Privacy Policy

We are committed to protecting your personal data and respecting your privacy rights.

Last updated: 22 August 2025

Data Controller

Sports Devil
Trading Address: 309 Kingstanding Rd, Birmingham B44 9TH
United Kingdom
Privacy Contact: privacy@sportsdevil.co.uk
General Contact: 07897813165
General Email: info@sportsdevil.co.uk
ICO Registration: [Pending Registration]

1. What Information We Collect

Personal Information You Provide

  • Name, email address, phone number
  • Billing and delivery addresses
  • Payment information (processed securely by Stripe)
  • Account preferences and communication settings
  • Product reviews and ratings
  • Customer service correspondence
  • Cricket equipment preferences and requirements

Information Collected Automatically

  • Device information (browser, operating system)
  • Usage data (pages visited, time spent, clicks)
  • IP address and location data
  • Cookies and similar tracking technologies
  • Shopping behavior and preferences
  • Website performance and analytics data

2. How We Use Your Information

Contract Performance

We process your data to fulfill our contract with you:

  • Process and fulfill cricket equipment orders
  • Provide customer support and technical assistance
  • Manage your account and order history
  • Send order confirmations and delivery updates
  • Handle returns, exchanges, and warranties

Consent-Based Processing

With your consent, we use your data for:

  • Marketing communications about cricket equipment
  • Personalized product recommendations
  • Analytics and website optimization
  • Social media integration and content sharing
  • Newsletter and promotional emails

Legitimate Interests

We may process your data for our legitimate business interests:

  • Fraud prevention and security monitoring
  • Website performance optimization
  • Business analytics and inventory management
  • Legal compliance and dispute resolution
  • Improving cricket equipment recommendations

3. Cookies and Tracking Technologies

We use cookies to improve your browsing experience and provide personalized services. Our cookie categories include:

Essential Cookies

Required for basic website functionality and shopping cart

Always Active
Performance Cookies

Help us understand website usage and improve performance

Optional
Marketing Cookies

Enable targeted advertising and product recommendations

Optional

You can manage your cookie preferences at any time through our cookie settings banner or by contacting us directly.

4. How We Share Your Information

We do not sell your personal data. We may share information with:

Service Providers

  • Stripe (payment processing)
  • Royal Mail / DPD / Hermes (shipping and delivery)
  • Supabase (database and authentication services)
  • Vercel (website hosting)
  • Sentry (error monitoring and performance tracking)
  • Email service providers for order confirmations

Legal Requirements

We may disclose information when required by UK law or to protect our rights, property, or safety and that of our customers.

Business Transfers

In the event of a merger, acquisition, or sale, your information may be transferred as part of the transaction with appropriate safeguards.

5. Your Rights Under UK GDPR

As a UK resident, you have the following rights regarding your personal data:

Right of Access

Request a copy of your personal data we hold

Right to Rectification

Correct inaccurate or incomplete data

Right to Erasure

Request deletion of your personal data ('right to be forgotten')

Right to Restrict Processing

Limit how we use your data in certain circumstances

Right to Data Portability

Receive your data in a portable, machine-readable format

Right to Object

Object to certain types of data processing

Right to Withdraw Consent

Withdraw consent for marketing communications at any time

How to Exercise Your Rights

To exercise any of these rights, please contact us at privacy@sportsdevil.co.uk or call us on 07897813165. We will respond within 30 days of receiving your request. You may also manage some preferences directly through your account dashboard.

6. Data Retention

We retain your personal data only as long as necessary for the purposes outlined in this policy:

Account DataUntil account deletion requested
Order History7 years (UK tax and accounting requirements)
Marketing Consent3 years from last interaction or until withdrawn
Analytics Data26 months (Google Analytics standard)
Session Data30 days or until session ends
CCTV (Store)30 days (security purposes only)

7. Data Security

We implement appropriate technical and organizational measures to protect your data:

  • SSL/TLS encryption for all data transmission
  • Secure password hashing using industry standards
  • Regular security audits and vulnerability assessments
  • Staff training on data protection and privacy
  • PCI DSS compliant payment processing via Stripe
  • Regular secure data backups and disaster recovery procedures
  • Access controls limiting data access to authorized personnel only
  • Secure hosting infrastructure with 24/7 monitoring

8. International Data Transfers

Some of our service providers may be located outside the UK. When we transfer your data internationally, we ensure adequate protection through:

  • Adequacy decisions by UK authorities (where applicable)
  • Standard Contractual Clauses (SCCs) approved by UK authorities
  • Provider certification schemes (e.g., Privacy Shield successors)
  • Binding Corporate Rules for multinational service providers
  • Other appropriate safeguards as required by UK GDPR

Key Service Provider Locations

Stripe: EU/UK processing with appropriate safeguards

Supabase: EU-based servers with UK data residency options

Vercel: EU hosting with data processing agreements

9. Children's Privacy

Our services are not intended for children under 13. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately at privacy@sportsdevil.co.uk and we will take steps to remove such information.

For children aged 13-16, we require parental consent for certain data processing activities in accordance with UK GDPR requirements.

10. Changes to This Policy

We may update this privacy policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by:

  • Posting the updated policy on our website
  • Updating the "last updated" date at the top of this policy
  • Sending email notifications for significant changes (where we have your consent)
  • Displaying prominent notices on our website

Your continued use of our services after such changes constitutes acceptance of the updated policy.

11. Contact Us

If you have any questions about this privacy policy, our data practices, or wish to exercise your rights, please contact us:

Privacy Enquiries: privacy@sportsdevil.co.uk
General Enquiries: info@sportsdevil.co.uk
Phone: 07897813165
Address: 309 Kingstanding Rd, Birmingham B44 9TH, UK

Supervisory Authority

You have the right to lodge a complaint with the Information Commissioner's Office (ICO) if you believe we have not handled your personal data properly. You can contact the ICO:

Website: ico.org.uk

Helpline: 0303 123 1113

Address: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF