...

Privacy Policy

Last Updated: [2nd July 2025]

Welcome to Retro Computer Dungeon! This Privacy Policy explains how Retro Computer Dungeon ("we," "us," or "our") collects, uses, and protects your personal data when you visit and make a purchase from our website, retrocomputerdungeon.co.uk. We are committed to protecting your privacy and handling your personal data responsibly and in compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who We Are (Data Controller)

Retro Computer Dungeon is the data controller responsible for your personal data collected through this website. Our contact email for privacy-related inquiries is: retrocomputerdungeon@gmail.com

2. What Personal Data We Collect and Why

We collect various types of personal data for specific purposes. Here's a breakdown:

A. Information You Provide Directly to Us:

When you make a purchase or contact us, you provide us with certain personal data.

• Categories of Data:

  • Contact Information: Full name, email address, phone number.

  • Shipping & Billing Information: Shipping address and billing address.

  • Order Details: Information about the products you purchase (e.g., restored vintage computers, parts, recapping services) and your order history.

  • Service-Specific Information: Details about the specific vintage computer or components you send to us for services like recapping.

  • Communications: Any information you provide when contacting our customer support (e.g., via email).

• Purpose of Collection & Lawful Basis (UK GDPR):

  • To process and fulfil your orders and provide our services (e.g., recapping): This is necessary for the performance of a contract between you and Retro Computer Dungeon. Without this data, we cannot send you your order or perform the requested service.

  • To manage and respond to your customer service inquiries, returns, and support requests: This is necessary for the performance of a contract or for our legitimate interests in providing effective customer support.

  • To send you marketing communications (if you opt-in): We rely on your consent to send you promotional emails about our products, special offers, and updates. You can withdraw your consent at any time.

  • To prevent and detect fraud: This is necessary for our legitimate interests in protecting our business and customers from fraudulent transactions, and often a legal obligation for payment processing.

  • To comply with legal obligations: Such as tax, accounting, and consumer protection laws. This is necessary to comply with a legal obligation.

B. Information Collected Automatically (Website Tracking Data):

When you visit our website, certain information is automatically collected.

• Categories of Data:

  • Usage Data: Information about how you interact with our website, such as pages viewed, time spent on pages, clickstream data.

  • Technical Data: Your IP address, browser type and version, operating system, and device information.

• Purpose of Collection & Lawful Basis (UK GDPR):

  • To operate and improve our website: This data helps us understand how our site is used, identify technical issues, and enhance your Browse experience. This is based on our legitimate interests in maintaining and improving our online presence.

  • For analytics purposes: We use website tracking statistics to analyze website traffic and user behavior. This helps us make informed decisions about website design and content. This is based on your consent via cookie acceptance (more on cookies below) and our legitimate interests in understanding our business performance.

  • To prevent fraud and ensure website security: This is necessary for our legitimate interests in protecting our website and users.

3. How We Share Your Personal Data

We only share your personal data with trusted third parties when it is necessary for the purposes outlined in this policy, and only to the extent required. We ensure these third parties are also committed to data protection.

• Payment Processors: Your payment information is securely processed by Stripe. We do not directly collect or store your full payment card details; this is handled securely by Stripe, who is a PCI DSS compliant service provider. Stripe's own Privacy Policy governs their use of your data.

• Shipping Carriers: We share your name, shipping address, and phone number (if provided) with Royal Mail to enable them to deliver your orders.

• Website Hosting Provider: Our website is hosted by Hostinger. Hostinger processes data on our behalf to operate the website. Their privacy policy outlines their data handling practices.

• Analytics Providers: We use Google Analytics to understand website usage. Google processes data in accordance with their privacy policy.

• Accounting Software: We use Sage Accounting for financial record-keeping. Relevant transaction data (e.g., order details, customer name) is shared with Sage for accounting and tax purposes.

• Legal Compliance: We may disclose your personal data if required to do so by law or in response to valid requests by public authorities (e.g., a court or government agency).

We do not sell your personal data to third parties.

4. Data Security

We implement robust technical and organisational measures to protect your personal data from unauthorised access, alteration, disclosure, or destruction. These measures include:

• SSL/TLS Encryption: Our website uses SSL/TLS encryption to secure data transmitted between your browser and our server.

• Secure Servers: Data is stored on secure servers with restricted access.

• Access Controls: Access to your personal data by our staff is limited to those who have a legitimate business need to access it.

• Regular Security Reviews: We regularly review our security practices to ensure your data is protected.

While we strive to protect your personal data, no method of transmission over the Internet or electronic storage is 100% secure. Therefore, we cannot guarantee its absolute security.

5. Your Data Protection Rights (Under UK GDPR)

Under UK GDPR, you have the following rights regarding your personal data:

• The Right to Be Informed: You have the right to be informed about how your personal data is collected and used (this Privacy Policy serves this purpose).

• The Right to Access: You have the right to request a copy of the personal data we hold about you.

• The Right to Rectification: You have the right to request that we correct any inaccurate or incomplete personal data we hold about you.

• The Right to Erasure (the "Right to be Forgotten"): You have the right to request that we delete your personal data under certain circumstances (e.g., if it's no longer necessary for the purpose it was collected).

• The Right to Restrict Processing: You have the right to request that we limit the way we use your personal data in certain situations.

• The Right to Data Portability: You have the right to request that we transfer the data that we have collected to another organisation, or directly to you, under certain conditions.

• The Right to Object: You have the right to object to our processing of your personal data in certain situations, particularly when we rely on legitimate interests or for direct marketing.

• Rights in Relation to Automated Decision Making and Profiling: You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. (Note: We do not engage in such processing).

To exercise any of these rights, please contact us at retrocomputerdungeon@gmail.com. We will respond to your request within one month.

6. Cookies

Our website uses cookies to enhance your Browse experience, analyze site traffic, and understand where our visitors are coming from. A separate Cookie Policy [Cookies Policy] provides more detailed information on the types of cookies we use, their purpose, and how you can manage your preferences.