PRIVACY POLICY

ConstructPC Ltd

Last updated: 20/06/2026

1. INTRODUCTION

ConstructPC Ltd respects your privacy and is committed to protecting your personal data. This Privacy Policy explains exactly how we collect, use, process, store, and protect your personal data when you visit our website, use our enquiry portals, or purchase goods and services from us. All processing is executed strictly in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. DATA CONTROLLER & REGISTRATION

ConstructPC Ltd is the designated data controller responsible for your personal data.

• Company Name: ConstructPC Ltd

• Company No: 17206476

• Registered Office: 33 Wildings Grove, Davenham, Northwich, Cheshire, CW9 8SR, United Kingdom

• ICO Registration Number: Registered with the Information Commissioner's Office under reference ZC162970.

• Primary Data Protection Contact: privacy@constructpc.co.uk

3. CONTACT CHANNELS

• Data Protection & Privacy Enquiries: privacy@constructpc.co.uk

• General Enquiries: info@constructpc.co.uk

• Customer Support & Faults: support@constructpc.co.uk

• Sales & Build Quotes: sales@constructpc.co.uk

4. PERSONAL DATA WE COLLECT

We may collect, use, store, and transfer different kinds of personal data about you, grouped as follows:

• Identity Data: First name, last name, business name, or account usernames.

• Contact Data: Billing address, delivery address, email address, and telephone numbers (including country codes).

• Financial & Transaction Data: Details about payments to and from you, order references, payment status markers, and itemised transaction history. We do not store raw card numbers.

• Technical & Usage Data: IP addresses, browser types, operating system profiles, time-zone settings, cookie identifiers, and analytical data regarding how you interact with our website.

• Enquiry & Support Data: Stated enquiry reasons, custom message strings submitted via our frontend forms, confirmation checkbox logs, diagnostic workshop notes, hardware stability logs, and component configuration histories.

• Visual Control Data: High-resolution digital photographs and videos of system components, serial numbers, workshop assembly progression, and transit packaging states captured for verification and fraud prevention.

We do not intentionally collect any Special Category Personal Data (e.g., health, ethnicity, or political beliefs).

5. HOW WE COLLECT YOUR DATA

We use different methods to collect data from and about you, including:

• Direct Interactions: You explicitly give us your Identity, Contact, and Transaction data by filling out our online interactive forms (e.g., "Get in Touch", "Build My PC", "Upgrades & Repairs", or "Raise a Concern"), creating a shop account, or communicating directly via our email addresses.

• Workshop Bench Operations: We collect technical device logs, component asset profiles, and system performance metadata when you submit hardware to our Northwich workshop for diagnostics or upgrade services.

• Automated Technologies: As you navigate our website, our platform infrastructure automatically collects Technical Data regarding your equipment and browsing patterns via standard server logs and cookies.

6. PURPOSES AND LAWFUL BASES FOR PROCESSING

We process your personal data under the following legally recognized bases under the UK GDPR:

• Contractual Necessity: To perform the contract we are about to enter into or have entered into with you. This includes compiling custom PC quotes, purchasing specific distributor components, executing workshop repairs, processing invoice payments, and managing tracked courier handovers.

• Legal Obligation: To comply with statutory legal requirements, including maintaining robust financial, corporate, and VAT accounting records under UK tax laws, or disclosing data to law enforcement bodies for fraud prevention.

• Legitimate Interests: For our legitimate business interests, including optimizing our workshop quality controls, retaining diagnostic data to validate our workmanship guarantees, investigating transit courier disputes, securing our network infrastructure, and defending against vexatious legal claims.

• Consent: Where you have provided unambiguous, explicit consent (e.g., opting into analytical tracking cookies or subscribing to direct marketing lists). You possess an absolute right to withdraw consent at any time.

