PRIVACY POLICY

Last updated: 23 April 2026

Contents

1. Who We Are

The Yard Supplements ("we", "us", "our") is a specialist sports nutrition and research compound retailer based in Stockport, Greater Manchester. We operate the website theyardsupplements.co.uk and physical retail premises at:

The Yard SupplementsBourne St, Stockport SK4 1PZ0161 399 5265theyardsupplements@gmail.com

For the purposes of UK data protection law (UK GDPR and the Data Protection Act 2018), we are the data controller responsible for your personal data.

2. Data We Collect

We collect and process the following categories of personal data:

Identity & Contact Data

  • Full name, email address, phone number, delivery and billing addresses
  • Account login credentials (password stored in hashed form only)

Transaction Data

  • Order history, items purchased, order value, payment method used
  • Loyalty points balance and redemption history
  • Promo codes applied to orders

Technical Data

  • IP address, browser type and version, device type
  • Pages visited, time spent, referring URLs
  • Cookies and similar tracking technologies (see Section 8)

Marketing Data

  • Email subscription preferences
  • Communication and marketing consent records

We do not collect any special category data (e.g., health data, biometric data). We do not knowingly collect data from anyone under the age of 18.

3. How We Use Your Data

We use your personal data for the following purposes and lawful bases:

PurposeLawful Basis
Processing and fulfilling your ordersContract performance
Managing your account and loyalty programmeContract performance
Processing payments via SumUpContract performance
Shipping orders via Parcel2GoContract performance
Sending order confirmations and dispatch updatesContract performance
Sending marketing emails (with your consent)Consent
Fraud prevention and securityLegitimate interest
Improving our website and servicesLegitimate interest

4. Who We Share Your Data With

We share your data only where necessary to provide our services:

  • SumUp — Payment processing. Your payment card details are handled directly by SumUp and are never stored on our servers. See SumUp's Privacy Policy.
  • Parcel2Go — Shipping and delivery. We share your name, address, email and phone number to fulfil delivery. See Parcel2Go's Privacy Policy.
  • SendGrid (Twilio) — Transactional and marketing emails. Your email address is shared to send order confirmations and promotional communications.

We do not sell, rent, or trade your personal data to any third party for marketing purposes. We do not transfer your data outside the UK/EEA unless adequate safeguards are in place.

5. How Long We Keep Your Data

  • Account data: Retained for as long as your account is active. You may request deletion at any time.
  • Order and transaction data: Retained for 6 years after the transaction for tax, accounting and legal compliance purposes (HMRC requirements).
  • Marketing data: Retained until you unsubscribe or withdraw consent.
  • Guest checkout data: Name, email, and address retained for 6 years for order fulfilment and legal compliance.
  • Technical/analytics data: Retained for up to 26 months.

6. Your Rights

Under UK GDPR, you have the following rights regarding your personal data:

  • Right of access — Request a copy of the personal data we hold about you.
  • Right to rectification — Request correction of inaccurate or incomplete data.
  • Right to erasure — Request deletion of your personal data (subject to legal retention obligations).
  • Right to restrict processing — Request that we limit how we use your data.
  • Right to data portability — Receive your data in a structured, machine-readable format.
  • Right to object — Object to processing based on legitimate interests or for direct marketing.
  • Right to withdraw consent — Withdraw consent at any time where processing is based on consent.

To exercise any of these rights, contact us at theyardsupplements@gmail.com. We will respond within 30 days.

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO).

7. Data Security

We implement appropriate technical and organisational measures to protect your personal data, including:

  • SSL/TLS encryption for all data transmitted between your browser and our servers
  • Passwords stored using industry-standard bcrypt hashing (we cannot see your password)
  • Payment card data processed entirely by SumUp — we never see or store your card details
  • Access to personal data restricted to authorised personnel only
  • Regular security updates and monitoring

While we take all reasonable precautions, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security.

8. Cookies & Tracking

Our website uses the following cookies and local storage:

Cookie/StoragePurposeType
Authentication tokenKeeps you logged inEssential
Guest cartStores your shopping cart items before loginEssential
Subscription preferenceRemembers if you dismissed the subscription popupFunctional
Session storagePrevents repeated popup display within a sessionFunctional

We do not use third-party advertising cookies or cross-site tracking technologies.

9. Children's Privacy

Our website and products are intended for individuals aged 18 and over. We do not knowingly collect personal data from anyone under 18 years of age. If you believe a child has provided us with personal data, please contact us immediately and we will delete it.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated "Last Updated" date. We encourage you to review this page periodically.

Material changes that significantly affect your rights will be communicated via email where possible.

11. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your data rights, contact us:

theyardsupplements@gmail.com
0161 399 5265
Bourne St, Stockport SK4 1PZ