Claryon Privacy Policy
Effective Date: 22 November 2025 Last Updated: 22 November 2025
This Privacy Policy explains how Claryon (“we,” “us,” or “our”) collects, uses, processes, and protects your personal data when you use our website, claryon.co.uk, and purchase our custom printing services, including stickers, flyers, and business cards.
We are committed to protecting your privacy and complying with all relevant UK data protection laws, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
1. Important Information and Who We Are
Data Controller: Claryon acts as the Data Controller responsible for your personal data.
Contact Details: If you have any questions about this privacy policy or our data practices, please contact us using the details below:
- Name: Claryon (Trading Name)
- Address: [Insert UK Business Address Here]
- Email: [Your Designated Contact Email for Privacy Queries]
You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO, so please contact us in the first instance.
2. The Data We Collect About You
We may collect, use, store, and transfer different kinds of personal data about you which we have grouped together as follows:
| Data Category | Examples of Data Collected | Purpose/Source |
|---|---|---|
| Identity Data | First name, last name, username, title. | Account setup and verification. |
| Contact Data | Billing address, delivery address, email address, telephone numbers. | Contractual necessity (order fulfillment). |
| Financial/Transaction Data | Details about payments to and from you, and other details of products and services you have purchased from us (e.g., order history). Note: We do not store your credit card details. | Contractual necessity and legal obligation (accounting). |
| Technical Data | Internet protocol (IP) address, login data, browser type and version, time zone setting, operating system. | Website security and improvement (Legitimate Interest). |
| Usage Data | Information about how you use our website and services. | Analytics and improving user experience (Legitimate Interest). |
| Content Data (CRITICAL) | Images, graphics, text, and designs uploaded by you for custom printing (e.g., custom stickers, flyers, business cards). | Contractual necessity (producing your order). |
| Marketing Data | Your preferences in receiving marketing from us and your communication preferences. | Consent (for direct marketing) or Legitimate Interest (for existing customers). |
Special Category Data (Regarding Content Data)
We do not intentionally collect any Special Categories of Personal Data (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data).
However, we acknowledge that Content Data uploaded by you (i.e., the images or designs for printing) may inadvertently contain such data. We process this Content Data strictly and only for the purposes of performing the printing contract with you. We do not analyze, categorize, or otherwise process this data beyond what is required for the technical production of your order.
3. How We Use Your Personal Data (Lawful Basis)
We will only use your personal data when the law allows us to. Most commonly, we rely on the following lawful bases:
| Purpose of Processing | Type of Data Used | Lawful Basis for Processing |
|---|---|---|
| Processing and delivering your order (Production, payment, dispatch) | Identity, Contact, Financial, Transactional, Content | Performance of a Contract with you. |
| Managing our relationship with you (Notifications, service updates) | Identity, Contact, Transactional | Performance of a Contract and Legitimate Interest (keeping our records updated). |
| Website administration and protection (Security, testing, troubleshooting) | Technical, Usage | Legitimate Interest (for running our business, preventing fraud, and network security). |
| Delivering relevant website content and advertising to you | Usage, Technical, Marketing | Legitimate Interest (to grow our business) or Consent (for non-essential cookies). |
| Sending direct marketing communications (Promotions, new products) | Identity, Contact, Marketing | Consent (where specifically opted-in). |
| Retention and deletion of Content Data | Content Data | Performance of a Contract (retaining a digital copy briefly to address quality issues or reprints) and Legitimate Interest (minimising data risk by deleting files promptly). |
4. Disclosure of Your Personal Data
We may share your personal data with the parties set out below for the purposes outlined in Section 3.
- Payment Processors: Providers who securely handle your payment details (e.g., Stripe, PayPal). They only receive the data necessary to process your transaction.
- Delivery Partners: Courier and postal services (e.g., Royal Mail, DPD) to facilitate the delivery of your physical order. They receive Identity and Contact Data (Name, Address, Phone).
- IT and System Providers: Parties who provide support for our website, database, and cloud storage (e.g., hosting providers, email platforms).
- Professional Advisors: Including lawyers, bankers, auditors, and insurers based in the UK who provide consultancy, banking, legal, insurance, and accounting services.
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We only permit our third-party service providers to process your personal data for specified purposes and in accordance with our instructions.
5. International Transfers
We may transfer your personal data outside the UK (for example, if our servers or data centres are located in the EU or the US, as is common for cloud services).
If we transfer your personal data out of the UK, we ensure a similar degree of protection is afforded to it by implementing at least one of the following safeguards:
Where specific contractual clauses are required (such as Standard Contractual Clauses), we will ensure these are in place.
We will only transfer your data to countries that the UK deems to provide an adequate level of protection for personal data.
6. Data Security and Retention
Data Security
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorised way, altered, or disclosed. This includes using SSL encryption on our website and ensuring that third-party processors are also GDPR-compliant.
Data Retention
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
Specific Retention for Content Data (Your Designs): To protect your privacy and reduce our risk, we maintain a policy of strict data minimisation regarding Content Data.
After 30 days, the Content Data is permanently deleted from our servers. Order details (what you purchased) and Identity/Contact Data (who you are) are retained for up to 6 years for legal and tax compliance.
Uploaded images and custom designs are retained digitally only for a maximum of 30 days after your order is dispatched. This period allows us to resolve any immediate production quality issues or fulfil a quick re-order request.
7. Your Legal Rights (Data Subject Rights)
Under UK GDPR, you have the following rights concerning your personal data:
- The right to be informed about how your data is used (which this policy fulfils).
- The right of access to your personal data (a Subject Access Request).
- The right to rectification of inaccurate or incomplete data.
- The right to erasure (the ‘right to be forgotten’) in certain circumstances.
- The right to restrict processing of your data in certain situations.
- The right to data portability (receiving your data in a structured, machine-readable format).
- The right to object to processing based on legitimate interests or for direct marketing.
- Rights in relation to automated decision-making and profiling.
If you wish to exercise any of the rights set out above, please contact us at [Your Designated Contact Email for Privacy Queries]. We will respond to all legitimate requests within one calendar month.
8. Third-Party Links
Our website may include links to third-party websites, plug-ins, and applications (e.g., social media). Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements.
9. Cookies
Our website uses cookies to distinguish you from other users and to help provide you with a good experience and to improve our site. For detailed information on the cookies we use and the purposes for which we use them, please refer to our separate Cookie Policy [Link to your Cookie Policy here, if applicable]. Non-essential cookies will only be set if you have given your explicit consent.