- 📅 Last Updated: January 10, 2025
- ✅ Effective: January 10, 2025
- 🇪🇺 GDPR Compliant
⚡ Quick Summary
Welcome to Ribble Sports. We are committed to protecting your personal data and respecting your privacy. Ribble Sports is the data controller responsible for your personal data. We are a private limited company registered in England and Wales under company number 12675488. Our registered office is located at 40 Tweedale Street, Rochdale, OL12 6JY, UK
Ribble Sports is the data controller responsible for your personal data. We operate in accordance with the General Data Protection Regulation (GDPR) and applicable data protection laws to ensure your custom apparel orders are handled securely.
2.1 Information You Provide Directly
When you register, place orders, or contact us, we collect:
- Account Information: Name, email, phone number, and company/club name.
- Design Assets: Custom logos, SVG files, color preferences, and branding instructions for sportswear.
- Business Details: VAT number or tax ID (for wholesale partners).
- Shipping Information: Delivery addresses and contact persons for bulk or individual orders.
2.2 Information Collected Automatically
When you use our website, we automatically collect:
- Device Information: IP address, browser type, operating system, device identifiers
- Usage Data: Pages visited, time spent, click patterns, search queries
- Location Data: Country and city based on IP address (not precise location)
- Cookies & Tracking: Session cookies, analytics data (see Section 8)
2.3 Information From Third Parties
We may receive information from:
- Credit Agencies: Business credit checks for trade accounts
- Shipping Partners: Delivery confirmations and tracking updates
- Payment Providers: Transaction confirmations and fraud checks
| Data Category | Examples | Purpose |
|---|---|---|
| Identity Data | Name, company name, VAT number | Account creation, verification |
| Contact Data | Email, phone, address | Communication, delivery |
| Transaction Data | Order history, payment records | Order processing, accounting |
| Technical Data | IP address, browser, device | Security, analytics |
| Usage Data | Pages viewed, interactions | Service improvement |
3.1 To Provide Our Services
- Create and manage your wholesale account
- Process and fulfill your orders
- Handle payments and invoicing
- Arrange shipping and delivery
- Provide customer support
3.2 To Improve Our Services
- Analyze website usage and performance
- Personalize your browsing experience
- Develop new features and products
- Conduct research and analytics
3.3 To Communicate With You
- Send order confirmations and updates
- Respond to your inquiries
- Send marketing communications (with consent)
- Notify you of policy changes
3.4 For Legal and Security Purposes
- Comply with legal obligations (tax, TPD reporting)
- Prevent fraud and unauthorized access
- Enforce our terms and conditions
- Protect our rights and property
| Legal Basis | When We Use It |
|---|---|
| Contract Performance | Processing orders, managing accounts, providing services you’ve requested |
| Legal Obligation | Tax reporting, TPD compliance records, responding to legal requests |
| Legitimate Interests | Fraud prevention, security, service improvement, business analytics |
| Consent | Marketing emails, cookies (non-essential), optional data collection |
5.1 Service Providers
- Payment Processors: Stripe, PayPal, Mollie for secure payments
- Shipping Partners: DHL, UPS, DPD, PostNL for delivery
- Cloud Services: AWS, Google Cloud for hosting and storage
- Analytics: Google Analytics for website insights
- Email Services: Mailchimp, SendGrid for communications
5.2 Legal & Regulatory
- Tax authorities when required by law
- Regulatory bodies for TPD compliance
- Law enforcement when legally obligated
- Courts in response to legal proceedings
5.3 Business Transfers
If ribblesports.com is involved in a merger, acquisition, or sale of assets, your data may be transferred. We will notify you before your data becomes subject to a different privacy policy.
| Data Type | Retention Period | Reason |
|---|---|---|
| Account Data | Duration of account + 2 years | Service provision, reactivation |
| Order History | 7 years after last order | Tax & accounting requirements |
| Invoices & Financial | 7 years | Dutch tax law requirement |
| Support Tickets | 3 years | Quality assurance, disputes |
| Marketing Consent | Until withdrawn | Proof of consent |
| Website Analytics | 26 months | Performance analysis |
- Encryption: All data transmitted via TLS/SSL (HTTPS)
- Access Controls: Role-based access, multi-factor authentication
- Data Storage: Encrypted databases, secure EU-based servers
- Monitoring: 24/7 security monitoring, intrusion detection
- Staff Training: Regular security awareness training
- Incident Response: Documented breach response procedures
While we take every precaution, no method of transmission over the Internet is 100% secure. If you believe your account has been compromised, please contact us immediately.
- Adequacy Decisions: Transfers to countries deemed adequate by the EU Commission
- Standard Contractual Clauses: EU-approved contract terms with service providers
- Binding Corporate Rules: For transfers within multinational companies
You can request information about the safeguards we use for specific transfers by contacting our DPO.
- We will update the “Last Updated” date at the top of this page
- For significant changes, we will notify you via email or website notice
- Material changes will take effect 30 days after notification
- Your continued use after changes constitutes acceptance
We encourage you to review this policy periodically. Previous versions are available upon request.
📬 Privacy Contact Information
Supervisory Authority: If you’re not satisfied with our response, you have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) at autoriteitpersoonsgegevens.nl.