Excellent Service

Search site

Search site

0

Privacy Policy

Bathroom Shop UK

bathroomshopuk.co.uk

Last Updated: 12 January 2026

Introduction

Bathroom Shop UK is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, store, and protect your data when you use our website and services.
We are the data controller responsible for your personal data. If you have any questions about this policy or how we handle your information, please contact us using the details provided at the end of this document.

Information We Collect

We collect and process the following types of personal data:

  • Account Information: Name, email address, phone number, billing and delivery addresses when you create an account or place an order
  • Order Information: Purchase history, product preferences, payment information (processed securely through our payment providers)
  • Technical Information: IP address, browser type, device information, operating system, and website usage data collected through cookies and similar technologies
  • Communications: Any correspondence you send us, including emails, chat messages, and customer service enquiries
  • Marketing Preferences: Your choices regarding receiving marketing communications from us

How We Use Your Information

We use your personal data for the following purposes:

  • Order Processing: To process and fulfil your orders, arrange delivery, process payments, and handle returns or refunds
  • Customer Service: To respond to your enquiries, provide customer support, and communicate with you about your orders
  • Account Management: To create and manage your account, personalise your experience, and maintain your order history
  • Marketing: To send you promotional materials, product recommendations, and special offers (only with your consent)
  • Website Improvement: To analyse website usage, improve our services, and enhance user experience
  • Legal Compliance: To comply with legal obligations, prevent fraud, and protect our rights and property

Legal Basis for Processing

Under UK GDPR, we process your personal data based on the following legal grounds:

  • Contract Performance: Processing necessary to fulfil our contract with you (order processing and delivery)
  • Consent: Where you have given explicit consent (marketing communications)
  • Legitimate Interests: For improving our services, fraud prevention, and business analytics
  • Legal Obligation: To comply with legal and regulatory requirements

Data Sharing and Third Parties

We do not sell your personal data to third parties. We may share your information with the following categories of service providers who help us operate our business:

  • Payment Processors: To securely process your payments
  • Delivery Partners: To deliver your orders to you
  • Hosting Providers: To host our website and store data securely (Cloudways)
  • Email Service Providers: To send order confirmations and other transactional emails
  • Analytics Providers: To help us understand website usage and improve our services
  • Legal Authorities: When required by law or to protect our legal rights

All third-party service providers are required to maintain appropriate security measures and use your data only for the purposes we specify.

Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your browsing experience. Cookies are small text files stored on your device that help us:

  • Remember your preferences and login details
  • Keep items in your shopping cart
  • Analyse website traffic and user behaviour
  • Provide personalised content and recommendations

You can control cookie settings through your browser preferences. Please note that disabling cookies may affect the functionality of our website.

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes outlined in this policy or as required by law:

  • Account Data: Retained while your account is active and for 7 years after account closure for legal and accounting purposes
  • Order Records: Retained for 7 years to comply with tax and financial regulations
  • Marketing Data: Retained until you withdraw consent or for 2 years of inactivity
  • Website Analytics: Anonymised and aggregated data may be retained indefinitely

Your Rights

Under UK GDPR and data protection law, you have the following rights:

  • Right of Access: Request a copy of the personal data we hold about you
  • Right to Rectification: Request correction of inaccurate or incomplete data
  • Right to Erasure: Request deletion of your personal data (subject to legal obligations)
  • Right to Restriction: Request limitation of processing of your data
  • Right to Data Portability: Receive your data in a structured, machine-readable format
  • Right to Object: Object to processing based on legitimate interests or direct marketing
  • Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent

To exercise any of these rights, please contact us using the details provided below. We will respond to your request within one month.

Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, destruction, or alteration. These measures include:

  • SSL/TLS encryption for data transmission
  • Secure hosting infrastructure with regular security updates
  • Access controls and authentication requirements
  • Regular security audits and vulnerability assessments
  • Secure payment processing through PCI DSS compliant providers

While we take every precaution to protect your data, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security but continuously work to maintain the highest standards.

International Data Transfers

Your personal data is primarily stored and processed within the United Kingdom. In some cases, data may be transferred to and processed in other countries where our service providers operate. When we transfer data internationally, we ensure appropriate safeguards are in place, such as:

  • Standard Contractual Clauses approved by the UK Information Commissioner’s Office
  • Adequacy decisions recognising equivalent data protection standards
  • Certification schemes demonstrating compliance with data protection principles

Children’s Privacy

Our website is not intended for children under the age of 18. We do not knowingly collect personal data from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately so we can delete such information.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by posting the updated policy on our website and updating the “Last Updated” date. Your continued use of our services after such changes constitutes acceptance of the updated policy.

Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Bathroom Shop UK
Website: bathroomshopuk.co.uk
Email: sales@bathroomshopuk.co.uk

You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK’s supervisory authority for data protection:
Information Commissioner’s Office
Website: ico.org.uk
Telephone: 0303 123 1113

Help Centre