This Privacy Policy explains how Glazie Ltd ("we", "us") collects and uses personal information when you use this website. We are the controller of your personal data for the purposes of UK GDPR and the Data Protection Act 2018.
1. What we collect
- Account information: name, email, phone, optional company name, password (stored as a hash).
- Order information: items, dimensions, specification, delivery/collection address, postcode, customer notes, PO reference (optional).
- Payment information: handled directly by Stripe. We store only the payment intent reference, not the full card number. See Stripe's privacy notice at stripe.com/privacy.
- Communication: emails we send you (subject + send status + body hash) and operational logs for delivery troubleshooting.
- Cookies and similar technologies: see our Cookie Notice.
2. Why we use it
- To process your order, deliver the goods, and provide customer support.
- To send order, invoice, and review-window emails (legal basis: performance of contract).
- To meet our legal obligations (tax records, consumer-rights records).
- To improve the website and protect against fraud and abuse (legal basis: legitimate interests).
- To offer optional features such as saved quotes and order reorder (legal basis: performance of contract or consent).
- To measure how the website and our advertising perform, only where you have consented to analytics/advertising cookies (legal basis: consent — see section 3 and the Cookie Notice).
3. Who we share it with
- Stripe — payment processing.
- Our email provider — sending transactional email.
- Google Maps / Places API — when you use address autocomplete at checkout, the address text you type is sent to Google to return suggestions.
- Google (analytics and advertising) — only if you consent to optional cookies, we use Google Tag Manager, Google Analytics, and Google Ads conversion measurement. These services receive usage data (pages viewed, configurator and checkout events, order value) associated with cookies on your device — never your name, email, address, or payment details. You can withdraw consent at any time via "Cookie Settings" in the footer. See Google's privacy policy at policies.google.com/privacy.
- Our hosting provider — for site operation.
- HMRC and other authorities — where the law requires.
We do not sell your personal data.
4. How long we keep it
- Account: until you ask us to delete it.
- Orders, invoices, and transaction records: at least 6 years for tax purposes.
- Operational logs (webhook events, email logs, cron runs, usage analytics): between 90 days and 12 months depending on the log type, after which they are automatically purged.
- Quotes you did not convert into orders: until they expire (currently 7 days after creation).
5. Your rights under UK GDPR
You have the right to:
- Ask for a copy of the personal data we hold about you (right of access).
- Have inaccurate data corrected (rectification).
- Have data deleted in certain circumstances (erasure).
- Object to or restrict certain types of processing.
- Withdraw consent at any time where we rely on consent.
- Lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.
If you have an account, you can download a copy of your data and delete your account yourself from the Privacy section of your account area. You can also email us at sales@glazie.co.uk to exercise any of these rights.
6. Contact
Email sales@glazie.co.uk for any privacy question or request.