Privacy Policy
Last updated: January 2026
Your privacy matters to us. This Privacy Policy explains how glovesupplies.com collects, uses, stores and protects your personal data. We keep data collection to a minimum while using the information we gather to provide you with a great shopping experience.
Privacy Policy Summary
- We respect your privacy – your data is kept safe and secure
- We collect only what we need – name, address, email and phone number to process and deliver your orders
- We never sell your data – we never have and we never will
- We share data only when necessary – with couriers, payment processors and where legally required
- You have rights – access, correction, deletion and more (details below)
- Marketing is your choice – opt in or out at any time
1. Who We Are
glovesupplies.com is a trading name of NCL Limited, the data controller responsible for your personal data.
Company Details:
NCL Limited
2A Royal Street
Barnsley
South Yorkshire
S70 2ED
Company Number: 07770335
VAT Registration: GB 167 2842 86
We sell professional care home equipment, medical supplies, mobility aids and related products and services to healthcare professionals, care providers and consumers.
Data Protection Contact:
Email: [your email address]
Telephone: [your phone number]
2. Data Protection Law
We comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. These laws govern how we collect, use and protect your personal data.
3. Personal Data We Collect
Information you provide directly:
- Identity data: Title, first name, last name, job title, company name
- Contact data: Billing address, delivery address, email address, telephone numbers
- Account data: Username, password, account preferences
- Transaction data: Orders placed, payments made, products and services purchased
- Communication data: Enquiries, correspondence, reviews, feedback, complaints
- Marketing preferences: Your choices about receiving marketing from us
Information collected automatically:
- Technical data: IP address, browser type and version, device type, operating system, time zone, location data
- Usage data: Pages visited, products viewed, time spent on site, click patterns, search queries
- Cookie data: Information collected through cookies and similar technologies (see Section 10)
Information from other sources:
- Delivery partners: Confirmation of delivery, failed delivery attempts
- Payment providers: Payment verification and fraud screening results
- Credit reference agencies: For trade account applications only
- Public sources: Companies House, published business information
Special category data:
We do not intentionally collect sensitive personal data such as health information. If you provide such information voluntarily (for example, when describing equipment requirements), we process it only as necessary to fulfil your order.
4. How We Use Your Data
| Purpose | Data Used | Legal Basis |
|---|---|---|
| Processing and fulfilling orders | Identity, contact, transaction data | Contract performance |
| Taking payment and fraud prevention | Identity, contact, transaction data | Contract performance / Legitimate interest |
| Delivering products to you | Identity, contact data | Contract performance |
| Managing your account | Identity, contact, account data | Contract performance |
| Communicating about your order | Identity, contact, transaction data | Contract performance |
| Handling enquiries and complaints | Identity, contact, communication data | Contract performance / Legitimate interest |
| Providing customer support | Identity, contact, transaction, communication data | Contract performance / Legitimate interest |
| Processing warranty claims | Identity, contact, transaction data | Contract performance / Legal obligation |
| Arranging LOLER inspections and services | Identity, contact, transaction data | Contract performance |
| Sending marketing communications (with consent) | Identity, contact, marketing preferences | Consent |
| Personalising your website experience | Technical, usage data | Legitimate interest |
| Website analytics and improvement | Technical, usage data | Legitimate interest |
| Fraud detection and prevention | Identity, contact, transaction, technical data | Legitimate interest / Legal obligation |
| Debt recovery | Identity, contact, transaction data | Legitimate interest / Legal obligation |
| Complying with legal obligations | All relevant data | Legal obligation |
| Defending legal claims | All relevant data | Legitimate interest / Legal obligation |
5. Who We Share Your Data With
We share your personal data only where necessary to provide our services or comply with legal obligations:
Service providers:
- Delivery partners: Royal Mail, couriers and logistics providers – to deliver your orders
- Payment processors: To process card payments securely (we do not store card details)
- Website hosting and IT providers: To maintain and secure our systems
- Email service providers: To send order confirmations and communications
- Analytics providers: To understand website usage (anonymised data)
Professional advisers:
- Accountants, auditors, lawyers and insurers where necessary
Authorities and regulators:
- HMRC, police, courts, Trading Standards, CQC or other regulatory bodies when required by law or to protect our legal rights
Business transfers:
- If our business is sold, merged or restructured, your data may transfer to the new owner who will continue to be bound by this Privacy Policy
We do not sell, rent or trade your personal data to third parties for their marketing purposes.
6. International Transfers
Your data is primarily stored and processed in the United Kingdom. Where we transfer data outside the UK, we ensure appropriate safeguards are in place:
- Transfers to countries with UK adequacy decisions
- Standard contractual clauses approved by the ICO
- Other legally approved transfer mechanisms
Some of our third-party providers (such as cloud services and analytics) may process data outside the UK. We ensure all such providers maintain appropriate security standards and legal protections.
