Privacy Policy
Last updated: 11 July 2026
At Bennett & Birch, we respect your privacy and are committed to protecting your personal information. This Privacy Policy explains what information we collect, why we collect it, how we use and protect it, with whom it may be shared, and the rights available to you under applicable data protection laws.
This Privacy Policy applies when you visit or use our website, place an order, create a customer account, subscribe to marketing communications, contact us, submit a review, or otherwise interact with Bennett & Birch.
The services, technologies, payment options, analytics tools, and advertising providers described in this Privacy Policy apply only where they are enabled, available, or used on our website.
1. DATA CONTROLLER AND CONTACT DETAILS
Bennett & Birch is responsible for determining how and why personal information collected through this website is processed.
For questions regarding this Privacy Policy, the use of your personal information, or the exercise of your privacy rights, please contact us at:
Bennett & Birch
Email: info@bennettbirch.com
For the purposes of the General Data Protection Regulation (“GDPR”) and other applicable data protection laws, Bennett & Birch acts as the data controller unless otherwise stated.
We do not use personal information for automated decision-making that produces legal effects or similarly significant consequences without appropriate safeguards and a lawful basis.
2. PERSONAL INFORMATION WE COLLECT
Depending on how you interact with us, we may collect the following categories of personal information.
2.1 Information You Provide Directly
You may provide information to us when you:
-
place an order;
-
create or manage a customer account;
-
subscribe to emails or promotional communications;
-
contact customer support;
-
complete a contact form;
-
participate in a promotion;
-
submit feedback or a product review;
-
request a return, refund, replacement, or other customer service assistance.
This information may include:
-
first and last name;
-
email address;
-
telephone number;
-
billing address;
-
delivery address;
-
account information;
-
order information;
-
communication preferences;
-
information included in messages sent to us;
-
information connected with returns, refunds, complaints, or customer service requests.
2.2 Order and Transaction Information
When you purchase a product, we may process information relating to:
-
products ordered;
-
order value;
-
order date;
-
delivery status;
-
selected payment method;
-
billing and delivery information;
-
returns, refunds, exchanges, or cancellations.
Payment information is generally processed by the relevant payment provider. Bennett & Birch does not necessarily receive or store complete card or bank-account details.
2.3 Information Collected Automatically
When you visit our website, certain technical information may be collected automatically through server logs, cookies, pixels, tags, software development tools, or similar technologies.
This information may include:
-
IP address;
-
browser type and version;
-
device type;
-
operating system;
-
language settings;
-
referring website or source;
-
pages viewed;
-
date and time of access;
-
approximate location derived from an IP address;
-
website interactions;
-
session information;
-
error reports;
-
technical performance information.
Where appropriate, we take steps to limit, anonymize, aggregate, or pseudonymize this information.
2.4 Information Received From Third Parties
We may receive information from service providers and business partners that support our website and operations, including:
-
payment providers;
-
delivery and fulfilment partners;
-
website-hosting providers;
-
analytics providers;
-
advertising platforms;
-
customer support providers;
-
fraud-prevention and security providers.
The information received depends on the service used and the permissions or choices you have made.
3. HOW AND WHY WE USE PERSONAL INFORMATION
We process personal information only where we have a valid purpose and an appropriate legal basis.
Depending on the circumstances, we may process your information for the following purposes.
3.1 Processing Orders and Performing a Contract
We may use your information to:
-
process and confirm orders;
-
arrange payment;
-
provide order updates;
-
prepare and dispatch products;
-
manage delivery;
-
process returns, exchanges, refunds, or cancellations;
-
provide customer support relating to a purchase;
-
manage customer accounts.
Where the GDPR applies, this processing is generally based on Article 6(1)(b), because it is necessary to enter into or perform a contract with you.
3.2 Responding to Questions and Requests
We may use information submitted through email, contact forms, social media, or other communication channels to:
-
respond to questions;
-
provide customer support;
-
resolve complaints;
-
investigate order issues;
-
respond to requests concerning your privacy rights.
