1. Introduction
JOHNCOMPUTERS LTD ("we", "us", "our") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal data when you visit our website (johncomputers.co.uk) or purchase our products and services. We are registered in England & Wales (Company No. 17226886) with our registered office at 66 Paul Street, London, EC2A 4NA, United Kingdom.
2. Information We Collect
Personal information you provide
- Name, email address, phone number, and billing/delivery address.
- Payment information (handled securely by our payment processors; we do not store card details).
- Account credentials if you create an account with us.
- Communications you send to us (emails, contact form submissions, support tickets).
Information collected automatically
- IP address, browser type and version, device information, and operating system.
- Usage data: pages visited, time spent, referral sources, and clickstream data.
- Cookies and similar tracking technologies (see Section 5 below).
Information from third parties
- Payment processors (e.g., Stripe) to confirm transactions.
- Shipping and delivery providers to facilitate order fulfilment.
- Analytics providers (e.g., Google Analytics) to understand website usage.
3. How We Use Your Information
- To process and fulfil orders — including payment processing, shipping, and order confirmations.
- To communicate about orders and services — updates, delivery notifications, and support responses.
- To improve our website and services — analysing usage trends, troubleshooting issues, and enhancing user experience.
- For marketing — only with your explicit consent, we may send promotional emails about new products, offers, or services. You can opt out at any time.
- To comply with legal obligations — including tax, accounting, and regulatory requirements.
4. Legal Basis for Processing (GDPR)
Under the UK General Data Protection Regulation (UK GDPR), we rely on the following legal bases:
- Contract necessity — processing is necessary to fulfil our contract with you (e.g., delivering an order).
- Legitimate interests — to improve our services, prevent fraud, and maintain website security.
- Consent — for marketing communications and non-essential cookies. You may withdraw consent at any time.
- Legal obligation — to meet tax, accounting, and other statutory requirements.
5. Cookies and Tracking Technologies
We use cookies and similar technologies to enhance your browsing experience. The types of cookies we use include:
- Essential cookies — necessary for the website to function (e.g., shopping cart, authentication).
- Analytics cookies — help us understand how visitors interact with our site (e.g., Google Analytics).
- Marketing cookies — used to deliver relevant advertisements and measure their effectiveness (only with consent).
You can manage your cookie preferences through your browser settings or our cookie consent banner. For more details, please see our Cookie Policy.
6. Data Sharing and Third Parties
We do not sell your personal data. We may share your data with:
- Payment processors — Stripe processes your payment information securely.
- Shipping/delivery providers — to deliver your orders.
- Service providers — hosting providers, analytics platforms, and IT support services that help us run our business.
- Legal requirements — if required by law, court order, or to protect our rights and safety.
All third-party providers are contractually bound to handle your data securely and only for the purposes we specify.
7. Data Security
We take the security of your personal data seriously. Our measures include:
- Encryption of data in transit using HTTPS and SSL/TLS.
- Access controls limiting who can access personal data within our organisation.
- Payment security — all card payments are processed by Stripe, which is PCI DSS compliant. We do not store card details on our servers.
- Regular security reviews and monitoring of our systems.
8. Your Rights (GDPR)
Under UK GDPR, you have the following rights regarding your personal data:
- Right to access — request a copy of the personal data we hold about you.
- Right to rectification — request correction of inaccurate or incomplete data.
- Right to erasure ("right to be forgotten") — request deletion of your personal data in certain circumstances.
- Right to restrict processing — request that we limit how we use your data.
- Right to data portability — receive your data in a structured, commonly used format.
- Right to object — object to processing based on legitimate interests or direct marketing.
- Right to withdraw consent — withdraw consent at any time where we rely on it.
To exercise any of these rights, please contact us at ukjohncomputers@gmail.com or write to us at 66 Paul Street, London, EC2A 4NA. We will respond within one month.
9. Data Retention
We retain your personal data only for as long as necessary for the purposes outlined in this policy:
- Order records — 6 years (to comply with UK tax and legal obligations).
- Marketing data — until you withdraw your consent or unsubscribe.
- Account data — until you request deletion of your account.
- Website logs — 12 months, after which they are anonymised or deleted.
10. International Transfers
Your personal data is primarily stored and processed within the United Kingdom and European Economic Area (EEA). However, some of our third-party service providers (e.g., Stripe) may process data outside the UK. Where this occurs, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) approved by the UK Information Commissioner's Office (ICO), to protect your data to a standard equivalent to UK GDPR.
11. Children's Privacy
Our website and services are not directed at children under the age of 16. We do not knowingly collect personal data from children under 16. If you believe we have inadvertently collected such data, please contact us immediately at ukjohncomputers@gmail.com and we will take steps to delete it promptly.
12. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or business operations. Any changes will be posted on this page with an updated "Last updated" date. For material changes, we will notify you by email if we have your contact details.