7. Data Retention
We keep your data only as long as necessary for the purposes described in this policy:
| Data Type | Retention Period | Reason |
|---|---|---|
| Order and transaction records | 7 years from transaction | Tax and accounting obligations, warranty claims, legal disputes |
| Customer account data | Duration of account plus 3 years | Service provision, reorders, support |
| LOLER inspection records | 11 years minimum | Regulatory compliance (PUWER/LOLER) |
| Marketing consent records | Duration of consent plus 3 years | Demonstrating lawful consent |
| Enquiries and correspondence | 3 years from last contact | Customer service, dispute resolution |
| Call recordings | 6 months | Training and quality assurance |
| Website analytics data | 26 months | Website improvement |
| CCTV and security footage | 30 days | Security purposes |
After these periods, data is securely deleted or anonymised.
8. Data Security
We take the security of your data seriously and have implemented appropriate measures:
- Encryption: SSL/TLS encryption on all website pages and data transfers
- Payment security: PCI-DSS compliant payment processing; we do not store card details
- Access controls: Staff access limited to those who need it for their role
- Secure storage: Data held on secure, regularly tested servers
- Physical security: Office premises secured with restricted access
- Staff training: Regular data protection training for all staff
- Document disposal: Confidential shredding of paper documents with certificate of destruction
- Regular testing: Security assessments and vulnerability testing
When you call us, conversations may be recorded for training and quality purposes. Recordings are stored securely and deleted after 6 months. We pause recording when taking payment details.
9. Data Breaches
In the unlikely event of a data breach that poses a risk to your rights and freedoms, we will:
- Notify the Information Commissioner's Office (ICO) within 72 hours
- Contact affected individuals without undue delay
- Take immediate steps to contain and remedy the breach
- Document the breach and our response
10. Cookies
Our website uses cookies – small text files stored on your device – to provide essential functionality and improve your experience.
Essential cookies (required):
- Shopping basket functionality
- User login and authentication
- Security and fraud prevention
Analytics cookies (optional):
- Google Analytics – to understand how visitors use our site
- Performance monitoring – to identify and fix technical issues
Marketing cookies (optional):
- Advertising personalisation – to show relevant products
- Social media integration – if you choose to share content
When you first visit our website, you can choose which optional cookies to accept. You can change your preferences at any time through our cookie settings or your browser settings.
Blocking essential cookies will affect website functionality, including the ability to add items to your basket and checkout.
For more information, see our separate Cookie Policy.
11. Marketing
We would like to send you information about products, services and offers that may interest you.
Your consent: We will only send marketing communications where you have given consent or where we have a legitimate interest (for example, if you are an existing customer who has previously purchased similar products).
What we send: Email newsletters, product updates, special offers, and information about new services.
Your choices:
- Opt in or out when creating an account or placing an order
- Unsubscribe using the link in any marketing email
- Update preferences in your account settings
- Contact us to change your preferences at any time
Even if you opt out of marketing, we will still send essential service communications about your orders and account.
12. Your Rights
Under UK GDPR, you have the following rights:
| Right | Description |
|---|---|
| Access | Request a copy of the personal data we hold about you |
| Rectification | Request correction of inaccurate or incomplete data |
| Erasure | Request deletion of your data in certain circumstances |
| Restriction | Request we limit how we use your data |
| Portability | Request your data in a structured, machine-readable format |
| Object | Object to processing based on legitimate interests or for direct marketing |
| Withdraw consent | Withdraw consent at any time where processing is based on consent |
| Complain | Lodge a complaint with the ICO if you believe your rights have been breached |
To exercise your rights: Contact us using the details in Section 1. We will respond within 30 days. We may need to verify your identity before processing your request.
No fee usually required: You will not normally have to pay a fee. However, we may charge a reasonable fee for manifestly unfounded, repetitive or excessive requests.
Limitations: Some rights are not absolute. We may need to retain certain data for legal, accounting or legitimate business purposes even if you request deletion.
13. Automated Decision-Making
We use automated systems for:
- Fraud screening: Payment transactions are automatically screened for fraud indicators. Orders flagged as high-risk may be declined or require additional verification.
- Credit checks: Trade account applications may be subject to automated credit scoring.
You have the right to request human review of any automated decision that significantly affects you.
14. Children's Privacy
Our website and services are not directed at children under 18. We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a child, please contact us immediately.
15. Third-Party Links
Our website may contain links to third-party websites. We are not responsible for the privacy practices or content of these sites. We encourage you to read the privacy policy of every website you visit.
16. Changes to This Policy
We may update this Privacy Policy from time to time. Significant changes will be notified via our website or by email. The "Last updated" date at the top indicates when revisions were made.
We encourage you to review this policy periodically.
17. Complaints
If you have concerns about how we handle your data, please contact us first. We take all complaints seriously and will work to resolve the issue.
If you are not satisfied with our response, you have the right to complain to the Information Commissioner's Office (ICO):
Information Commissioner's Office
Wycliffe House, Water Lane
Wilmslow, Cheshire SK9 5AF
Website: ico.org.uk
Telephone: 0303 123 1113
18. Contact Us
For any questions about this Privacy Policy or to exercise your data rights, please contact:
glovesupplies.com
A trading name of NCL Limited
2A Royal Street
Barnsley
South Yorkshire
S70 2ED
Company Number: 07770335
VAT Registration: GB 167 2842 86
Email: cs@ncl-ltd.co.uk
Telephone: 020 3355 1985
Thank you for trusting glovesupplies.com with your personal data.