This processing may be necessary to perform a contract or take steps at your request before entering into a contract. In other situations, it may be based on our legitimate interest in communicating with customers and providing effective support.
3.3 Operating and Improving Our Website
We may process technical and usage information to:
-
operate the website;
-
display content correctly;
-
maintain website functionality;
-
improve performance and usability;
-
identify and repair technical issues;
-
understand how visitors interact with the website;
-
improve products, services, and customer experience.
Where applicable, this processing is based on our legitimate interest in maintaining and improving our website. Where consent is legally required, we process the relevant information only after consent has been provided.
3.4 Security and Fraud Prevention
We may process information to:
-
protect customer accounts;
-
detect suspicious activity;
-
prevent fraud;
-
prevent misuse of our services;
-
maintain website and payment security;
-
protect our legal rights and business operations.
This processing may be based on our legitimate interests, contractual obligations, or legal obligations.
3.5 Compliance With Legal Obligations
We may process and retain information where necessary to:
-
comply with tax and accounting requirements;
-
maintain legally required business records;
-
respond to lawful government or regulatory requests;
-
comply with consumer-protection obligations;
-
establish, exercise, or defend legal claims.
Where the GDPR applies, this processing may be based on Article 6(1)(c).
3.6 Marketing and Personalization
Where permitted, we may use information to:
-
send promotional emails;
-
provide product updates;
-
personalize communications;
-
measure marketing performance;
-
show relevant advertising;
-
create or measure advertising audiences.
Depending on the activity and applicable law, processing may be based on your consent or our legitimate interests.
You may withdraw marketing consent or object to direct marketing at any time.
4. SERVER LOG FILES
When you access our website, our hosting infrastructure may automatically record technical information required to display, secure, and operate the website.
Server-log information may include:
-
the page requested;
-
date and time of access;
-
browser information;
-
operating system;
-
device information;
-
referring source;
-
IP address;
-
data-transfer information;
-
technical status or error information.
We may process this information to maintain website availability, identify errors, prevent misuse, protect website security, and improve technical performance.
Where the GDPR applies, this processing is generally based on our legitimate interest under Article 6(1)(f).
Server-log information is not used to directly identify visitors unless necessary for security, fraud prevention, legal compliance, or the investigation of suspected unlawful activity.
5. WEBSITE SECURITY
Our website uses appropriate technical security measures, which may include SSL or TLS encryption, to help protect information transmitted between your browser and our website.
An encrypted connection is generally indicated by “https://” in the website address and a lock symbol in your browser.
Although we take reasonable administrative, technical, and organizational measures to protect personal information, no online system or method of electronic transmission can be guaranteed to be completely secure.
6. COOKIES AND SIMILAR TECHNOLOGIES
6.1 What Cookies Are
Cookies are small data files stored on your browser or device when you visit a website.
We may also use related technologies, including:
-
pixels;
-
tags;
-
local storage;
-
software identifiers;
-
conversion-tracking technologies.
6.2 Types of Cookies
Our website may use the following categories.
Strictly Necessary Cookies
These cookies support essential website functions, including:
-
shopping-cart functionality;
-
checkout;
-
account login;
-
security;
-
fraud prevention;
-
privacy settings;
-
website navigation.
These cookies may be used without consent where permitted because the website may not function correctly without them.
Preference Cookies
Preference cookies may remember choices such as:
-
language;
-
region;
-
display preferences;
-
saved settings.
Analytics Cookies
Analytics technologies may help us understand:
-
how visitors use our website;
-
which pages are viewed;
-
how visitors navigate;
-
whether errors occur;
-
how website performance can be improved.
Where required by law, these technologies are activated only after consent.
Advertising and Marketing Cookies
Advertising technologies may be used to:
-
measure advertising performance;
-
track conversions;
-
limit repeated advertising;
-
create advertising audiences;
-
provide more relevant advertising.
Where required by law, marketing technologies are activated only after you provide consent.
6.3 Cookie Preferences
When you first visit the website, you may be shown a cookie banner or consent-management tool.