7. PAYMENT DATA SECURITY

All financial payments are handled and processed directly through secure, Level 1 PCI-DSS compliant third-party payment gateways (such as Stripe, PayPal, Klarna, or global card merchant infrastructure). ConstructPC Ltd does not store, transmit, or hold raw financial card details or banking credentials on our local workshop servers or internal database layers. These third parties process your financial data under their own independent privacy frameworks.

8. THIRD-PARTY DATA SHARING

We do not sell, rent, or trade your personal data to any third-party marketing companies. We only share relevant personal data with trusted operational service providers to execute our business functions:

• Delivery & Logistics Partners: Vetted third-party tracked couriers to transport parts or completed custom systems safely to your threshold.

• Platform Providers: Our secure website hosting and database platform architecture provider (Squarespace), alongside our enterprise cloud storage and email system managers.

• Professional Advisers: External corporate accountants, legal teams, and auditors based in the UK.

• Hardware Manufacturers: Sourcing departments or component vendors, strictly where necessary to facilitate component-level RMA or warranty claims during your 3-Year Support Window.

• Regulatory Authorities: Law enforcement or government bodies where we are legally compelled to do so.

9. COOKIES AND COOKIE CONTROL

Our website utilises cookies to ensure basic platform performance, remember your shopping basket preferences, and analyse web traffic trends. Essential cookies are deployed automatically to make our platform functional. Non-essential analytical or performance cookies are strictly blocked unless you explicitly accept them via our cookie consent interface. You can configure your internet browser to refuse all or some cookies, but blocking essential scripts may degrade certain interactive areas of our online shop.

10. INTERNATIONAL DATA TRANSFERS

Some of our underlying technical platform infrastructure partners (e.g., Squarespace, cloud storage nodes, email software applications) maintain distributed server networks or process data structures outside the UK (such as in the US or EEA). Where international data transfers occur, we ensure that a similar, high degree of data protection is maintained by verifying that our vendors operate under valid UK-approved transfer mechanisms, UK Extension frameworks, or Standard Contractual Clauses (SCCs).

11. DATA RETENTION BOUNDARIES

We only retain personal data for as long as necessary to fulfil the distinct operational and legal purposes we collected it for.

• Financial & Order Records: Invoice files, transaction tokens, and core order history data are legally maintained for a minimum of 6 years to comply with UK corporate tax, VAT auditing, and financial compliance laws.

• Technical Support Records: Diagnostic bench notes, component serial arrays, and custom build configuration data are safely archived for the duration of your 3-Year ConstructPC Build Support window to ensure seamless technical aftercare tracking.

• Complaint Histories: Resolved dispute interactions are maintained long enough to satisfy statutory limitation periods under English law.

12. DATA SECURITY MEASURES

We have put in place robust technical and organizational security measures to prevent your personal data from being accidentally lost, altered, disclosed, or accessed in an unauthorized manner. Local workshop diagnostic stations are password-secured, cloud data pools use encrypted protocols, and access to your data is strictly limited to authorized personnel who have a genuine business need to know.

13. YOUR STATUTORY RIGHTS

Under UK data protection laws, you possess comprehensive statutory rights regarding how your data is handled:

• Right of Access (SAR): Request a digital copy of the personal data we hold about you.

• Right to Rectification: Request that we immediately correct inaccurate or incomplete data blocks.

• Right to Erasure ("Right to be Forgotten"): Request that we delete your data where there is no overriding legal or financial retention requirement for us to keep it.

• Right to Restrict or Object: Object to or restrict our processing layout under specific circumstances.

• Right to Data Portability: Request the clean transmission of your data structure to another provider.

To exercise any of these statutory consumer rights, please contact our data team directly at privacy@constructpc.co.uk. We handle valid requests free of charge and aim to respond within one calendar month.

14. THE INFORMATION COMMISSIONER’S OFFICE (ICO)

You hold the legal right to lodge a formal complaint at any time with the Information Commissioner’s Office, the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, sincerely appreciate the opportunity to address and resolve any privacy misalignments or data concerns with you directly before you approach the regulator, so please reach out to privacy@constructpc.co.uk in the first instance.