Positive ID Labelling Ltd. Privacy Policy
Privacy Policy
Last Updated: December 2025
1. Introduction
Positive ID Labels (“we”, “us”, or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal information when you visit our website or use our services.
Data Controller:
Positive ID Labels
Derby, United Kingdom
Phone: 01332 864895
We are registered in the United Kingdom and comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
2. Information We Collect
2.1 Information You Provide to Us
We collect information you voluntarily provide when you:
- Request a quote or enquiry – Name, email address, phone number, company name, postal address, and details about your label requirements
- Place an order – Billing and delivery addresses, purchase order numbers, payment information (processed securely by our payment provider)
- Contact us – Name, email address, phone number, and the content of your message
- Sign up for newsletters or updates – Email address and marketing preferences
2.2 Information Collected Automatically
When you visit our website, we automatically collect:
- Technical information – IP address, browser type and version, operating system, device type
- Usage information – Pages visited, time spent on pages, links clicked, referring website
- Location information – General geographic location based on IP address (country/region level)
This information is collected through:
- Cookies – Small text files stored on your device
- Google Analytics – Web analytics service (see section 5 below)
- Server logs – Standard web server logging
2.3 Information from Third Parties
We may receive information from:
- Payment processors – Transaction confirmation and payment status
- Delivery partners – Delivery confirmation and tracking updates
- Google services – Analytics data, advertising performance data
3. How We Use Your Information
3.1 Legal Basis for Processing
We process your personal data based on the following legal grounds:
Contract Performance – To fulfil orders and provide services you’ve requested:
- Processing and fulfilling your orders
- Communicating about your orders
- Providing customer support
- Managing returns and refunds
Legitimate Interests – For our business operations:
- Improving our website and services
- Fraud prevention and security
- Business analytics and reporting
- Internal record keeping
Consent – Where you’ve given explicit permission:
- Marketing communications (newsletters, promotional emails)
- Non-essential cookies
- Collecting testimonials or reviews
Legal Obligation – To comply with laws and regulations:
- Tax and accounting requirements
- Responding to legal requests
- Health and safety obligations
3.2 Purposes of Processing
We use your information to:
- Process and fulfil your orders
- Provide quotes and respond to enquiries
- Send order confirmations and updates
- Provide customer support
- Improve our products and services
- Analyse website usage and trends
- Send marketing communications (with your consent)
- Prevent fraud and ensure security
- Comply with legal obligations
- Maintain business records
4. Cookies and Tracking Technologies
4.1 What Are Cookies?
Cookies are small text files stored on your device when you visit our website. They help us provide a better user experience and understand how our website is used.
4.2 Types of Cookies We Use
Strictly Necessary Cookies (always active)
Essential for website functionality, including:
- Session management
- Security features
- Load balancing
- Form submission
Performance Cookies (with consent)
Help us understand how visitors use our website:
- Google Analytics cookies
- Page load times
- Error tracking
Functionality Cookies (with consent)
Remember your preferences:
- Language preferences
- Display settings
- Previously viewed products
Marketing Cookies (with consent)
Used for advertising and remarketing:
- Google Ads cookies
- Conversion tracking
- Audience targeting
4.3 Managing Cookies
You have several options for managing cookies:
Through our cookie banner: Click “Cookie Preferences” in the footer to update your choices at any time.
Through your browser: Most browsers allow you to refuse or delete cookies. The method for doing this varies by browser and version. You can find up-to-date information about blocking and deleting cookies at: aboutcookies.org or allaboutcookies.org
Please note: Blocking certain cookies may impact your experience on our website and limit the functionality available to you.
Google Analytics Opt-out: You can prevent Google Analytics from collecting data by installing the Google Analytics Opt-out Browser Add-on: tools.google.com/dlpage/gaoptout
Google Ads Settings: You can opt out of personalized advertising by visiting: adssettings.google.com.
5. Google Services
5.1 Google Analytics
We use Google Analytics to understand how visitors use our website. Google Analytics collects information anonymously and reports website trends without identifying individual visitors.
