DecalWorks – Privacy Policy (UK GDPR)

1. Overview

​

DecalWorks is committed to protecting your personal data and respecting your privacy. This policy explains how we collect, use, store, and protect your personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

By using our website or contacting us, you acknowledge this policy.

​

2. Data Controller & Contact Details

DecalWorks is the data controller responsible for your personal data.

Legal name: DecalWorks
Email: info@decalworks.co.uk

For any questions about this policy or how we handle your personal data, please contact us using the details above.

​

3. Personal Data We Collect

We may collect and process the following personal data:

Contact details (such as name, email address, telephone number)

Order, enquiry, and quotation information

Correspondence and communications

Technical data, including IP address, browser type, device information, and website usage data

We only collect personal data that is necessary for our business operations.

​

4. Lawful Basis for Processing

We process personal data under the following lawful bases:

Contract – to fulfil orders or respond to enquiries

Legitimate interests – to operate and improve our business, website, and services

Legal obligation – to comply with applicable laws and regulations

Consent – where required, such as for marketing communications

​

5. How We Use Personal Data

We use personal data to:

Process orders and enquiries

Communicate with customers and suppliers

Provide, operate, and improve our website and services

Maintain security and prevent fraud

Meet legal and regulatory obligations

​

6. Data Sharing

We may share personal data with trusted third parties, including service providers, professional advisers, and authorities where legally required. We do not sell personal data.

​

7. International Transfers

Where personal data is transferred outside the UK, we ensure appropriate safeguards are in place in accordance with UK GDPR.

​

8. Data Retention

We retain personal data only for as long as necessary for the purposes for which it was collected, or to meet legal, accounting, or regulatory requirements. Data is securely deleted or anonymised once no longer required.

​

9. Data Security

We implement appropriate technical and organisational measures to protect personal data against unauthorised access, loss, or misuse.

​

10. Your Rights

Under UK GDPR, you have the right to:

Access your personal data

Request rectification or erasure

Restrict or object to processing

Request data portability

Withdraw consent at any time (where applicable)

You also have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO):
Website: https://ico.org.uk/

​

11. Policy Updates

We may update this policy from time to time. Any changes will be published on our website, and continued use indicates acceptance of the updated policy.