Privacy Policy

Last updated: 30/09/2025

1. Who we are

• Controller: GroveGear (trading name of NORTHFOX LIMITED)
• Company number: 15982475
• Registered address: Academy House, 11 Dunraven Place, Bridgend, Mid Glamorgan, United Kingdom, CF31 1JF
• Email (Support): info@grovegear.co.uk
• Email (B2B): b2b@grovegear.co.uk
• Phone: +44 7418 623744

2. Personal data we collect

2.1 Data you provide

• Account & contact data: name, email, phone, billing/shipping addresses.
• Order & support data: purchased items, order notes, RMA information, messages to support.
• Reviews & UGC: product ratings, comments, Q&A submissions.
• B2B: company name, VAT number, finance/billing contacts.

2.2 Data collected automatically

• Device & log data: IP address, browser type, device identifiers, timestamps, pages viewed.
• Analytics data: aggregated usage stats to help us improve UX and performance.
• Cookies & similar tech: see our Cookie Policy and Cookie Preferences to manage choices.

2.3 Data from partners

• Payment processors: transaction status, fraud signals (we do not store full card numbers).
• Carriers/fulfilment: tracking updates and delivery outcomes.
• Anti-fraud & security tools: risk scoring, IP reputation, chargeback information.

3. Lawful bases for processing

• Contract: to process and deliver your order, provide support and warranties.
• Consent: for non-essential cookies and direct marketing where required.
• Legitimate interests: site security, fraud prevention, service improvement and analytics (balanced against your rights).
• Legal obligation: tax, accounting, and regulatory requirements.

4. How we use your data

• Operate the Website, fulfil orders, process payments and manage delivery/returns.
• Provide customer support and respond to enquiries.
• Send service communications (order confirmations, dispatch updates, policy changes).
• Personalise content, remember preferences and measure performance.
• Detect, prevent and investigate fraud, abuse or security incidents.
• Where permitted, send marketing communications (you can opt out at any time).

5. Disclosures & recipients

We share personal data with trusted recipients as necessary:

• Payment processors & gateways for secure transaction processing (PCI-DSS compliant).
• Carriers & logistics partners to deliver your order and provide tracking.
• IT/hosting, analytics & anti-fraud providers to operate and protect our services.
• Professional advisors (legal, accounting) and authorities where legally required.

6. International transfers

Some recipients may be located outside the UK. Where transfers occur, we rely on lawful transfer mechanisms such as UK adequacy regulations or International Data Transfer Agreements/Standard Contractual Clauses, together with supplementary measures where appropriate.

7. Data retention

We keep data only as long as necessary for the purposes described above:

• Orders & invoices: typically 6 years to meet tax/accounting duties.
• Support/RMA: up to 6 years from last interaction.
• Marketing data: until you opt out or your consent is withdrawn.
• Cookies: per Cookie Policy lifetimes or until you change preferences.

8. Security

We implement technical and organisational measures to protect personal data (encryption in transit, access controls, backups, vulnerability management). No system is entirely immune to risk; please safeguard your account credentials and contact us immediately if you suspect misuse.

9. Your privacy rights

Subject to legal limits, you have the right to:

• Access your personal data and obtain a copy.
• Rectify inaccurate or incomplete data.
• Erase data in certain circumstances (“right to be forgotten”).
• Restrict processing in specific situations.
• Object to processing based on legitimate interests and to direct marketing.
• Data portability for data you provided to us under consent/contract.
• Withdraw consent where processing is based on consent (e.g., non-essential cookies/marketing).

10. Marketing preferences

You can opt out of marketing at any time by using the unsubscribe link in emails or by contacting info@grovegear.co.uk. Service emails relating to your orders and account will still be sent.

11. Cookies & similar technologies

We use cookies and similar technologies for site functionality, analytics and personalisation in accordance with our Cookie Policy. You can manage preferences via Cookie Preferences or your browser settings.

12. Children’s privacy

Our Website is not intended for children under 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will take appropriate steps to delete it.

13. Complaints & supervisory authority

If you have concerns about our data practices, please contact us first at info@grovegear.co.uk. You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO) in the UK: ico.org.uk.

14. Changes to this policy

We may update this Privacy Policy from time to time. Material changes will be signposted on this page and, where appropriate, notified by email. Please review it periodically.

15. Contact us

© 2026 NORTHFOX LIMITED. All rights reserved.