Information collected includes:
- Pages visited and time spent
- Traffic sources and referrers
- Device and browser information
- Geographic location (country/region)
Data retention: 26 months (can be adjusted)
Opt-out: Install the Google Analytics Opt-out Browser Add-on at tools.google.com/dlpage/gaoptout
5.2 Google Ads and Remarketing
We use Google Ads for advertising and remarketing, which may:
- Show our ads on other websites you visit
- Track conversions from our ads
- Create audience segments for targeting
You can opt out of personalized Google advertising at adssettings.google.com
5.3 Google Fonts
We may use Google Fonts to display fonts on our website. When you visit pages using Google Fonts, your browser connects to Google servers, which may log your IP address.
5.4 Google reCAPTCHA
We use Google reCAPTCHA to protect forms from spam and abuse. reCAPTCHA collects hardware and software information and sends it to Google to determine if you’re human.
Google’s Privacy Policy: policies.google.com/privacy
6. How We Share Your Information
6.1 Third-Party Service Providers
We share information with trusted service providers who help us operate our business:
| Category | Purpose | Examples |
|---|---|---|
| Payment processors | Process payments securely | Stripe, PayPal, |
| Delivery services | Fulfil orders | Royal Mail, DHL |
| Email services | Send communications | Microsoft |
| Web hosting | Host our website | UK-based hosting provider |
| Analytics | Understand website usage | Google Analytics |
| Accounting software | Financial record keeping | Sage |
| CRM systems | Manage customer relationships | Customer database |
All service providers are contractually required to:
- Process data only for specified purposes
- Implement appropriate security measures
- Comply with UK GDPR requirements
- Not use data for their own purposes
6.2 Legal Requirements
We may disclose information when required by law or to:
- Comply with legal obligations or court orders
- Protect our rights and property
- Prevent fraud or security threats
- Cooperate with law enforcement
6.3 Business Transfers
If we sell or merge our business, customer information may be transferred to the new owner, subject to the same privacy protections.
6.4 With Your Consent
We may share information for other purposes with your explicit consent.
We never:
- Sell your personal data to third parties
- Share your data for others’ marketing without consent
- Transfer data outside the UK without appropriate safeguards
7. International Data Transfers
Your data is primarily stored and processed in the United Kingdom. Where we use service providers based outside the UK (such as Google), we ensure:
- Adequate protection under UK GDPR
- Standard contractual clauses are in place
- Appropriate security measures are implemented
Google services may transfer data internationally but provide adequate safeguards under UK GDPR adequacy decisions.
8. Data Security
8.1 Security Measures
We implement appropriate technical and organizational measures to protect your data:
Technical measures:
- SSL/TLS encryption for data transmission
- Secure password policies
- Regular security updates and patches
- Firewall and intrusion detection systems
- Secure backup systems
Organizational measures:
- Access controls and authentication
- Staff training on data protection
- Confidentiality agreements
- Regular security audits
- Incident response procedures
8.2 Data Breach Notification
In the unlikely event of a data breach that poses a risk to your rights, we will:
- Notify the Information Commissioner’s Office (ICO) within 72 hours
- Notify affected individuals without undue delay
- Take immediate action to contain and remedy the breach
8.3 Your Responsibility
Please help us keep your information secure by:
- Keeping login credentials confidential
- Using strong passwords
- Logging out after using shared computers
- Reporting any suspicious activity
9. Data Retention
We retain your personal data only as long as necessary for the purposes stated in this policy:
| Category | Minimum Retention Period | Reason |
|---|---|---|
| Order information | 7 years | Tax and accounting requirements |
| Quote requests | 2 years | Business records, potential future orders |
| Marketing consent | Until withdrawn | Ongoing marketing activities |
| Website analytics | 26 months | Google Analytics default setting |
| Customer support | 3 years | Service improvement, dispute resolution |
| Email correspondence | 2 years | Business records, reference |
After these periods, we may securely delete or anonymize your data unless we’re legally required to retain it longer.
