Skip to content

Privacy policy

Effective Date: 1st August 2025
Last Updated: 23rd June 2025

This Privacy Policy sets out how Samuel Heath and Sons plc (“we”, “us”, “our”) uses and protects any information that you provide when using our website, including when you purchase products via our online store powered by WooCommerce.

Samuel Heath is committed to ensuring that your privacy is protected. If we ask you to provide certain information by which you can be identified when using this website, it will only be used in accordance with this policy.

We may update this policy from time to time. Please check this page periodically to ensure you are happy with any changes.

What We Collect

We may collect and process the following types of personal data:

  • Identity information: Name, title, job title
  • Contact information: Email address, phone number, shipping and billing address
  • Account credentials: If you register for an account, your username and a hashed password
  • Order and transaction details: Products viewed, added to cart, purchased, delivery instructions
  • Financial data: Billing and shipping details. Note: We do not store payment card details; these are handled securely by our payment processors
  • Preferences and interests: Product categories of interest (e.g., bathroom fittings, door hardware)
  • Technical data: IP address, browser type, device information
  • Usage data: Pages visited, navigation behaviour
  • Cookies: Please refer to the “Cookies” section below for more information

Purposes for Processing Personal Data

Purpose / ActivityType of DataLegal Basis for Processing
Register you as a customer, and send marketing communicationsIdentity, Contact, PreferencesLegitimate Interest / Consent
Process and fulfil online ordersIdentity, Contact, Order Details, Shipping InfoContractual Obligation
Process payments via third-party providersBilling Information, Transaction Info (shared with Stripe/PayPal)Contractual Obligation
Create and manage user accountsIdentity, Contact, Login credentialsLegitimate Interest
Manage customer service, returns, refundsIdentity, Contact, Order InfoContractual Obligation
Administer and protect our website and IT systemsIdentity, TechnicalLegitimate Interest
Conduct data analytics and improve website functionalityTechnical, UsageLegitimate Interest
Comply with legal or regulatory obligationsIdentity, Order and Financial InfoLegal Obligation

E-Commerce and Online Orders

When you place an order via our website:

  • We collect your name, email, phone number, billing and shipping address, and details of the products you purchase.
  • We may collect additional notes you provide during checkout (e.g., delivery instructions).
  • Payment details are securely processed by trusted third-party payment gateways (e.g., Stripe). We do not store or access full payment card information.
  • We use your data to process orders, manage delivery, handle returns/refunds, and comply with legal requirements.

Account Registration

If you choose to register for an account on our website:

  • We store your name, email, and password (hashed securely).
  • This allows you to manage orders, view order history, and save address information for faster checkout.
  • You may delete your account at any time by contacting us.

Information Sharing with Third Parties

To provide e-commerce services, we may share your data with trusted partners including:

  • Payment processors: Stripe (for secure payment processing)
  • Shipping companies: (e.g., Royal Mail, DPD) to fulfil your order
  • E-commerce service providers: WooCommerce, website hosting services, fraud detection systems

These parties are granted access only to the data necessary to perform their functions and are required to comply with data protection laws (including GDPR).

We do not sell or lease your personal data to third parties for marketing purposes.

Data Retention

We retain personal data for as long as necessary to fulfil the purposes we collected it for, including legal, accounting, and warranty obligations.

  • Order data: Retained for at least 6 years for tax and compliance purposes
  • Marketing preferences: Retained until you withdraw consent
  • Accounts: Retained until you delete the account or request erasure

Security

We are committed to ensuring your information is secure. We use a combination of administrative, technical, and physical safeguards to protect the personal data we collect.

All transactional data is transmitted over SSL encryption and payment details are handled exclusively by certified third-party providers.

Access to personal data is restricted to authorized staff and protected by password and access controls.

Your Rights

You have the right to:

  • Request access to your personal data
  • Request correction of inaccurate data
  • Request erasure (“right to be forgotten”)
  • Object to or restrict processing
  • Withdraw consent for marketing communications
  • File a complaint with the Information Commissioner’s Office (ICO)

To exercise any of these rights, contact our Head of Data Security (details below).

How to Contact Us

Address:
Samuel Heath & Sons plc
Leopold Street
Birmingham
B12 0UJ

Email: [email protected]
Contact: Head of Data Security

©2025 Copyright Samuel Heath

Design and build by CORE

We think you're in North America

You're viewing our UK & EU website and product specifications may be different in your location.

Switch to North America