# G-TEK IT Limited – Privacy Policy
Trading as: G-TEK Computers & Electronics
Last updated: June 2026
Effective date: 7 June 2026
---
## 1. INTRODUCTION
1.1 Who we are: G-TEK IT Limited (trading as G-TEK Computers & Electronics) is a computer hardware and electronics retailer based in Ecclesfield, Sheffield, S35 9YY, UK.
1.2 What this policy covers: This Privacy Policy explains how we collect, use, store, and protect your personal data when you:
- Purchase products from our website (gtekit.co.uk)
- Use our repair services
- Subscribe to our newsletter or marketing communications
- Visit our website generally
1.3 Our commitment: We take data protection seriously. We comply with the UK GDPR (General Data Protection Regulation) and the Data Protection Act 2018. This policy is transparent about what we do with your information.
1.4 Contact us: If you have questions about this policy or how we handle your data, see section 14 for contact details.
---
## 2. WHAT DATA WE COLLECT
2.1 Data you provide directly:
When you make a purchase or use our services, we collect:
- Contact information: Name, email address, phone number, postal address
- Payment information: Billing address, card details (processed securely by Stripe; we do not store card numbers)
- Order information: What you bought, when, order history, delivery preferences
- Account information: If you create a user account, login credentials, saved addresses, order history
- Repair service data: If you use our repair services, device details (make, model, serial number), fault descriptions, photos, and any data stored on devices you submit (see section 2.5)
- Communications: Any messages you send us via email, contact forms, or support tickets
2.2 Data collected automatically via your website visit:
When you visit gtekit.co.uk, we (and our partners) automatically collect:
- Google Analytics: Your IP address, browser type, pages visited, time spent on site, referral source, device type. This helps us understand how visitors use our site.
- WordPress/WooCommerce: Server logs record your IP, timestamps, pages accessed, and errors. Cookies may be set for cart and session management.
- Cookies: See section 6 for details.
2.3 Data for marketing (optional):
If you sign up to our newsletter or opt into marketing communications, we collect and store:
- Your email address
- Your name
- Your marketing preferences (which types of emails you've consented to receive)
This data is processed by Mailchimp on our behalf.
2.4 Payment processing:
Your payment information (credit/debit card) is never stored by us. It is processed securely by Stripe, our payment gateway provider. Stripe handles all card data encryption and PCI compliance. We only store:
- Transaction ID
- Amount paid
- Payment status
- Last 4 digits of card (if Stripe provides it for receipts)
2.5 Data on repair devices (if applicable):
If you submit a device (laptop, gaming console, etc.) for repair:
- We collect data about the device (make, model, serial number, fault description)
- We do not intentionally access, read, or copy your personal data stored on the device.
- However, we may encounter files, emails, or settings during diagnosis or repair. We treat this data as confidential and do not use it for any purpose other than completing your repair.
- You are responsible for backing up sensitive data before submitting your device. We are not liable for data loss.
- After repair completion and your collection of the device, we do not retain copies of your device data.
---
## 3. LEGAL BASIS FOR PROCESSING
We only process your data where we have a lawful basis under UK GDPR. These are:
3.1 Contract: To fulfil your order or provide repair services (section 6 of UK GDPR)
- Name, address, email, phone, payment info, order history
3.2 Legal obligation: To comply with tax law, accounting records, and anti-fraud measures
- Invoice records, order history (retained for 6 years for tax compliance)
3.3 Legitimate interest: To improve our services, prevent fraud, and run our business fairly
- Analytics data (how our site is used)
- Communication history (to resolve disputes)
3.4 Consent: For marketing emails and non-essential cookies
- Newsletter subscription (you opt in and can opt out anytime)
- Google Analytics (set via Complianz cookie consent banner)
3.5 Vital interests: If you submit a device with personal data on it, we may access data only to the extent necessary to diagnose and repair it.