Where available, you may use this tool to:
-
accept optional cookies;
-
reject optional cookies;
-
choose individual cookie categories;
-
update or withdraw previous choices.
You may also manage cookies through your browser settings.
Disabling certain cookies may affect website functionality, saved preferences, checkout features, or other services.
7. CONTACT FORMS AND CUSTOMER COMMUNICATION
When you contact Bennett & Birch, we may collect the information necessary to understand and respond to your request.
This may include:
-
your name;
-
email address;
-
order number;
-
telephone number;
-
information included in your message;
-
attachments voluntarily provided;
-
relevant order or account information.
We use this information to respond, provide support, resolve problems, and manage related administration.
Information is retained only for as long as reasonably necessary for the purpose of the communication and any related legal, contractual, or record-keeping requirements.
8. CUSTOMER ACCOUNTS
Where customer-account functionality is available, we may process information submitted during registration and account use.
This information may be used to:
-
create and maintain the account;
-
allow access to account features;
-
display order history;
-
simplify future purchases;
-
manage account preferences;
-
support account security.
You may request deletion of your account by contacting:
Deleting an account does not necessarily result in the immediate deletion of all information. Certain order, transaction, tax, accounting, fraud-prevention, or legal records may need to be retained.
9. EMAIL MARKETING
9.1 Newsletter Subscriptions
Where newsletter subscriptions are available, we may use your email address to send:
-
product information;
-
offers;
-
promotions;
-
company updates;
-
relevant marketing communications.
Where required, marketing emails are sent only after you provide consent.
We may use a confirmation process to verify that the email address belongs to the person requesting the subscription.
Subscription records may include:
-
email address;
-
subscription date;
-
confirmation date;
-
IP address;
-
consent information.
These records may be retained to demonstrate compliance with applicable marketing and privacy requirements.
9.2 Unsubscribing
You may unsubscribe at any time by:
-
selecting the unsubscribe link included in a marketing email; or
-
contacting info@bennettbirch.com.
Withdrawal of consent does not affect processing carried out lawfully before the withdrawal.
After unsubscribing, your email address may be retained on a suppression list to ensure that your preference is respected.
9.3 Marketing to Existing Customers
Where permitted by applicable law, we may send existing customers information about products or services similar to those previously purchased.
You may object to this marketing at any time without charge, other than ordinary communication costs.
10. ORDER FULFILMENT AND DELIVERY
To complete and deliver an order, we may share relevant information with:
-
fulfilment providers;
-
warehouses;
-
delivery companies;
-
postal providers;
-
courier services;
-
customs or import-service providers where necessary.
Information shared may include:
-
customer name;
-
delivery address;
-
telephone number;
-
email address;
-
order information;
-
delivery instructions.
Only information reasonably necessary to complete the delivery or provide related services will be shared.
Where the GDPR applies, this processing is generally necessary for the performance of a contract under Article 6(1)(b).
11. PAYMENT PROCESSING
Payments may be processed by third-party payment providers.
Depending on the payment methods offered during checkout, providers may include PayPal, Klarna, SOFORT, card processors, digital-wallet providers, or other authorized financial-service providers.
Payment providers may process information such as:
-
customer identity;
-
billing information;
-
payment details;
-
transaction information;
-
device information;
-
fraud-prevention information;
-
creditworthiness information where legally permitted and relevant to the selected payment method.
Payment providers may process personal information under their own privacy notices and legal responsibilities.
Bennett & Birch generally receives transaction confirmation and limited payment information rather than complete card or banking credentials.
11.1 PayPal
Where PayPal is selected, information required to process the transaction may be transferred to the applicable PayPal entity.
Depending on the payment option selected, PayPal may conduct identity, risk, fraud, or credit-related assessments where permitted by law.
The processing of information by PayPal is governed by PayPal’s applicable privacy documentation.
11.2 Klarna and SOFORT
Where Klarna, SOFORT, or a related payment option is offered, information required to provide the selected payment service may be transferred to the applicable Klarna entity.
Klarna may process information for payment administration, identity verification, fraud prevention, risk assessment, customer support, and other purposes described in its applicable privacy documentation.
