0

Privacy Policy

  1. Home
  2. Help Centre
  3. Privacy Policy

Privacy Policy

Medicalbatterydirect.co.uk (“we”, “our”, “us”) is committed to protecting and respecting your privacy.

Effective date: 31 Oct 2025

This Privacy Policy explains how we collect, use, store and share your personal data when you visit or make a purchase at medicalbatterydirect.co.uk (the “Site”), contact our support team, or otherwise interact with us. It also explains your rights and how you can contact us.

1. Who we are & how to contact us

Website: medicalbatterydirect.co.uk
Customer support email: service@medicalbatterydirect.co.uk

If you have questions about this policy or want to exercise any of your data protection rights, please contact our Data Protection Officer at the email above.

If you remain dissatisfied, you have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO): ico.org.uk.

2. What personal data we collect

We collect personal data you provide to us and data we collect automatically:

Data you give us

  • Identity & contact: name, billing and delivery address, email address, telephone number.
  • Order details: order history, products purchased (brand/model), quantities.
  • Payment information: we do not store full card details on our servers — payment card details are processed by our payment processors (e.g. PayPal, Google Pay, Apple Pay). We may store masked/payment token information to support refunds and recurring orders.
  • Customer communications: enquiries, messages, support tickets, returns and warranty claims, and any attachments you supply (for example, photos of a device to check compatibility).
  • Marketing preferences: whether you have opted in to receive promotional messages.
  • Business information: if you are ordering on behalf of an organisation, we may collect company name and billing details.

Data we collect automatically

  • Technical & usage data: IP address, browser type and version, device identifiers, operating system, pages visited, referring pages, click data and time stamps.
  • Cookies & tracking: details described in our Cookie Policy (see Section 9).

3. Special note about photos and device information

When you send photos of your device or original battery to confirm compatibility, those photos may contain personal data (for example, name labels or other identifiers). Please avoid including sensitive health information in photos or messages. We only process such data where you voluntarily provide it and where we have a lawful basis (usually your explicit consent). If you are concerned about providing sensitive information, contact us for guidance.

4. Legal bases for processing (UK GDPR)

We rely on the following legal bases to process your personal data:

  • Contractual necessity: to perform our contract with you (processing and fulfilling orders, payments, delivery, customer service, returns, warranties).
  • Legal obligations: to comply with anti-fraud, tax, accounting and export/import laws.
  • Legitimate interests: for business and security purposes (fraud prevention, improving products and services, analytics, direct marketing to existing customers where appropriate). We will balance our interests against your rights and will not use this basis where your rights override ours.
  • Consent: where you have opted in (for example, email marketing and certain kinds of cookies). You can withdraw consent at any time.

5. How we use your personal data

We use your data to:

  • Process and fulfil orders (including payment processing, delivery, confirmations, invoices).
  • Provide customer support and after-sales services (returns, warranties, compatibility checks).
  • Handle payments, refunds and chargebacks (via third-party payment processors).
  • Comply with legal and regulatory obligations (tax records, anti-money laundering, customs declarations for cross-border shipments).
  • Provide product recommendations and tailored content (where permitted).
  • Conduct fraud prevention and security monitoring.
  • Operate and improve our Site and services (analytics, testing, troubleshooting).
  • Manage marketing communications if you have opted in or where we have a legitimate interest to send service messages (you may opt out at any time).
  • Retain records as required for accounting, legal and customer support purposes.

6. Who we share data with

We share personal data with third parties where necessary to provide our services, including:

  • Payment processors: PayPal, Google Pay, Apple Pay, and card acquirers (to process payments securely).
  • Couriers and logistics partners: EVRi and other delivery partners to fulfil and track orders.
  • Cloud, hosting and IT providers: for website hosting, data storage and backup.
  • Customer service & CRM tools: to manage support tickets and communications.
  • Marketing providers: e.g. email platform (Mailchimp, Klaviyo or similar) if you subscribe to marketing emails.
  • Analytics & advertising partners: e.g. Google Analytics, Google Ads, Facebook/Meta (to measure and improve services).
  • Professional advisers: legal, accounting, audit and fraud prevention services when required.
  • Authorities: where required by law (e.g., court order, tax authorities) or to prevent fraud and illegal activity.

We require all third-party providers to keep personal data secure and to use it only for the purposes we specify.