---
## 4. HOW WE USE YOUR DATA
4.1 To process your order:
- Verify payment
- Arrange delivery
- Send order confirmations and shipping updates
- Handle returns and warranty claims
- Issue invoices and receipts
4.2 To provide repair services:
- Diagnose faults
- Perform repairs
- Provide quotes and updates
- Track repair status
- Issue invoices
4.3 To improve our website and services:
- Analyse user behaviour via Google Analytics
- Identify technical issues
- Test new features
- Understand customer preferences (anonymously)
4.4 For marketing (with your consent):
- Send newsletter emails (via Mailchimp)
- Inform you of new products, promotions, or sales
- Ask for feedback or reviews
- You can unsubscribe anytime by clicking the link in any email or contacting us
4.5 For legal and safety:
- Comply with tax, accounting, and legal requirements
- Detect and prevent fraud
- Enforce our Terms & Conditions
- Defend ourselves in disputes or legal claims
4.6 We do NOT:
- Sell your personal data to third parties
- Share your data with unrelated businesses for their own marketing
- Use your data for automated decision-making or profiling (no algorithmic targeting)
---
## 5. WHO HAS ACCESS TO YOUR DATA
Your data is only shared with:
5.1 Service providers (who process data on our behalf under strict contracts):
- Stripe: Payment processing
- Mailchimp: Newsletter and marketing emails (if you opt in)
- Google Analytics: Website analytics
- Hostinger: Website hosting and email (your data is stored on Hostinger's servers)
- Royal Mail / Courier services: Delivery of your order (they see your name and address)
5.2 Legal requirements:
- We may disclose data if required by law, court order, or police/tax authorities.
5.3 Business transfer:
- If G-TEK IT Limited is sold or restructured, your data may transfer to the new owner. We will notify you if this happens.
5.4 Your consent:
- We will never share your data without your explicit permission, except as stated above.
---
## 6. COOKIES AND TRACKING
6.1 What are cookies?
Cookies are small text files stored on your device when you visit our website. They help remember your preferences, keep you logged in, and track how you use our site.
6.2 Types of cookies we use:
| Type | Purpose | Provider | Consent Required? |
|---|---|---|---|
| Essential | Keep your session active, secure login, shopping cart | WordPress/WooCommerce | No |
| Analytics | Understand how visitors use our site, traffic sources, pages visited | Google Analytics | Yes (via Complianz) |
| Marketing | Remember that you've seen ads or emails (if you opt in to marketing) | Mailchimp | Yes |
| Third-party | External services like Stripe, Google, may set their own cookies | Various | Yes (mostly) |
6.3 Cookie consent:
- We use Complianz to manage cookie consent on our website.
- When you first visit, you'll see a cookie banner asking whether you consent to analytics and marketing cookies.
- Essential cookies (for the website to work) do not require consent.
- You can change your cookie preferences anytime by clicking the cookie settings link at the bottom of our website (once Complianz is fully set up).
6.4 Disabling cookies:
- Most browsers allow you to disable cookies. However, disabling essential cookies may prevent our website from working properly.
---
## 7. DATA RETENTION
How long we keep your data depends on why we collected it:
| Data Type | Retention Period | Reason |
|---|---|---|
| Order & invoice data | 6 years | UK tax law requires us to keep business records for 6 years |
| Payment records | 6 years | Accounting and compliance |
| Customer contact info (non-orders) | 3 years | To respond to enquiries and prevent fraud |
| Newsletter subscribers | Until you unsubscribe | You can unsubscribe anytime; we delete inactive subscribers after 12 months of no engagement (optional, we'll follow Mailchimp's defaults) |
| Website analytics | 26 months | Google Analytics default retention; older data is automatically deleted |
| Repair device data | Until device collection | We delete any data encountered on repair devices once you collect your device |
| Support/complaint records | 3 years | To resolve disputes and improve service |
| Cookie consent records | 1 year | To respect your preferences |
If you request deletion (see section 8), we will delete your data as soon as possible, except where we have a legal obligation to retain it (e.g., tax records).
---
## 8. YOUR RIGHTS
Under UK GDPR, you have the right to:
8.1 Access your data
- You can request a copy of all personal data we hold about you. We will provide it within 30 days at no cost.