12. REVIEWS AND REVIEW REQUESTS
We may invite customers to provide feedback or review a purchase.
Where required by law, review-request emails are sent only with your consent.
Where legally permitted, we may also send a limited service-related review request based on our legitimate interest in understanding customer satisfaction and improving products and services.
You may object to future review requests at any time by contacting:
Where a third-party review platform is used, information may be transferred to that provider as necessary to deliver the review invitation or publish the review.
Public reviews may display information voluntarily included by the reviewer. You should avoid including sensitive personal information in publicly visible reviews.
13. SOCIAL MEDIA AND EXTERNAL LINKS
Our website may contain links, buttons, embedded content, or other features connected with social-media platforms, including Facebook and Instagram.
When you interact with a social-media feature, the relevant provider may receive information such as:
-
IP address;
-
browser information;
-
device information;
-
the page visited;
-
information connected with your social-media account;
-
interaction information.
The provider may associate this information with your account where you are signed in.
Your interaction with a third-party platform is governed by that provider’s own privacy policy and account settings.
Bennett & Birch does not control how third-party social-media providers independently process information.
14. GOOGLE ANALYTICS
Where enabled and subject to your consent where required, our website may use Google Analytics to understand website usage and improve performance.
Google Analytics may process information relating to:
-
website visits;
-
viewed pages;
-
events and interactions;
-
device and browser information;
-
approximate geographic information;
-
traffic sources;
-
session information;
-
purchase or conversion events.
We may use analytics reports to:
-
understand website performance;
-
identify popular content;
-
evaluate customer journeys;
-
improve usability;
-
measure marketing performance.
Where available, privacy controls may be used to limit data collection, retention, advertising functionality, or the collection of detailed location and device information.
You may prevent or limit analytics processing through:
-
our cookie-preference tool;
-
your browser settings;
-
applicable Google privacy controls;
-
available analytics opt-out tools.
15. GOOGLE ADVERTISING AND CONVERSION MEASUREMENT
Where enabled and subject to consent where required, our website may use Google advertising technologies.
These technologies may help us:
-
measure advertising performance;
-
understand whether an advertisement resulted in a purchase or other action;
-
create advertising audiences;
-
improve advertising relevance;
-
avoid repeatedly displaying the same advertisement;
-
evaluate marketing campaigns.
Information may be collected through cookies, advertising identifiers, tags, or similar technologies.
Depending on your Google account settings and applicable permissions, Google may use information received through websites using its services in accordance with its own privacy policies.
You may manage advertising preferences through:
-
our cookie-preference tool;
-
browser settings;
-
Google account privacy settings;
-
Google advertising controls.
16. META ADVERTISING TECHNOLOGIES
Where enabled and subject to consent where required, our website may use Meta business tools, including technologies commonly associated with Facebook and Instagram advertising.
These tools may help us:
-
measure advertising performance;
-
understand actions taken after viewing or selecting an advertisement;
-
create advertising audiences;
-
show relevant advertisements;
-
improve marketing campaigns.
Information processed may include:
-
browser and device information;
-
IP address;
-
website interactions;
-
page views;
-
product interactions;
-
purchases or other conversion events;
-
cookie or advertising identifiers.
Meta may process information in accordance with its own privacy documentation and account settings.
You may manage or withdraw relevant permissions through:
-
our cookie-preference tool;
-
browser settings;
-
Meta privacy and advertising settings.
17. INTERNATIONAL TRANSFERS OF PERSONAL INFORMATION
Some service providers may process personal information in countries outside your country of residence or outside the European Economic Area.
Where required, international transfers are protected through recognized legal safeguards, which may include:
-
an adequacy decision issued by the relevant authority;
-
participation in an officially recognized data-transfer framework;
-
approved standard contractual clauses;
-
contractual, technical, and organizational safeguards;
-
another legally recognized transfer mechanism.
The level of legal protection may differ between countries. Where required, reasonable steps are taken to ensure that transferred information remains appropriately protected.
