Purchasing Data Policy

Effective Date: 20th February 2025

1. Introduction

At Winterfold Group Ltd (“Winterfold”, “we,” “us,” or “our”), we are committed to ensuring the security and privacy of your purchasing data in compliance with the General Data Protection Regulation (GDPR). This policy outlines how we collect, use, store, and protect your purchasing data when you make transactions with us.

2. Data We Collect

When you make a purchase, we may collect the following data:

  • Personal Information: Name, email address, billing and shipping address.
  • Payment Information: Credit/debit card details, transaction history, and payment preferences (processed securely through third-party payment providers).
  • Order Details: Products/services purchased, date and time of transaction, and any applicable discounts or promotions.
  • Technical Data: IP address, device details, and browsing behaviour related to the purchase.

3. How We Use Your Data

We process your purchasing data for the following purposes:

  • To process and fulfil your orders.
  • To provide customer support and manage refunds or disputes.
  • To improve our products, services, and user experience.
  • To comply with legal and financial regulations.
  • To send transactional emails (e.g., order confirmations, invoices, shipping updates).
  • To prevent fraud and enhance payment security.

4. Legal Basis for Processing

Under GDPR, we process purchasing data based on the following legal grounds:

  • Contractual Necessity: To complete and manage your transactions.
  • Legal Obligation: To comply with financial and tax regulations.
  • Legitimate Interests: To improve our services, prevent fraud, and ensure business operations.
  • Consent: When required for marketing or personalized offers (you may withdraw consent anytime).

5. Data Sharing & Third Parties

We do not sell your purchasing data. However, we may share it with:

  • Payment Processors: Secure third-party providers handling payments.
  • Logistics & Shipping Partners: To deliver your orders efficiently.
  • Legal & Regulatory Authorities: When required by law for auditing, compliance, or dispute resolution.

6. Data Retention

We retain purchasing data only as long as necessary for:

  • Fulfilling transactions and providing support.
  • Compliance with financial and legal obligations.
  • Fraud prevention and business operations. After the required retention period, your data will be securely deleted or anonymized.

7. Your GDPR Rights

As a data subject under GDPR, you have the right to:

  • Access: Request a copy of your purchasing data.
  • Correction: Update inaccurate or incomplete data.
  • Erasure: Request deletion of your data, subject to legal requirements.
  • Restriction: Limit how we process your data.
  • Objection: Opt out of direct marketing.
  • Data Portability: Request transfer of your purchasing data.

 

To exercise your rights, contact us at [Info@winterfoldgroup.com].

8. Data Security

We implement industry-standard security measures to protect purchasing data, including encryption, secure servers, and access controls. However, no online transaction is entirely risk-free, and we recommend using strong passwords and secure networks.

9. Changes to This Policy

We may update this policy periodically to reflect regulatory or business changes. Any updates will be posted on this page with a revised effective date.

10. Contact Us

If you have any questions regarding this Purchasing Data Policy, please contact: 

Company: Winterfold Group Ltd
Email: [Info@winterfoldgroup.com]
Office: 20 Wenlock Road, London. N1 7GU. United Kingdom

Linkedin
Privacy Policy
Legal
Cookies
Purchasing Data

Copyright © 2025 Winterfold Group Ltd. All rights reserved.