10. Your Rights Under UK GDPR
You have the following rights regarding your personal data:
10.1 Right to Access
Request a copy of the personal data we hold about you (Subject Access Request).
10.2 Right to Rectification
Request correction of inaccurate or incomplete data.
10.3 Right to Erasure (“Right to be Forgotten”)
Request deletion of your data in certain circumstances:
- Data no longer needed for original purpose
- You withdraw consent
- You object to processing
- Data processed unlawfully
Note: Some data must be retained for legal obligations (e.g., tax records).
10.4 Right to Restrict Processing
Request that we limit how we use your data in certain situations.
10.5 Right to Data Portability
Request your data in a structured, machine-readable format to transfer to another provider.
10.6 Right to Object
Object to processing based on legitimate interests or for direct marketing purposes.
10.7 Rights Related to Automated Decision-Making
We do not use automated decision-making or profiling that significantly affects you.
10.8 How to Exercise Your Rights
To exercise any of these rights, contact us:
Email: sales@pid-labelling.co.uk
Phone: 01332 864895
Post: Positive ID Labels, Derby, United Kingdom
We will respond within one month of receiving your request (may be extended by two months for complex requests).
Proof of identity: We may request identification to verify your identity before processing requests.
11. Marketing Communications
11.1 How We Use Your Data for Marketing
With your consent, we may send you:
- Promotional emails about products and services
- Special offers and discounts
- Company news and updates
- Industry insights and tips
11.2 Opting Out
You can opt out of marketing communications at any time by:
- Clicking “unsubscribe” in any marketing email
- Contacting us at 01332 864895
- Emailing us at sales@pid-labelling.co.uk
Important: Opting out of marketing does not affect:
- Transactional emails (order confirmations, invoices)
- Service-related communications
- Response to your enquiries
12. Children’s Privacy
Our services are intended for businesses and individuals aged 18 and over. We do not knowingly collect personal data from children under 18.
If we discover we’ve collected data from a child under 18, we will delete it immediately. If you believe we’ve collected data from a child, please contact us immediately.
13. Third-Party Websites
Our website may contain links to third-party websites. We are not responsible for the privacy practices of these external sites. We encourage you to read their privacy policies before providing any personal information.
14. Changes to This Privacy Policy
We may update this Privacy Policy to reflect changes in our practices, technology, legal requirements, or business operations.
When we make changes:
- We update the “Last Updated” date at the top
- Significant changes will be prominently notified on our website
- Continued use of our services constitutes acceptance of changes
We recommend: Review this policy periodically to stay informed about how we protect your information.
15. Contact Us and Complaints
15.1 Contact Information
For questions, concerns, or to exercise your rights:
Positive ID Labels
Derby, United Kingdom
Phone: 01332 864895
Email: sales@pid-labelling.co.uk
We aim to respond to all enquiries within 5 working days.
15.2 Making a Complaint
If you’re unhappy with how we’ve handled your data, please contact us first so we can resolve your concerns.
You also have the right to complain to the supervisory authority:
Information Commissioner’s Office (ICO)
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Phone: 0303 123 1113
Website: ico.org.uk
Report online: ico.org.uk/make-a-complaint
16. Definitions
Personal Data – Any information relating to an identified or identifiable individual.
Processing – Any operation performed on personal data (collection, storage, use, disclosure, deletion).
Data Controller – The organization that determines purposes and means of processing personal data (Positive ID Labels).
Data Processor – An organization that processes data on behalf of the controller (our service providers).
Consent – Freely given, specific, informed agreement to processing.
UK GDPR – UK General Data Protection Regulation (retained EU law in UK).
17. Cookie Policy Summary
For detailed information about cookies, see Section 4 above.
Essential cookies: Always active
Analytics cookies: Google Analytics (can opt out)
Marketing cookies: Google Ads (can opt out)
Manage cookies: Use our cookie consent banner or browser settings.
Document Version: 1.0
Effective Date: 01/12/2025
Next Review: 01/12/2027