18. DATA RETENTION
We retain personal information only for as long as reasonably necessary to fulfil the purpose for which it was collected.
Retention periods may depend on:
-
the type of information;
-
the purpose of processing;
-
contractual requirements;
-
tax requirements;
-
accounting obligations;
-
consumer-protection requirements;
-
fraud-prevention requirements;
-
limitation periods;
-
legal disputes;
-
regulatory requirements.
When information is no longer required, we may delete, anonymize, aggregate, or securely restrict it.
Examples include:
-
order and transaction information may be retained where required by tax, accounting, or commercial law;
-
customer-service communications may be retained until an issue is resolved and for a reasonable period afterward;
-
marketing information may be retained until consent is withdrawn or a valid objection is received;
-
suppression-list information may be retained to respect an unsubscribe request;
-
technical security information may be retained for a limited period where necessary to investigate misuse or protect the website.
19. YOUR DATA-PROTECTION RIGHTS
Where the GDPR or similar privacy legislation applies, you may have the following rights.
19.1 Right of Access
You may request information about whether we process your personal information and request access to relevant information.
19.2 Right to Rectification
You may request correction of inaccurate information or completion of incomplete information.
19.3 Right to Erasure
You may request deletion of personal information in circumstances permitted by law.
This right may not apply where continued processing is necessary for:
-
compliance with a legal obligation;
-
the establishment, exercise, or defence of legal claims;
-
another lawful exception.
19.4 Right to Restriction
You may request that processing be restricted in certain circumstances, including while the accuracy or lawfulness of processing is being reviewed.
19.5 Right to Data Portability
Where applicable, you may request personal information provided by you in a structured, commonly used, and machine-readable format.
You may also request transfer to another controller where legally and technically possible.
19.6 Right to Withdraw Consent
Where processing is based on consent, you may withdraw consent at any time.
Withdrawal applies to future processing and does not affect the lawfulness of processing completed before consent was withdrawn.
19.7 Right to Object
Where processing is based on legitimate interests, you may object based on circumstances relating to your situation.
We will stop the relevant processing unless there are compelling legitimate grounds that override your interests, rights, and freedoms, or the processing is required for legal claims.
19.8 Right to Object to Direct Marketing
You may object to the use of your personal information for direct marketing at any time.
After receiving an objection, we will stop using the relevant information for direct marketing.
19.9 Right to Lodge a Complaint
You may have the right to submit a complaint to the competent data-protection authority in the country or region where you live, work, or believe a data-protection infringement occurred.
We encourage you to contact Bennett & Birch first so that we have an opportunity to address your concern.
20. EXERCISING YOUR PRIVACY RIGHTS
To submit a privacy request, contact:
Please provide enough information for us to understand and respond to your request.
We may request reasonable information to verify your identity and protect personal information from unauthorized access or disclosure.
We aim to respond within the period required by applicable law.
21. CHILDREN’S PRIVACY
Our website and services are intended for general retail customers and are not designed to knowingly collect personal information from children who are unable to provide valid consent under applicable law.
Where a purchase or other activity requires parental or guardian involvement, appropriate permission should be obtained.
Where we learn that personal information was collected from a child unlawfully, we will take reasonable steps to delete or otherwise appropriately handle the information.
22. THIRD-PARTY WEBSITES
Our website may include links to websites, applications, payment services, social-media platforms, or other services operated by third parties.
Bennett & Birch is not responsible for the privacy practices, content, security, or terms of independent third-party services.
We recommend reviewing the relevant privacy policy before providing information to a third party.
23. CHANGES TO THIS PRIVACY POLICY
We may update this Privacy Policy when necessary to reflect:
-
changes to our website;
-
changes to our business operations;
-
changes to service providers;
-
new technologies;
-
changes to legal or regulatory requirements;
-
improvements to privacy practices.
The latest version will be published on this page with an updated revision date.
Material changes may be communicated through the website or another appropriate method where required.
24. CONTACT US
For questions, concerns, privacy requests, or complaints relating to this Privacy Policy or the processing of personal information, contact:
Bennett & Birch
Email: info@bennettbirch.com