This policy explains what personal data Gridnest, operated by PMC ELECTRICAL NETWORK LTD, collects when you browse, order or contact us, why we use it, and the rights you have. It is written to meet UK GDPR and the Data Protection Act 2018 and, for California residents, the CCPA/CPRA.
01Who is responsible for your data
The data controller is PMC ELECTRICAL NETWORK LTD (Gridnest), 82 Carlisle Road Abington, ML12 6SD, Scotland, United Kingdom. For any privacy question, contact support@pmcelenet.shop or call +44 7633152767.
02What we collect
- ·Order data: name, delivery address, email, phone (optional), the items ordered and order value.
- ·Account and contact data: the details you enter in the contact, wholesale and checkout forms.
- ·Payment-related data: billing name, country and a payment confirmation token. We never receive or store your full card number.
- ·Support data: the content of messages you send us and our replies.
- ·Technical data: IP address, device and browser type, and basic analytics about how pages are used.
- ·Cookie data: strictly necessary cookies plus, only with your agreement, analytics cookies (see our Cookie policy).
03Collection sources — where the data comes from
Our collection sources are:
- ·Directly from you: the details you type into the contact, wholesale and checkout forms, and the choices you make when you place an order.
- ·Automatically from your device: technical and cookie data your browser sends when you use the site (IP address, device and browser type, page analytics).
- ·From our payment processor (Stripe): confirmation that a payment succeeded, the billing country and a payment reference — never your full card number.
- ·From our fulfilment and courier partners: delivery status and tracking updates tied to your order.
We do not buy or rent personal data from data brokers or other third parties.
04Why we use it, and our legal bases
- ·To take and fulfil your order and deliver it to you — legal basis: performance of a contract.
- ·To answer contact and wholesale enquiries — legal basis: our legitimate interest in responding to you, or steps toward a contract.
- ·To take payment through our payment processor — legal basis: performance of a contract.
- ·To keep records for tax, accounting and consumer-law obligations — legal basis: legal obligation.
- ·To prevent fraud and keep the site secure — legal basis: legitimate interest.
- ·To send optional analytics and marketing — legal basis: your consent, which you can withdraw at any time.
05Who we share it with
We share personal data only with processors that help us run the store, under contract and only as needed:
- ·Payment processing: Stripe, Inc., which handles card payment securely. Stripe receives the billing details and amount; we receive only a confirmation and never your full card number.
- ·Hosting and delivery of this website: our cloud hosting provider (Vercel).
- ·Order fulfilment and shipping: our warehousing and courier partners, who receive the name and delivery address needed to ship your order.
- ·Email and support tooling used to reply to you.
- ·Database and lead storage: our managed database provider, used to keep order and enquiry records.
- ·Professional advisers and authorities where we are legally required to disclose.
We do not sell your personal data.
06International transfers
Some processors are located outside the UK/EEA. Where data is transferred internationally, we rely on UK/EU adequacy decisions or Standard Contractual Clauses (with the UK International Data Transfer Addendum where relevant) so your data keeps an equivalent level of protection.
07How long we keep it
- ·Order and transaction records: up to 7 years, to meet tax and accounting rules.
- ·Contact and wholesale enquiries: up to 24 months from last contact.
- ·Marketing consent records: until you withdraw consent, then a short period to evidence the withdrawal.
- ·Analytics data: retained in aggregated or short-lived form as described in our Cookie policy.
08Your rights (UK/EU GDPR and CCPA)
Depending on where you live, you can ask us to:
- ·Access the personal data we hold about you.
- ·Correct data that is wrong or incomplete.
- ·Delete your data where there is no overriding legal reason to keep it.
- ·Restrict or object to certain processing, including direct marketing.
- ·Receive your data in a portable format.
- ·Withdraw consent at any time, without affecting earlier processing.
To exercise any right, email support@pmcelenet.shop. We respond within the statutory time limit and never charge for a valid request.
09Do Not Sell or Share (California)
Gridnest does not sell or share personal information as those terms are defined under the CCPA/CPRA. California residents may still exercise their rights to know, delete, correct and limit the use of sensitive personal information by contacting us at support@pmcelenet.shop. We will not discriminate against you for exercising these rights.
10Cookies and analytics
We use strictly necessary cookies to run the cart and checkout, and — only with your agreement — analytics cookies to understand usage. Full detail and your choices are in our Cookie policy.
11Order, delivery and fulfilment data (product orders)
Because we ship physical organisers, we process your order data and the shipping address you enter at checkout. We use the shipping address, recipient name and contact details to fulfil the order and pass them to our warehousing and courier partners so they can deliver to you and provide tracking. Order fulfilment records (items, order value, shipping address and delivery status) are retained for the periods set out above.
Returns, exchanges and refunds are handled by our customer support team, who access the related order, the shipping address and, where relevant, the return tracking to process your request. Delivery is carried out by third-party logistics carriers who receive only the name, shipping address and contact details needed to deliver your parcel. Billing and payment authorisation are handled by Stripe; we store only the order amount, billing country and a payment reference — never the card number or security code.
12Automated decisions and children
We do not make solely automated decisions that produce legal effects about you. This store is not directed at children: it must not be used by anyone under 13, and 13–17 year-olds must have parent or guardian consent to order.
13Security
We use encryption in transit (HTTPS), access controls and reputable processors. No method of transmission is perfectly secure, but we take reasonable steps to protect your data and to notify you and the relevant regulator if a reportable breach occurs.
14Complaints and contact
If you have a concern, contact us first at support@pmcelenet.shop. You also have the right to complain to the UK Information Commissioner’s Office (ICO) at ico.org.uk, or to your local data protection authority in the EU. This policy is governed by the law of Scotland, United Kingdom.