Privacy policy

EDJ VNTGE operates this website and is committed to protecting the privacy and security of all users. This Privacy Policy explains who we are, how and why we collect, use, store and share personal information, your legal rights in relation to that information, and how you can contact us or relevant supervisory authorities if you have a concern. EDJ VNTGE acts as the data controller for the purposes of the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, meaning we are responsible for determining how and why your personal data is processed.

We collect personal information that you provide directly to us when you create an account, place an order, sign up to marketing communications, enter competitions, contact customer services, or otherwise interact with our website. This information may include your name, billing and delivery address, email address, telephone number, payment details, and any other information necessary to process transactions and manage your account. Where you provide information about another individual, you confirm that you have the authority to do so and that they have consented to the processing of their personal data in accordance with this policy.

We also use cookies and similar tracking technologies when you access our website. A cookie is a small text file placed on your device to collect standard internet log information and visitor behaviour data. These technologies allow us to monitor website usage, analyse traffic patterns, improve functionality, personalise user experience, and support fraud prevention and security monitoring. Some cookies may be operated by trusted third-party service providers. On your first visit to our website, you will be asked to consent to the use of non-essential cookies, and you may withdraw or manage your preferences at any time through your browser settings. Please note that disabling certain cookies may affect website functionality.

We use your personal information to identify you, manage your account, process and fulfil orders, take payment, arrange shipping and delivery, provide customer support, conduct research and statistical analysis, improve our services, prevent fraud, detect misuse of our services, comply with legal obligations, and where permitted, send marketing communications. We rely on lawful bases under UK GDPR including performance of a contract, compliance with legal obligations, legitimate business interests such as fraud prevention and service improvement, and where required, your consent.

Your personal information may be shared with carefully selected third-party service providers where necessary to operate our business. These may include payment processors such as PayPal and Stripe, accounting software providers such as QuickBooks, e-commerce and order management platforms, shipping and logistics providers such as ShipStation and couriers, and technology partners who support website functionality and fraud prevention. We may also disclose personal information to law enforcement agencies, regulators, or other authorities where required by law or where necessary to protect our legal rights, prevent fraud, or respond to disputes or chargeback investigations. We do not sell your personal information to third parties.

Certain personal information including your name, address, email address, telephone number, and payment details is required in order to process your order, collect payment, arrange delivery, provide delivery updates, and fulfil our contractual obligations. Without this information, we are unable to complete transactions. We will always inform you at the point of collection whether information is mandatory.

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including satisfying legal, accounting, and tax requirements. Transactional and financial records are typically retained for six years in accordance with UK tax and accounting regulations. After this period, data is securely deleted or anonymised unless further retention is legally required.

We implement appropriate technical and organisational security measures to protect personal information from unauthorised access, alteration, disclosure, or destruction. Access to personal data is restricted to individuals with a legitimate business need, and all processing is carried out under duties of confidentiality. While we take reasonable steps to protect your information, you acknowledge that transmission of information via the internet is not completely secure, and we cannot guarantee absolute security of data transmitted to or from our website.

We do not routinely transfer personal data outside the United Kingdom or European Economic Area. If such transfers become necessary, appropriate safeguards will be implemented in accordance with applicable data protection laws.

Under UK GDPR, you have rights including the right to access your personal data, request correction of inaccurate data, request erasure in certain circumstances, restrict or object to processing, request data portability, and object to direct marketing. You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO) if you believe your data has been processed unlawfully. If you wish to exercise any of your rights, you may contact us and we may request sufficient information to verify your identity before responding, in order to protect your data from unauthorised disclosure.

We hope to resolve any concerns you may have regarding your personal information. However, you have the right to contact the UK supervisory authority, the Information Commissioner’s Office, via ico.org.uk or by telephone at 0303 123 1113. This Privacy Policy was originally published on 10 May 2021 and may be updated from time to time to reflect changes in law, regulation, or business practices. The latest version will always apply when you access our website, and we encourage you to review it periodically.