TOC Trading Ltd is committed to protecting and respecting your privacy.

This Privacy Policy sets out how we collect, use, store, and protect your personal data when you visit our website or make a purchase from us. We comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

We may update this Policy from time to time. Any changes will be posted on this page, and where appropriate, notified to you by email. Please check back regularly to see any updates.

If you have any questions about this Policy or our privacy practices, please contact us at info@toctrading.co.uk.

This Privacy Policy should be read alongside our Terms and Conditions, available at https://www.toctrading.co.uk/terms-and-conditions/.

Who We Are

TOC Trading Ltd is the data controller responsible for your personal data. We are a company registered in England and Wales. Company number 16830895.

What Personal Data We Collect

We may collect the following personal data about you:

  • Name (first name and last name)
  • Delivery and billing address (including postal code)
  • Email address
  • Telephone number
  • Payment details (processed securely by our payment providers; we do not store full credit/debit card numbers)
  • IP address, browser type, operating system, pages visited, and time of visit (via cookies and log files)

We collect this data when you:

  • Register an account
  • Place an order
  • Contact us (e.g., via email or forms)
  • Interact with our website (e.g., browsing activity)

Why We Collect and How We Use Your Personal Data (Lawful Bases)

We process your personal data on the following lawful bases under UK GDPR:

  • To perform a contract (e.g., processing and delivering your orders, managing your account)
  • To comply with legal obligations (e.g., tax and accounting requirements)
  • For our legitimate interests (e.g., improving our website, preventing fraud, marketing – provided these do not override your rights)
  • With your consent (e.g., for non-essential cookies or marketing communications)

Specific purposes include:

  • Processing and fulfilling orders
  • Order tracking and customer support
  • Sending transactional emails (e.g., order confirmations)
  • Marketing and special offers (where you have consented)
  • Website analytics and improvement
  • Fraud prevention and security

Sharing Your Personal Data

We may share your personal data with trusted third parties, including:

  • Delivery partners (e.g., Royal Mail, Evri, DPD, DHL) to fulfil orders
  • Payment processors for secure transactions
  • IT and hosting providers (our website is hosted by Hostinger, which may involve data processing in the UK, EU, and other locations with adequate safeguards)
  • Analytics providers (where consented)
  • Professional advisers (e.g., accountants, lawyers) where necessary

We do not sell your personal data. We only share it where necessary and under strict confidentiality agreements.

International Transfers

Some of our service providers may process data outside the UK/EEA. Where this occurs, we ensure appropriate safeguards are in place, such as UK International Data Transfer Agreements or adequacy decisions.

Cookies and Similar Technologies

We use cookies and log files to improve your experience, analyse traffic, and for functionality (e.g., remembering your preferences).

Essential cookies are required for the website to function. Non-essential cookies (e.g., for analytics or marketing) require your consent.

You can manage cookies via your browser settings or our cookie banner. Disabling cookies may affect website functionality.

For more details, see our separate Cookie Policy [link if available].

How Long We Keep Your Data

We retain personal data only as long as necessary:

  • Order-related data: Up to 7 years for legal/tax purposes
  • Account data: While your account is active, or longer if required by law
  • Marketing data: Until you withdraw consent

After this, we securely delete or anonymise it.

Your Rights

Under UK GDPR, you have the following rights:

  • Access your personal data
  • Rectify inaccurate data
  • Erase your data (in certain circumstances)
  • Restrict or object to processing
  • Data portability
  • Withdraw consent (where applicable)
  • Complain to the Information Commissioner’s Office (ICO) at www.ico.org.uk

To exercise these rights, or to request deletion of your account, email us at info@toctrading.co.uk. We will respond within one month.

Security

We take appropriate technical and organisational measures to protect your data, including:

  • SSL encryption
  • Secure payment processing
  • Access controls
  • Firewalls and monitoring

However, no online transmission is 100% secure, so we cannot guarantee absolute security.

Changes to This Policy

This Policy is available at https://www.toctrading.co.uk/privacy/. We encourage you to review it regularly.

Acceptance

By using our website, you acknowledge that you have read and understood this Privacy Policy.

Last updated: 8th January 2026