4️⃣ Privacy Policy

Privacy Policy

Last updated: 11 June 2026

Page title: Privacy Policy · Shopify slug: privacy-policy

At DEAN SHOP ("we", "us", "our"), we place a high value on the protection of your personal data. This Privacy Policy is designed to inform you transparently about which personal data we collect, the purposes for which we collect it and how we handle it. The applicable legal frameworks include the UK General Data Protection Regulation (UK GDPR), the EU General Data Protection Regulation (EU GDPR) and the Data Protection Act 2018.

1. Data Controller

The data controller within the meaning of the UK GDPR is the operator of the website deanshop.com. For queries relating to this policy or the processing of your data, you can contact us at contact@deanshop.com. Detailed provider information can be found in our Legal Notice.

2. Types of Data We Process

In the context of an order or a contact enquiry, we process the following data:

  • First and last name as well as email address
  • Delivery and billing address
  • Telephone number (optional — used for delivery status notifications)
  • Payment information (securely processed by our payment partner — card details are not stored by us)
  • Your order and purchase history
  • Technical data about your device and browsing behaviour (IP address, browser type, pages visited)

3. Purposes of Processing and Legal Bases

  • Order processing — name, address, email and payment details are required to fulfil the purchase contract concluded with you (Art. 6(1)(b) UK GDPR).
  • Customer communication — for example, order confirmations, delivery notifications and customer service enquiries (Art. 6(1)(b) UK GDPR).
  • Optimisation of our offer — through usage analysis we can continually improve our website (Art. 6(1)(f) UK GDPR — legitimate interest).
  • Compliance with legal obligations — business records are archived in accordance with applicable tax and commercial law requirements (Art. 6(1)(c) UK GDPR).

4. Payment Processing

Your payments are processed by our partners (such as Stripe, PayPal, Klarna or Viva Wallet), all of which are certified to PCI DSS Level 1. Your card details are entered directly within their secure environment — the full card number, CVV security code and expiry date are at no point visible or accessible to DEAN SHOP.

5. Data Retention Period

Order data is stored for a period of 6 to 10 years in line with applicable UK tax and accounting law (in particular under HMRC requirements and the Companies Act 2006). Your marketing preferences are retained until you choose to unsubscribe. Non-essential data is deleted or anonymised as soon as the purpose of its processing no longer applies.

6. Recipients of the Data

Data is shared with third parties only to the extent necessary for processing your order:

  • Shipping service providers (e.g. Royal Mail, DHL, DPD, Evri, UPS) for delivery
  • Payment partners for secure payment processing
  • Email service providers for transactional communications
  • Hosting providers for the technical operation of the website
  • Accountants and legal advisers, insofar as necessary to fulfil legal obligations

We have entered into appropriate data processing agreements with all our processors in accordance with Art. 28 UK GDPR.

7. Data Transfers to Third Countries

Any transfer of data to countries outside the United Kingdom or the European Economic Area (EEA) only takes place where an adequacy decision is in place or where appropriate safeguards — such as the Standard Contractual Clauses adopted by the UK or the EU Commission — are in place in accordance with Art. 45 ff. UK GDPR.

8. Cookies and Tracking

Our website uses cookies and similar technologies. Detailed information can be found in our Cookie Policy. You can reject or configure non-essential cookies at any time via the cookie banner and the settings in your browser.

9. Your Rights as a Data Subject

You have the following rights with regard to your personal data:

  • Right of access (Art. 15 UK GDPR) — you can ask what data we process about you
  • Right to rectification (Art. 16 UK GDPR) — inaccurate data can be corrected
  • Right to erasure (Art. 17 UK GDPR) — to the extent there is no legal retention obligation
  • Right to restriction of processing (Art. 18 UK GDPR)
  • Right to data portability (Art. 20 UK GDPR)
  • Right to object (Art. 21 UK GDPR) — to processing based on legitimate interest
  • Right to withdraw consent at any time (Art. 7(3) UK GDPR)
  • Right to lodge a complaint with a supervisory authority (Art. 77 UK GDPR)

To exercise your rights, simply send a brief message to contact@deanshop.com.

10. Security of Your Data

To protect your data from unauthorised access, loss or misuse, we have implemented appropriate technical and organisational measures. These include encryption using SSL/TLS, secured server environments, restricted access permissions and regular security checks.

11. Automated Decision-Making

We do not use automated decision-making or profiling within the meaning of Art. 22 UK GDPR.

12. Right to Complain

If you believe that the processing of your data violates UK GDPR, you have the right to lodge a complaint with a data protection supervisory authority — in particular the Information Commissioner's Office (ICO) in the United Kingdom (www.ico.org.uk) or any supervisory authority in the EU member state of your habitual residence, place of work or the alleged infringement.

13. Updates to This Policy

We reserve the right to update this Privacy Policy from time to time in order to reflect any changes in legislation or to changes in our business operations. The version currently in force is always available for review on this page.