Search products
£0.00 0

Shopping Cart (0 items)

Continue shopping

Privacy Policy

Resources / Privacy Policy

Last updated: 25th November 2025

Perfectly Legal Vaporizer Supplies (“we”, “us”, “our”) is committed to protecting your personal data. This Privacy Policy explains what information we collect, how we use it, our legal bases for processing, how long we keep it, and your rights under the UK GDPR.

1. What Information We Collect

We may collect and process the following personal data when you interact with us:

Identity & Contact Data

Name, address, email, phone number, date of birth (if provided).

Account & Transaction Data

Login details, order history, saved addresses, preferences, products purchased, billing/delivery details.

Payment Data

Payment information (processed securely via WooCommerce and its authorised payment gateways — we do not store full card details).

Technical Data

IP address, browser type, device information, pages visited, referring pages, and cookie data.

Communications & Interactions

Messages, enquiries, reviews, survey responses, and complaints.

Marketing & Preferences Data

Your choices about receiving communications and personalised recommendations.

Third-Party or Public Data

Information shared with us by service providers you authorise, or publicly available data where lawful.

 

2. Legal Bases for Processing (UK GDPR)

Under the UK GDPR, we process your personal data based on the following justifications:

Consent

When you opt-in to marketing emails, cookies, competitions, or surveys.

Contract

To process orders, deliver products, manage returns, handle support enquiries, and maintain your account.

Legal Obligation

To comply with legal requirements, such as fraud prevention, tax, accounting, or law-enforcement requests.

Legitimate Interests

To operate and improve our business in ways you would reasonably expect and that do not override your rights. Examples include:

  • Personalising your browsing and shopping experience.
  • Monitoring website performance and preventing fraud.
  • Sending relevant offers (where legally permitted).
  • Improving products, services, and customer support.

You can object to processing based on legitimate interests at any time.

 

3. How We Use Your Personal Data

We use your data to:

  • Process and deliver your orders.
  • Manage payments and prevent fraud.
  • Respond to enquiries, complaints, and support requests.
  • Personalise your online experience and product recommendations.
  • Send relevant marketing communications (with consent).
  • Notify you about changes to our policies or services.
  • Operate, maintain, and secure our website.
  • Administer competitions, promotions, and surveys.
  • Improve our products, services, and website performance.
  • Please Note: If you choose not to provide certain essential information (e.g., delivery address), we may not be able to provide the requested service.

 

4. How We Process Payments (WooCommerce)

Payments are processed via WooCommerce and its trusted third-party payment gateways (such as PayPal, Stripe, etc.). These providers process your payment information securely and in compliance with PCI-DSS standards.

We never store full card details on our servers.

 

5. Cookies

We use cookies and similar technologies for several reasons:

  • To operate essential website functions.
  • To analyse website performance.
  • To remember your preferences.
  • To enable personalisation and relevant offers.

You can manage or disable cookies in your browser settings. Essential cookies cannot be disabled as they are required for the website to function.

 

6. Sharing Your Personal Data

We only share your personal data with trusted service providers such as:

  • Payment processors.
  • IT and hosting providers.
  • Delivery couriers.
  • Marketing platforms (with your consent).
  • Analytics providers (e.g., Google Analytics).
  • Legal or regulatory bodies, where required by law.
  • Fraud prevention and security partners.

We only share the minimum data necessary, and service providers may only use your data for the purpose we specify. We do not sell your personal data.

 

7. International Transfers

Some of our service providers operate outside the UK.

Where this occurs, we ensure appropriate safeguards are in place (such as the UK International Data Transfer Agreement or adequacy regulations).

 

8. Data Security

We take data security seriously and apply appropriate technical and organisational measures, including:

  • HTTPS encrypted website.
  • SSL/TLS encryption for sensitive data.
  • Secure servers and restricted access.
  • Regular security monitoring and updates.
  • Industry-standard payment security via PCI-DSS compliant gateways.

 

9. Data Retention

We keep your personal data only as long as necessary for the purposes collected, including:

Orders: Retained for 7 years (or longer where legally required).

Warranty-related information: Kept for the duration of the warranty period.

Marketing data: Retained until you opt out or request deletion.

Account data: Retained while your account is active and for a reasonable period after closure.

After retention periods, data is securely deleted or anonymised.

 

10. Your UK GDPR Rights

You have the right to:

  • Access the personal data we hold about you.
  • Correct inaccurate or incomplete data.
  • Delete your data (in certain circumstances).
  • Restrict how we use your data.
  • Object to processing based on legitimate interests or direct marketing.
  • Withdraw consent at any time.
  • Data portability where applicable.
  • Request human review of automated decisions.

To exercise these rights, contact us using the details below. We may request proof of identity for security purposes.

 

11. Direct Marketing Preferences

You can stop receiving marketing communications by:

  • Clicking “unsubscribe” in any email.
  • Changing preferences in your account.
  • Contacting us directly.
  • Please note: You will still receive essential service emails (such as order updates).

 

12. Complaints

If you feel that your data has not been handled correctly, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO).

  • You can contact them by calling 0303 123 1113 or go online to www.ico.org.uk/concerns.
  • If you are based outside the UK, you have the right to lodge your complaint with the relevant data protection regulator in your country of residence.

 

13. Contact Us

If you have questions, concerns, or wish to exercise your rights, please see our contact us page.

 

14. Changes to This Policy

We may update this Privacy Policy from time to time. Any significant changes will be posted on this page. Continued use of our website constitutes acceptance of the latest version.

 

Menu
Search products
Back to Top