Privacy Policy

Information We Collect

Information You Provide

When you place an order, register an account, or contact us, we collect:

• Name and contact details (email, phone number, billing & delivery address)
• Business name and VAT number where applicable
• Payment information (processed securely by our payment provider — we do not store full card details)
• Order history and any correspondence you have with us

Information Collected Automatically

When you visit our website, we automatically collect:

• IP address, browser type, device information and operating system
• Pages visited, time spent on the site and referring website
• Cookies and similar tracking technologies (see our Cookie Policy for details)

How We Use Your Information

We use your personal data for the following purposes:

Fulfilling Your Order

Processing payments, arranging delivery, providing order updates and handling returns or queries.

Managing Your Account

Maintaining your account details, order history and saved addresses to make future purchases easier.

Customer Service

Responding to your enquiries via phone, email or our website contact forms.

Marketing (with your consent)

Sending you trade newsletters, product updates and special offers — only if you have opted in. You can unsubscribe at any time using the link in any marketing email, or by contacting us directly.

Legal & Operational Requirements

Complying with our legal obligations, including tax records, fraud prevention and protecting our business interests.

Legal Basis for Processing

Under UK GDPR, we rely on the following lawful bases for processing your personal data:

• Contract — processing necessary to fulfil our agreement with you (e.g. completing an order)
• Legal obligation — keeping financial records required by HMRC and other authorities
• Legitimate interests — improving our service, preventing fraud and managing our business
• Consent — for marketing communications and non-essential cookies, where you have given clear permission

Sharing Your Information

We do not sell your personal data. We only share it with trusted third parties where necessary to deliver our service, including:

• Couriers and delivery providers — to arrange delivery of your order
• Payment processors — to handle card payments securely
• IT and hosting providers — who manage our website and systems on our behalf
• Accountants and professional advisers — where required for legal or financial compliance
• Regulators or law enforcement — if required by law

All third parties are required to keep your data secure and only use it for the specific purposes we have agreed.

How Long We Keep Your Data

We retain your personal data only as long as necessary for the purposes outlined in this policy:

• Order and transaction records — kept for a minimum of 7 years to comply with HMRC requirements
• Account information — retained while your account is active, then deleted on request
• Marketing data — kept until you unsubscribe or withdraw consent
• Website analytics — typically retained for up to 26 months

Your Rights

Under UK GDPR, you have the following rights regarding your personal data:

• Right of access — request a copy of the data we hold about you
• Right to rectification — ask us to correct any inaccurate or incomplete information
• Right to erasure — request deletion of your data (subject to legal retention requirements)
• Right to restrict processing — ask us to limit how we use your data
• Right to data portability — receive your data in a structured, machine-readable format
• Right to object — object to processing based on legitimate interests, including direct marketing
• Right to withdraw consent — withdraw any consent you have previously given, at any time

To exercise any of these rights, please contact us at [email protected]. We will respond within one month.

Data Security

We take the security of your personal data seriously. We use industry-standard measures including:

• SSL encryption on all data submitted through our website
• Secure, restricted access to customer data within our business
• Regular security updates to our website and systems
• Trusted, PCI-compliant payment processors to handle card transactions

While we take every reasonable precaution, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security, but we will notify you and the ICO of any data breach as required by law.

Cookies

Our website uses cookies and similar technologies to provide a better browsing experience, remember your preferences, and analyse how the site is used.

You can control or disable cookies through your browser settings at any time. For full details, please see our Cookie Policy.

International Transfers

Most of your data is stored within the UK or European Economic Area (EEA). Where data is transferred outside of these regions (for example, through certain analytics or hosting providers), we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the ICO.

Children's Privacy

Our website and services are intended for trade customers aged 18 and over. We do not knowingly collect personal data from anyone under 18. If you believe we have inadvertently collected such data, please contact us so we can delete it.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. The "Last updated" date at the top of this page shows when the most recent changes were made. We recommend reviewing this policy periodically.