom and Switzerland
Under the GDPR, UK GDPR, the ePrivacy rules and the Swiss FADP, non-essential cookies require your prior consent, which you give through our banner and can withdraw at any time. You also have rights to access, correct, delete, restrict, and port your personal data, and to object to certain processing. You may lodge a complaint with your local supervisory authority — in Portugal, the Comissão Nacional de Proteção de Dados (CNPD, cnpd.pt); in the UK, the Information Commissioner's Office (ICO, ico.org.uk).
United States
Under California's CCPA/CPRA and similar laws in states such as Virginia, Colorado, Connecticut, Utah, Texas and others, you have the right to opt out of the "sale" or "sharing" of personal information and of targeted advertising, and to limit certain uses. Use our Your Privacy Choices page. We honour the Global Privacy Control (GPC) browser signal as a valid opt-out request where required.
Canada, Brazil, Australia and elsewhere
We apply privacy-by-design globally and follow local requirements, including Canada's PIPEDA, Brazil's LGPD and Australia's Privacy Act. Where local law requires consent for cookies, we obtain it through our banner; where notice is sufficient, this policy provides it. Wherever you are, you can manage your choices using the controls in section 7 or by contacting privacy@zwim.com.
9. International data transfers
Some of our cookie providers (including Google, Microsoft, Shopify and Klaviyo) are based in, or process data in, the United States and other countries. Where we transfer personal data outside your region, we rely on lawful transfer mechanisms such as the EU/UK Standard Contractual Clauses, the UK International Data Transfer Addendum, the EU-US and UK-US Data Privacy Framework, or adequacy decisions. You can request details of the relevant mechanism by emailing privacy@zwim.com.
10. "Do Not Track" and Global Privacy Control
Because there is no common industry standard for "Do Not Track" (DNT), our Site does not currently respond to DNT signals. We do honour the Global Privacy Control (GPC) signal where the law requires it, as described in section 8.
11. Children
The Site is not aimed at children. We do not knowingly set non-essential cookies for users below the age at which consent is valid in their country (16 in the EU and UK by default, lower in some EU member states down to 13). If you believe a child has provided data through our cookies, contact privacy@zwim.com.
12. Changes to this policy
We may update this Cookie Policy from time to time to reflect changes in technology, law, or how we operate. When we make material changes, we will update the "Last updated" date above and, where appropriate, ask for your consent again through the banner.
13. Contact us
Questions about cookies or your privacy? Email privacy@zwim.com. Postal contact: ZEN8 Sports Ltd, 7 Bell Yard, London, England, WC2A 2JR, United Kingdom, or ZEN8 Sports Portugal Unipessoal Lda, Rua Professor Sousa da Câmara 207, 3E, 1070-216 Lisboa, Portugal.