Privacy Policy
We are committed to protecting your personal data and respecting your privacy rights.
Data Controller
Trading Address: 309 Kingstanding Rd, Birmingham B44 9TH
United Kingdom
1. What Information We Collect
Personal Information You Provide
- Name, email address, phone number
- Billing and delivery addresses
- Payment information (processed securely by Stripe)
- Account preferences and communication settings
- Product reviews and ratings
- Customer service correspondence
- Cricket equipment preferences and requirements
Information Collected Automatically
- Device information (browser, operating system)
- Usage data (pages visited, time spent, clicks)
- IP address and location data
- Cookies and similar tracking technologies
- Shopping behavior and preferences
- Website performance and analytics data
2. How We Use Your Information
Contract Performance
We process your data to fulfill our contract with you:
- Process and fulfill cricket equipment orders
- Provide customer support and technical assistance
- Manage your account and order history
- Send order confirmations and delivery updates
- Handle returns, exchanges, and warranties
Consent-Based Processing
With your consent, we use your data for:
- Marketing communications about cricket equipment
- Personalized product recommendations
- Analytics and website optimization
- Social media integration and content sharing
- Newsletter and promotional emails
Legitimate Interests
We may process your data for our legitimate business interests:
- Fraud prevention and security monitoring
- Website performance optimization
- Business analytics and inventory management
- Legal compliance and dispute resolution
- Improving cricket equipment recommendations
3. Cookies and Tracking Technologies
We use cookies to improve your browsing experience and provide personalized services. Our cookie categories include:
Required for basic website functionality and shopping cart
Help us understand website usage and improve performance
Enable targeted advertising and product recommendations
You can manage your cookie preferences at any time through our cookie settings banner or by contacting us directly.
4. How We Share Your Information
We do not sell your personal data. We may share information with:
Service Providers
- Stripe (payment processing)
- Royal Mail / DPD / Hermes (shipping and delivery)
- Supabase (database and authentication services)
- Vercel (website hosting)
- Sentry (error monitoring and performance tracking)
- Email service providers for order confirmations
Legal Requirements
We may disclose information when required by UK law or to protect our rights, property, or safety and that of our customers.
Business Transfers
In the event of a merger, acquisition, or sale, your information may be transferred as part of the transaction with appropriate safeguards.
5. Your Rights Under UK GDPR
As a UK resident, you have the following rights regarding your personal data:
Right of Access
Request a copy of your personal data we hold
Right to Rectification
Correct inaccurate or incomplete data
Right to Erasure
Request deletion of your personal data ('right to be forgotten')
Right to Restrict Processing
Limit how we use your data in certain circumstances
Right to Data Portability
Receive your data in a portable, machine-readable format
Right to Object
Object to certain types of data processing
Right to Withdraw Consent
Withdraw consent for marketing communications at any time
How to Exercise Your Rights
To exercise any of these rights, please contact us at privacy@sportsdevil.co.uk or call us on 07897813165. We will respond within 30 days of receiving your request. You may also manage some preferences directly through your account dashboard.
6. Data Retention
We retain your personal data only as long as necessary for the purposes outlined in this policy:
7. Data Security
We implement appropriate technical and organizational measures to protect your data:
- SSL/TLS encryption for all data transmission
- Secure password hashing using industry standards
- Regular security audits and vulnerability assessments
- Staff training on data protection and privacy
- PCI DSS compliant payment processing via Stripe
- Regular secure data backups and disaster recovery procedures
- Access controls limiting data access to authorized personnel only
- Secure hosting infrastructure with 24/7 monitoring
8. International Data Transfers
Some of our service providers may be located outside the UK. When we transfer your data internationally, we ensure adequate protection through:
- Adequacy decisions by UK authorities (where applicable)
- Standard Contractual Clauses (SCCs) approved by UK authorities
- Provider certification schemes (e.g., Privacy Shield successors)
- Binding Corporate Rules for multinational service providers
- Other appropriate safeguards as required by UK GDPR
Key Service Provider Locations
Stripe: EU/UK processing with appropriate safeguards
Supabase: EU-based servers with UK data residency options
Vercel: EU hosting with data processing agreements
9. Children's Privacy
Our services are not intended for children under 13. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately at privacy@sportsdevil.co.uk and we will take steps to remove such information.
For children aged 13-16, we require parental consent for certain data processing activities in accordance with UK GDPR requirements.
10. Changes to This Policy
We may update this privacy policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by:
- Posting the updated policy on our website
- Updating the "last updated" date at the top of this policy
- Sending email notifications for significant changes (where we have your consent)
- Displaying prominent notices on our website
Your continued use of our services after such changes constitutes acceptance of the updated policy.
11. Contact Us
If you have any questions about this privacy policy, our data practices, or wish to exercise your rights, please contact us:
Supervisory Authority
You have the right to lodge a complaint with the Information Commissioner's Office (ICO) if you believe we have not handled your personal data properly. You can contact the ICO:
Website: ico.org.uk
Helpline: 0303 123 1113
Address: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF