GDPR Compliance

Our Commitment to Data Protection

Our GDPR Approach

To ensure ongoing compliance, we have:

• Reviewed how personal data is collected, stored, and used across our business

• Implemented internal policies and procedures that uphold data protection principles

• Established clear guidelines for data retention, erasure, and subject access requests

• Appointed responsible team members to monitor data protection across the organisation

What Data We Collect

We may collect and process personal data such as:

• Name, address, email and phone number

• Purchase preferences or enquiry details

• Communications sent to us (e.g. contact forms, brochures)

• Cookies and website usage data (see our Privacy Policy for more)

We only collect what is necessary and for legitimate purposes, such as customer service, marketing (with consent), or fulfilling contractual obligations.

Your Rights

Under GDPR, you have the right to:

• Access the personal data we hold about you

• Request correction or deletion of your data

• Object to or restrict processing

• Withdraw consent at any time

• Lodge a complaint with the ICO (Information Commissioner’s Office)

To exercise any of these rights, please contact us via our contact page.

Data Security

We use appropriate technical and organisational measures to keep your data safe. Access is limited to staff who need it for their role, and we regularly review our security practices to ensure ongoing protection.

Third Parties

Where we use trusted third-party services (e.g. email platforms, hosting providers), we ensure appropriate contracts and data processing agreements are in place to protect your information.