7. International transfers

Your data may be processed or stored outside the UK (for example, by cloud providers or payment processors). Where we transfer personal data outside the UK, we ensure appropriate safeguards are in place, such as:

  • Transfers to countries with an adequacy decision
  • Standard Contractual Clauses (SCCs) or other lawful transfer mechanisms approved under UK law.

If you would like more information about the safeguards in place for a specific transfer, please contact us.

8. Data retention

We retain personal data only as long as necessary for the purposes set out in this policy and in line with legal and regulatory requirements:

  • Order & payment records: typically retained for 7 years for tax and accounting purposes.
  • Accounts & profile information: retained while the account is active and for a reasonable period after closure.
  • Support & warranty records: retained for the duration of the warranty and a reasonable period afterwards.
  • Marketing consents: retained until you withdraw consent.
  • Logs and analytics: retained in anonymised or aggregated form where possible; raw logs retained for a limited period for security and debugging.

If you wish to request deletion of your data, please see Section 12 (Your rights).

9. Cookies & tracking technologies

We use cookies and similar technologies to operate the Site and provide services. Our Cookie Policy explains the types of cookies we use:

  • Essential cookies: required for the Site to function (no consent required).
  • Performance & analytics cookies: to understand how the Site is used.
  • Marketing cookies: to deliver personalised advertising and measure campaigns (consent required).

You can manage cookie preferences via our cookie banner or through your browser settings (note this may affect Site functionality).

10. Security

We take appropriate technical and organisational measures to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access. Measures include secure servers, HTTPS, access controls, encryption for data in transit, regular security testing and staff training.

However, no internet transmission can be guaranteed 100% secure. If you suspect any breach, please contact us immediately.

11. Your rights

Under UK data protection law you have the following rights (subject to certain conditions):

  • Access: request a copy of the personal data we hold about you.
  • Rectification: ask us to correct inaccurate or incomplete data.
  • Erasure: request deletion of your data (“right to be forgotten”) in certain circumstances.
  • Restriction: ask us to restrict processing in certain circumstances.
  • Portability: receive your data in a structured, commonly used format (where applicable).
  • Object: object to processing based on legitimate interests or for direct marketing.
  • Withdraw consent: where we rely on consent, you can withdraw it at any time.
  • Complain: you can lodge a complaint with the Information Commissioner’s Office (ICO) at ico.org.uk.

To exercise any of these rights, contact service@medicalbatterydirect.co.uk. We will respond within the statutory timeframe (normally one month).

12. Children and vulnerable people

Our services are intended for adults. If you are under 13 (or the applicable age in your jurisdiction), please do not provide personal data without parental consent. If we become aware that we have collected personal data from a child without appropriate consent, we will delete it.

13. Marketing communications

We only send marketing emails where you have opted in (or where we have another lawful basis, such as a soft opt-in for existing customers where permitted). Every marketing email includes an easy way to unsubscribe.

If you prefer not to receive marketing, change your preferences via your account settings or email service@medicalbatterydirect.co.uk.

14. Warranty, returns and personal data

When you make a warranty or returns claim we will process relevant personal data to evaluate and fulfil the claim. This typically includes order details, product serial numbers, photos you provide and correspondence. We will retain these records to manage the claim and for warranty administration.

15. Fraud prevention & compliance checks

We use personal data to detect and prevent fraud (for example, checks on delivery address, payment authorisation). We may share data with fraud prevention partners and law enforcement where necessary and lawful.

16. Updates to this Privacy Policy

We may update this Privacy Policy occasionally. We will post the revised version on the Site with an updated “Effective date”. Where changes are significant, we will notify you by email or via the Site.

17. Contact & complaints

If you have questions or complaints about this policy or how we process your data:

We aim to acknowledge all enquiries promptly and resolve matters as quickly as possible.

18. Further information (examples of processors)

This section lists the typical third-party services we may use:

  • Payment processors: PayPal, Airwallex (for card payments), Google Pay, Apple Pay.
  • Delivery partners: EVRi, DHL, PostNL.
  • Analytics: Google Analytics, Google Tag Manager.
  • CRM & support: Zendesk.
  • Hosting & storage: Tencent Cloud.

Each provider acts as a processor and is contractually obligated to keep personal data secure and only process it according to our instructions.