1. Introduction
Diazmovie UK Ltd ("we", "us", "our") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, share, and protect your personal data when you visit our website, purchase our products, or interact with our services.
We are a UK-based company registered in England and Wales (Company Number: 13874562) and comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
2. Information We Collect
2.1 Personal Information You Provide
We collect the following personal information when you interact with us:
- Name and contact details: Full name, email address, phone number, postal address
- Account information: Username, password (encrypted), purchase history
- Payment information: Payment card details (processed securely by third-party payment processors)
- Communication: Messages you send to us, customer service interactions
- Preferences: Product preferences, marketing preferences, newsletter subscriptions
2.2 Information We Collect Automatically
When you visit our website, we automatically collect:
- Technical information: IP address, browser type, device information, operating system
- Usage data: Pages visited, time spent on pages, click-through patterns
- Cookies and tracking: Cookie identifiers, session data, analytics information
- Location data: Approximate geographic location based on IP address
3. How We Use Your Information
We use your personal information for the following purposes:
- Product and service delivery: Processing orders, arranging delivery, providing customer support
- Communication: Responding to enquiries, sending order confirmations, delivering product updates
- Marketing: Sending promotional emails (with your consent), personalized product recommendations
- Website improvement: Analytics, user experience optimization, A/B testing
- Legal compliance: Fraud prevention, legal obligations, dispute resolution
- Security: Protecting our website, preventing unauthorized access
4. Legal Basis for Processing
We process your personal information based on the following legal grounds under UK GDPR:
- Contractual necessity: Processing required to fulfill our contract with you (e.g., order processing)
- Legitimate interests: Processing necessary for our legitimate business interests (e.g., marketing, security)
- Consent: Processing based on your explicit consent (e.g., newsletter subscriptions)
- Legal obligation: Processing required by law (e.g., tax records, anti-fraud measures)
5. Cookies and Tracking Technologies
We use cookies and similar tracking technologies to enhance your experience:
- Essential cookies: Required for basic website functionality
- Performance cookies: Help us understand how our website is used
- Functional cookies: Remember your preferences and settings
- Marketing cookies: Used for personalized advertising and retargeting
You can manage your cookie preferences through your browser settings or our cookie consent banner.
6. Data Sharing and Third Parties
We share your personal information with the following categories of third parties:
- Payment processors: Secure payment processing (Stripe, PayPal)
- Delivery services: Order fulfillment and delivery (Royal Mail, DHL)
- Marketing platforms: Email marketing, analytics (Mailchimp, Google Analytics)
- IT service providers: Website hosting, cloud services, security
- Legal authorities: When required by law or court order
We ensure all third parties provide adequate protection for your personal data and only share information necessary for the specified purpose.
7. International Data Transfers
As a UK-based company, we primarily store and process your data within the United Kingdom. Where we use international service providers, we ensure:
- Adequacy decisions from the UK government for the destination country
- Standard contractual clauses approved by the UK ICO
- Appropriate security measures and data protection agreements
8. Data Retention
We retain your personal information for different periods depending on the purpose:
- Order records: 6 years (for tax and legal purposes)
- Customer accounts: Until you request deletion
- Marketing data: Until you unsubscribe or withdraw consent
- Analytics data: 26 months (anonymized where possible)
- Support communications: 3 years
9. Your Rights
Under UK GDPR, you have the following rights regarding your personal information:
- Right to access: Request a copy of your personal data
- Right to rectification: Correct inaccurate personal data
- Right to erasure: Request deletion of your personal data
- Right to restriction: Limit how we use your personal data
- Right to data portability: Receive your data in a machine-readable format
- Right to object: Object to processing based on legitimate interests
- Right related to automated decision-making: Protection from automated decisions
10. Security Measures
We implement robust security measures to protect your personal information:
- SSL/TLS encryption for all data transmissions
- Secure password hashing and storage
- Regular security audits and penetration testing
- Access controls and authentication systems
- Employee training on data protection
- Incident response procedures
11. Children's Privacy
Our services are not intended for children under 18 years of age. We do not knowingly collect personal information from children under 18. If we become aware that we have collected personal information from a child under 18, we will take steps to delete such information immediately.
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or business operations. We will notify you of any material changes by:
- Posting the updated policy on our website
- Sending an email notification for significant changes
- Displaying a prominent notice on our website