Toggle Nav
Search
Advanced Search
  • Sign In
  • Create an Account
My Cart
Menu
Account

Privacy Policy

Privacy Policy MAINNET LTD

1. Introduction

MAINNET LTD("we", "our", "us") operates www.mainnet.uk. This Privacy Policy explains how we collect, use, disclose, and safeguard your information in compliance with UK GDPR and the Data Protection Act 2018.

Data Controller: MAINNET LTD
ICO Registration: Pending
Contact: admin@mainnet.uk

2. Information We Collect

2.1 Information You Provide

  • Account Information: Name, email, password, phone number
  • Business Information: Company name, VAT number, job title, department
  • Transaction Data: Billing/shipping addresses, order history, payment method (not full card details)
  • Communication Data: Support tickets, emails, phone call records (not recordings)
  • Marketing Preferences: Email opt-in/out, communication preferences

2.2 Information We Collect Automatically

  • Device Data: IP address, browser type, operating system, device ID
  • Usage Data: Pages visited, time on site, click paths, download errors
  • Location Data: Country and city (from IP address)
  • Cookie Data: See Section 3 for details

2.3 Information from Third Parties

  • Credit Reference Agencies: Experian, Equifax (B2B accounts only)
  • Companies House: Company verification data
  • Fraud Prevention: Action Fraud, CIFAS databases
  • Payment Processors: Transaction confirmations from Stripe

3. Cookies We Use

3.1 Essential Cookies (Always Active)

Cookie Purpose Duration
PHPSESSID Session management Session
form_key Security/CSRF protection Session
mage-cache-storage Local cache management Session
mage-messages Error/success messages Session
private_content_version Content versioning Session

3.2 Functional Cookies

Cookie Purpose Duration
recently_viewed_product Recently viewed items 30 days
product_data_storage Product comparisons 30 days
section_data_ids Customer segment data Session
store Store view selection 1 year

3.3 Analytics Cookies

Cookie Purpose Duration
_ga Google Analytics - User ID 2 years
_gid Google Analytics - Session 24 hours
_gat Google Analytics - Rate limit 1 minute
_gac_* Google Ads conversions 90 days

4. How We Use Your Information

4.1 Order Processing (Legal Basis: Contract)

  • Process and fulfill orders
  • Send order confirmations and updates
  • Process payments and refunds
  • Deliver products
  • Handle returns and warranties

4.2 Customer Service (Legal Basis: Contract/Legitimate Interests)

  • Respond to inquiries and support tickets
  • Provide technical support
  • Send service messages (non-marketing)
  • Manage your account

4.3 Legal Compliance (Legal Basis: Legal Obligation)

  • Maintain records for tax purposes (7 years)
  • Comply with court orders
  • Anti-money laundering checks
  • Export control compliance

4.4 Business Operations (Legal Basis: Legitimate Interests)

  • Fraud prevention and detection
  • Credit checking (B2B accounts)
  • Website security and performance
  • Business analytics and reporting
  • Product development

4.5 Marketing (Legal Basis: Consent/Legitimate Interests)

  • B2C: Only with explicit consent
  • B2B: Soft opt-in for existing customers (legitimate interests)
  • Send promotional emails
  • Display targeted ads
  • Market research

5. Who We Share Data With

5.1 Service Providers

  • Payment Processing: Stripe (PCI DSS compliant)
  • Sub-processors: Apple Pay, Google Pay via Stripe
  • Email: Zoho Mail
  • Analytics: Google Analytics
  • Advertising: Google Ads
  • Hosting: Amazon Web Services (AWS EU-West-1)
  • Delivery: DPD, UPS, Royal Mail, FedEx
  • Credit Reference: Experian, Equifax (B2B only)

5.2 Legal Disclosures

We may disclose data to:

  • Law enforcement agencies
  • Courts and tribunals
  • Regulatory bodies (ICO, Trading Standards)
  • HMRC for tax purposes

5.3 Business Transfers

If we sell or merge our business, customer data may be transferred to the new owners.

6. International Transfers

Your data may be transferred outside the UK/EEA to:

  • USA: Google, Stripe (Standard Contractual Clauses)
  • India: Zoho (Standard Contractual Clauses)

We ensure appropriate safeguards via:

  • Standard Contractual Clauses (SCCs)
  • Adequacy decisions
  • Your explicit consent where required

7. Data Retention

Data Type Retention Period Reason
Customer accounts Active + 7 years Tax/legal requirements
Order records 7 years Tax/accounting (HMRC)
Payment records 7 years Financial regulations
Email marketing Until unsubscribe + 2 years Suppression list
Website analytics 26 months Google Analytics default
Support tickets 3 years Service improvement

8. Your Rights

Under UK GDPR, you have the following rights:

8.1 Right to Access

Request a copy of your data within 30 days, free of charge

8.2 Right to Rectification

Correct inaccurate or incomplete data

8.3 Right to Erasure

Request deletion except where we have legal obligations to retain

8.4 Right to Restrict Processing

Limit how we use your data in certain circumstances

8.5 Right to Data Portability

Receive your data in machine-readable format

8.6 Right to Object

Object to processing based on legitimate interests or direct marketing

To exercise your rights: Email admin@mainnet.uk with proof of identity

9. B2B Specific Processing

For business customers, we additionally:

  • Perform credit checks via Experian/Equifax
  • Verify directors via Companies House
  • Check VAT numbers via HMRC/VIES
  • Share data with trade credit insurers
  • Report payment performance to credit agencies
  • Apply for credit insurance on large orders
  • Screen against sanctions lists

10. Security Measures

We protect your data using:

  • SSL/TLS encryption for data transmission
  • PCI DSS compliance for payment processing
  • Encrypted database storage
  • Access controls and authentication
  • Regular security audits and penetration testing
  • Staff training and confidentiality agreements
  • Incident response procedures
  • Backup and disaster recovery systems

11. Children's Privacy

Our services are not directed to individuals under 18. B2B purchases require authority to bind your organization.

12. Marketing Communications

12.1 B2C Marketing

  • Only with explicit opt-in consent
  • Unsubscribe link in every email
  • Preference center available

12.2 B2B Marketing

  • Soft opt-in for existing customers
  • Similar products and services only
  • Clear unsubscribe in every email
  • PECR compliant

13. Third-Party Links

Our site may contain links to third-party websites. We are not responsible for their privacy practices.

14. Changes to This Policy

We may update this policy periodically. Material changes will be notified via email or website notice.

15. Complaints

If you're unhappy with our data handling:

  1. Contact us: admin@mainnet.uk
  2. Escalate to our DPO: admin@mainnet.uk
  3. Lodge a complaint with the ICO: ico.org.uk or call 0303 123 1113

16. Contact Information

Data Controller:
MAINNET LTD
86-90 Paul Street, 3rd Floor, London, England, EC2A 4NE
Email: admin@mainnet.uk
Phone: To be added

Data Protection Officer:
Email: admin@mainnet.uk