Skip to Content

Privacy Policy

 

ⓘ  About This Policy

Guthrie Group Limited ('GGL', 'we', 'us', 'our') is committed to protecting your personal data. This Privacy Policy explains what personal data we collect, how we use it, the legal basis for doing so, and your rights under UK data protection law, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.


1.  Who We Are

1.1  Guthrie Group Limited is the data controller for personal data collected through our website and in connection with the sale of goods.

1.2  Our registered office is at 2 Drummond Square, Brucefield Industry Park, Livingston EH54 9DH, Scotland. Company No: SC138693.

1.3  For any data protection queries, please contact us at sales@guthriegroup.co.uk or by post to the registered office address above.


2.  What Personal Data We Collect

We may collect and process the following categories of personal data:

2.1  Data You Provide Directly

•       Name, email address, telephone number and postal/delivery address when placing an order or creating an account.

•       Payment details — note that card data is processed securely by Stripe and is not stored by us.

•       Communications you send us, including enquiries, complaints, and returns requests.

•       Marketing preferences and consent records.

•       Age verification information where required for age-restricted products.

2.2  Data Collected Automatically

•       Technical data: IP address, browser type and version, operating system, device type.

•       Usage data: pages visited, time spent, referral source, click-through paths.

•       Cookie data and similar tracking technologies. 

2.3  Data from Third Parties

•       Fraud prevention and credit reference data from payment processors and identity verification providers.

•       Analytics data from providers such as Google Analytics.


3.  How We Use Your Personal Data

We use your personal data for the following purposes:

3.1  To Fulfil Your Order (Contract Performance)

•       Processing and fulfilling orders, including delivery and invoicing.

•       Communicating with you about your order status, delivery, and any issues.

•       Verifying age for age-restricted or regulated products.

•       Processing returns, refunds, and complaints.

3.2  Legal Compliance

•       Maintaining accounting and tax records as required by law.

•       Responding to regulatory or legal requests.

•       Complying with product safety, recall, and regulatory obligations.

3.3  Legitimate Interests

•       Preventing and detecting fraud and abuse.

•       Improving our website, products, and services through analytics.

•       Sending you service-related communications relevant to a previous purchase.

3.4  Consent

•       Sending marketing communications by email or other channels where you have opted in.


4.  Legal Basis for Processing

We process your personal data on the following legal bases under UK GDPR Article 6:

•       Article 6(1)(b) — Performance of a contract: to process and fulfil your orders.

•       Article 6(1)(c) — Legal obligation: to comply with applicable laws and regulations.

•       Article 6(1)(f) — Legitimate interests: fraud prevention, analytics, call recording, and service improvement, where our interests are not overridden by your rights.

•       Article 6(1)(a) — Consent: for marketing communications and non-essential cookies.


5.  Sharing Your Personal Data

5.1  We do not sell your personal data to third parties.

5.2  We may share your data with the following categories of recipients, where necessary:

•       Payment processors — Stripe, for secure card processing.

•       Delivery and logistics providers — to fulfil and track orders.

•       IT and cloud service providers — for website hosting and business systems.

•       Analytics providers — such as Google Analytics, for website performance measurement.

•       Legal and professional advisers — where required for legal matters.

•       Regulatory authorities — where required by law.

5.3  All third-party processors are required to handle your data securely and only for the purposes for which it is shared.

5.4  We do not transfer personal data outside the United Kingdom except where appropriate safeguards are in place under UK GDPR.


6.  Data Retention

6.1  We retain personal data only for as long as necessary for the purposes set out in this Policy or as required by law.

6.2  Order and transaction records are retained for a minimum of 6 years from the end of the relevant tax year, in line with HMRC requirements.

6.3  Marketing consent records are retained for as long as you remain an active subscriber, plus a reasonable period thereafter.

6.4  Where data is no longer required, it is securely deleted or anonymised.


7.  Your Rights

Under UK GDPR, you have the following rights in relation to your personal data:

•       Right of access — to request a copy of the personal data we hold about you.

•       Right to rectification — to ask us to correct inaccurate or incomplete data.

•       Right to erasure — to request deletion of your personal data in certain circumstances.

•       Right to restrict processing — to ask us to limit how we use your data.

•       Right to data portability — to receive your data in a structured, machine-readable format.

•       Right to object — to object to processing based on legitimate interests or for direct marketing.

•       Right to withdraw consent — where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.

7.1  To exercise any of these rights, please contact us at sales@guthriegroup.co.uk. We will respond within one calendar month. There is no charge for exercising your rights unless requests are manifestly unfounded or excessive.

7.2  You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO) at ico.org.uk or by calling 0303 123 1113.


8.  Cookies and Tracking Technologies

8.1  Our website uses cookies and similar technologies. Essential cookies are necessary for the site to function. Non-essential cookies (including analytics and marketing cookies) are only placed with your consent.


9.  Security

9.1  We take appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, or misuse.

9.2  Payment card data is handled exclusively by Stripe using industry-standard encryption. We do not store full card details.

9.3  Where we have given you (or you have chosen) a password to access parts of our website, you are responsible for keeping it confidential.


10.  Third-Party Links

10.1  Our website may contain links to third-party websites. This Privacy Policy applies only to guthrie-group.co.uk. We are not responsible for the privacy practices of any third-party sites, and we encourage you to read their privacy policies before providing any personal data.


11.  Children

11.1  Our website is not directed at children under 18. We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a child, please contact us and we will delete it promptly.


12.  Changes to This Policy

12.1  We may update this Privacy Policy from time to time. When we do, we will revise the 'Last updated' date at the top of this document.

12.2  We encourage you to review this Policy periodically.


13.  Contact Us

If you have any questions about this Privacy Policy or how we handle your personal data, please contact:

 

Guthrie Group Limited

2 Drummond Square

Brucefield Industry Park

Livingston

EH54 9DH

Email: sales@guthriegroup.co.uk

Website: guthriegroup.co.uk