8.2 Correct your data
- If your data is inaccurate or incomplete, you can ask us to update it.
8.3 Delete your data ("Right to be Forgotten")
- You can request we delete your data, except where we have a legal obligation to keep it (e.g., tax records, ongoing disputes).
8.4 Restrict processing
- You can ask us to limit how we use your data while you're disputing accuracy or lodging a complaint.
8.5 Data portability
- You can request your data in a structured, portable format (e.g., CSV) so you can move it to another service.
8.6 Object to processing
- You can object to us using your data for marketing, profiling, or legitimate interests.
8.7 Withdraw consent
- If you've given consent for marketing or cookies, you can withdraw it anytime (e.g., unsubscribe from newsletters, change cookie settings).
To exercise any of these rights, contact us (section 14). We will respond within 30 days.
---
## 9. SECURITY
9.1 How we protect your data:
- All data transmitted to us (e.g., during checkout) is encrypted using SSL/TLS (you'll see a padlock icon in your browser).
- Payment data is processed by Stripe, a PCI-DSS-certified payment provider; we do not store card details.
- We use secure passwords and access controls to limit who can view your data.
- Our website is hosted on Hostinger's secure servers with regular backups.
9.2 What we cannot guarantee:
- No security is 100% foolproof. While we take reasonable steps to protect your data, we cannot guarantee it will never be breached.
- You are responsible for keeping your login password confidential.
9.3 Data breach:
- If we discover a breach affecting your personal data, we will notify you without undue delay (usually within 72 hours) and inform the Information Commissioner's Office (ICO) if required by law.
---
## 10. THIRD-PARTY LINKS AND SERVICES
10.1 Our website may contain links to external sites (e.g., manufacturers, partners). We are not responsible for their privacy practices.
10.2 This Privacy Policy only applies to gtekit.co.uk. If you click a link to another site, read their privacy policy.
---
## 11. INTERNATIONAL DATA TRANSFERS
11.1 Your data is primarily stored in the UK and EU (via Hostinger). If we use service providers outside the UK/EU (e.g., Stripe, Google), we ensure they are certified under appropriate safeguards (e.g., Standard Contractual Clauses under UK GDPR).
11.2 By using our website and services, you consent to your data being processed and stored as described.
---
## 12. CHILDREN'S PRIVACY
12.1 Our website and services are not intended for children under 13. We do not knowingly collect data from children.
12.2 If we become aware that a child has provided data, we will delete it immediately.
12.3 If you are a parent/guardian and believe your child has provided data, contact us immediately (section 14).
---
## 13. CHANGES TO THIS POLICY
13.1 We may update this Privacy Policy to reflect changes in law, technology, or our practices.
13.2 When we make significant changes, we will:
- Update the "Last updated" date at the top
- Notify you by email (if you're a customer) or via our website
- Request your consent again if required by law
13.3 Your continued use of our website after changes means you accept the updated policy.
---
## 14. CONTACT US & DATA PROTECTION RIGHTS
To exercise your data protection rights, ask privacy questions, or report a concern:
Email: mail@gtekit.co.uk
Phone: 01142 990588
Mailing address:
G-TEK IT Limited (Trading as G-TEK Computers & Electronics)
Ecclesfield, Sheffield, S35 9YY, UK
Response time: We will respond to data requests within 30 days.
---
## 15. INFORMATION COMMISSIONER'S OFFICE (ICO)
If you believe we have breached your data protection rights and our response is unsatisfactory, you have the right to lodge a complaint with the ICO (the UK's independent authority for data protection):
Website: www.ico.org.uk
Phone: 0303 123 1113
---
## 16. GLOSSARY
UK GDPR: The UK's version of the General Data Protection Regulation (retained EU law post-Brexit)
Data Controller: The entity (G-TEK IT Limited) that decides why and how your data is processed
Data Processor: A service provider (e.g., Stripe, Mailchimp) that processes data on our behalf
Personal Data: Any information that identifies or relates to you (name, email, IP address, etc.)
Processing: Any action taken with data (collecting, storing, using, sharing, deleting)