top of page

PRIVACY POLICY

1. INTRODUCTION

This privacy policy sets out how we collect, process, and hold your personal data if you visit our website or otherwise provide personal data to us.  We are Bison&Beam LTD company incorporated under the laws of England with company number 16835260 whose registered office is Peppard Road, Emmer Green, RG4 8UZ, Reading, UK. We are the data controller of your personal data.

This policy affects your legal rights and obligations so please read it carefully. If you have any questions, please contact us at contact@bisonandbeam.co.uk or call us on +44 7512300908.

 

2. WHAT DATA DO WE COLLECT

We may collect, store and use the following categories of data:
A. Identity – name, title.
B. Contact – billing/delivery address, email, phone number.
C. Financial – payment-card last-four digits, expiry date, tokenised payment ID (we never store full card numbers).
D. Transaction – products bought, order value, discount codes, returns.
E. Technical – IP address, browser type/version, time-zone, device identifiers, operating system.
F. Profile – username & password, wish-list items, measurement preferences, marketing preferences.
G. Usage – page response times, length of visit, page interaction, navigation paths.
H. Marketing & Communications – records of whether you have opted-in or opted-out.
We do NOT intentionally collect “special category” data (e.g. health, race, religion). If you volunteer it (for example, accessibility requirements for delivery) we will treat it as explicit consent and store it only for the stated purpose.​

 

3. HOW WE COLLECT DATA

Direct – ordering, account registration, newsletter sign-up, contact form, live-chat, competition entry, finance application, phone, email or social-media DM.
Automated – cookies, server logs, pixel tags, Google Analytics, Meta/Facebook pixel (see §9).
Third parties – credit-reference agencies (for trade accounts), fraud-prevention services, advertising networks, publicly available sources such as Companies House.

 

4. MARKETING COMMUNICATIONS 

If you agree to receive marketing communications from us you consent to the processing of your data to send you such communications, which may include newsletters and information about new features or products together with information about changes to this policy.   We retain evidence of the details of your consent.

You can choose to no longer receive marketing communications by contacting us at contact@bisonandbeam.co.uk  or clicking unsubscribe from a marketing email. If you do unsubscribe to marketing communications, it may take up to 5 business days for your new preferences to take effect. We shall therefore retain your personal data in our records for marketing purposes until you notify us that you no longer wish to receive marketing emails from us.

 

5. LAWFUL BASES FOR PROCESSING

We only process personal data when the law allows us. The main bases we rely on are:
a) Contract – to take payment, produce, ship and insure your order.
b) Legitimate Interests – fraud screening, network security, improving products, marketing to existing customers (soft opt-in), debt recovery.
c) Consent – sending marketing e-mails or SMS to non-customers, placing non-essential cookies on your device.
d) Legal Obligation – VAT, anti-money-laundering and company-law record keeping.

 

6. HOW WE USE YOUR DATA (PURPOSES)

  • Process & deliver orders, replacements or refunds.

  • Take and refund payments; manage fees, charge-backs and debt collection.

  • Notify you about order status, safety recalls or policy changes.

  • Maintain technical & operational security of our website and apps.

  • Respond to reviews, comments or customer-service enquiries.

  • Conduct analytics, A/B testing and statistical research.

  • Send marketing communications (newsletters, promotions, new product launches) where permitted.

  • Display personalised adverts on third-party platforms (e.g. Facebook, Instagram, Google) using hashed or pixel-based audiences.

  • Defend or establish legal claims.

 

7. WHERE WE HOLD AND PROCESS YOUR PERSONAL DATA

Some or all of your personal data may be stored or transferred outside of the European Economic Area (the EEA) for any reason, including for example, if our email server is located in a country outside the EEA or if any of our service providers are based outside of the EEA.  We shall only transfer your personal data to organisations that have provided adequate safeguards in respect of your personal data.

 

8. SECURITY 

We shall process your personal data in a manner that ensures appropriate security of the personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction, or damage, using appropriate technical or organisational measures. All information you provide to us is stored on our secure servers.  Any payment transactions are encrypted using SSL technology.

Where we have given, or you have chosen a password, you are responsible for keeping this password confidential.

However, you acknowledge that no system can be completely secure. Therefore, although we take these steps to secure your personal data, we do not promise that your personal data will always remain completely secure.

 

9. DISCLOSURES TO THIRD PARTIES

We may share data with:
• Service providers – web host (Wix/WooCommerce), courier (DPD, Royal Mail), payment gateway (Stripe, PayPal), e-mail platform (PD Hosting, MailerLite), cloud storage (Google Workspace, AWS), review engine (Trustpilot/ Wix), IT support, accountants, insurers and auditors.
• Credit-reference and fraud-prevention agencies (for trade or finance applications).
• Advertising & analytics partners – Google, Meta, Microsoft, TikTok (data is hashed or aggregated where possible).
• Professional advisers – lawyers, bankers, insurers.
• Regulators, police or tax authorities when legally compelled.
All third-party processors are contractually bound to use data only for the agreed purpose and to apply security standards at least as strict as our own.

 

10. RETENTION

We will retain your personal data for as long as you remain a customer on the website portal.

If you have consented to receive marketing communication, we shall retain your email address until you opt-out of receiving such communications.

If you otherwise contacted us with a question or comment, we shall retain your personal data for 6 months following such contact to respond to any further queries you might have.

 

11. COOKIES

We use the following cookie categories:
Essential – basket, checkout, account log-in, fraud detection.
Functional – language, currency, saved room measurements.
Analytics – Google Analytics 4, Wix.com, Shopify analytics (anonymised IPs).
Marketing – Facebook/Meta pixel, Google Ads remarketing.
You can manage non-essential cookies via the pop-up banner or browser settings.

 

12. NO GUARANTEES 

While this Privacy Policy states our standards for maintenance of Data and we will make efforts to meet them, we are not in a position to guarantee these standards. There may be factors beyond our control that may result in disclosure of data. As a consequence, we disclaim any warranties or representations relating to maintenance or nondisclosure of Data.

 

Contact
bottom of page