What this means:

You can request a copy of all personal data we hold about you.

We will provide:

• Confirmation that we're processing your data
• A copy of your personal data
• Details about how we use your data
• Who we share it with
• How long we keep it
• Your rights regarding the data

How to request:

Email admin@mainnet.uk with "Subject Access Request" in the subject line.

What this means:

You can ask us to correct any inaccurate or incomplete personal data.

Examples:

• Incorrect name spelling
• Old address after moving
• Outdated phone number
• Wrong company information

How to request:

Login to your account to update details, or email admin@mainnet.uk with corrections.

What this means:

You can request deletion of your personal data in certain circumstances.

When this applies:

• Data is no longer needed for original purpose
• You withdraw consent (where consent was the legal basis)
• You object and we have no overriding legitimate grounds
• Data was unlawfully processed
• Legal obligation requires erasure

When we can't delete:

• Legal obligations (e.g., 6-year tax records under UK law)
• Defending legal claims
• Public health interests
• Freedom of expression

How to request:

Email admin@mainnet.uk with "Erasure Request" in the subject line.

What this means:

You can limit how we use your data without deleting it.

When this applies:

• You contest data accuracy (while we verify)
• Processing is unlawful but you don't want erasure
• We no longer need data but you need it for legal claims
• You've objected (while we assess legitimate grounds)

What happens:

We can store the data but not use it (except with consent or for legal claims).

How to request:

Email admin@mainnet.uk with "Restriction Request" and specify what to restrict.

What this means:

You can receive your data in a machine-readable format to transfer to another service.

What data is portable:

• Account details (name, email, addresses)
• Order history and invoices
• Product reviews
• Saved payment methods (tokenized, not full card details)
• Communication preferences

Conditions for portability:

• Only data you provided to us or we observed about you
• Only where processing is automated
• Only where legal basis is consent or contract

Format provided:

CSV or JSON format, commonly used and machine-readable.

How to request:

Email admin@mainnet.uk with "Portability Request" in the subject line.

What this means:

You can object to certain types of processing.

Absolute right to object to:

• Direct marketing - We must stop immediately
• Marketing profiling - No exceptions

Qualified right to object to:

• Processing based on legitimate interests
• Processing for research/statistics
• Processing for public tasks

We must stop unless we demonstrate compelling legitimate grounds.

How to object:

Email admin@mainnet.uk or click "unsubscribe" in marketing emails.

What this means:

You have rights when decisions are made about you without human involvement.

Our automated processing:

• Fraud prevention screening: Orders may be automatically declined if they trigger fraud indicators such as mismatched billing addresses, high-risk IP addresses, or unusual order patterns
• Credit checks: B2B customers requesting credit terms

What happens if flagged:

Orders flagged for fraud will be automatically declined or held for manual review. You'll receive an email notification explaining the decision.

Your rights:

• Request human intervention
• Request manual review of declined orders
• Express your point of view
• Contest the decision
• Request explanation of logic involved

How to request review:

Email admin@mainnet.uk with "Automated Decision Review" in the subject line.

What this means:

Where we rely on consent, you can withdraw it at any time.

Areas using consent:

• Marketing emails (B2C customers)
• Marketing cookies
• Analytics cookies

How to withdraw:

• Marketing: Click unsubscribe in any email
• Cookies: Use cookie settings on website
• General: Email admin@mainnet.uk