TrueBuy GDPR Compliance Policy

Effective Date: April 22, 2025

At TrueBuy.co.uk, we are committed to protecting your personal data and complying with the General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) and the UK GDPR as applicable.
This policy explains how we collect, use, store, and protect your information.

1. Data Controller

TrueBuy (operated by OmniEx LTD) is the Data Controller responsible for your personal information.
For questions, please contact us at support@truebuy.co.uk.

2. What Data We Collect

We may collect and process the following personal data:

• Name

• Email address

• Billing and shipping address

• Phone number

• Payment information (handled securely by Stripe or PayPal)

• IP address, device information, and browsing behavior (via cookies)

3. Legal Basis for Processing

We process your data based on one or more of the following legal grounds:

• Contractual necessity: To fulfill and deliver your orders.

• Consent: For marketing communications (only when you opt-in).

• Legitimate interests: To improve our services, prevent fraud, and ensure security.

• Legal obligation: To comply with applicable laws and tax requirements.

4. How We Use Your Data

We use your data to:

• Process your orders and manage your account.

• Communicate with you about your purchases.

• Send marketing emails (if you have opted-in).

• Improve our website functionality and customer experience.

• Prevent fraud and secure our services.

5. Data Sharing

We only share your personal data with:

• Payment providers (Stripe, PayPal) for secure transactions.

• Delivery couriers to ship your orders.

• Marketing platforms (only if you consent to receive promotional emails).

• Legal authorities if required by law.

We do not sell or rent your personal information.

6. Data Retention

• We retain your data only as long as necessary to fulfill the purposes we collected it for.

• Typically, order records are kept for 6 years to comply with tax and legal obligations.

• You may request deletion of your personal data at any time (see Section 8).

7. International Data Transfers

• We primarily store your data within the United Kingdom (UK) or the European Economic Area (EEA).

• If data is transferred outside the UK or EEA, we ensure appropriate safeguards are in place.

8. Your Rights Under GDPR

You have the following rights:

• Access: Request a copy of your personal data.

• Rectification: Request correction of incorrect or incomplete data.

• Erasure ("Right to be forgotten"): Request deletion of your data.

• Restriction: Request the restriction of processing under certain circumstances.

• Data Portability: Request transfer of your data to another provider.

• Objection: Object to processing based on legitimate interests or direct marketing.

• Withdraw Consent: You may withdraw consent at any time for marketing communications.

To exercise any of these rights, contact us at support@truebuy.co.uk.

9. Cookies

We use cookies to enhance your browsing experience and analyze website traffic.
Please see our full Cookies Policy for details.

10. Marketing Communications

• You will only receive marketing emails if you have opted-in.

• You can opt-out at any time by clicking "unsubscribe" at the bottom of any email or contacting us directly.

11. Security of Your Data

We use appropriate technical and organizational measures to protect your personal data against unauthorized access, loss, or destruction.

12. Complaints

If you believe we have not handled your data correctly, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO) (www.ico.org.uk) or your local data protection authority.

---

Contact Us

If you have any questions about this GDPR Policy or your personal data, please contact:

TrueBuy Customer Service
Email: support@truebuy.co.uk
Website: https://truebuy.co.uk