No products in the cart.

Privacy Policy
Privacy Policy

Last updated: 15 October 2025

Who we are

Print Factory Scotland (“we”, “us”, “our”) is a UK-based printing company.
Our website address is: https://printfactoryscotland.com

We are committed to protecting your privacy and ensuring your personal information is handled securely and in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

If you have any questions about this policy, you can contact us at:
📧 [email protected]

What personal data we collect and why we collect it

Orders & Account Information

When you place an order or create an account, we collect:

    • Name
    • Billing and delivery address
    • Email address and phone number
    • Order details and payment information (processed securely by our payment provider)
    • Any artwork or files uploaded for printing

This information is used to process your order, deliver your items, and provide customer support.

Contact Forms

When you submit a form on our website, we collect the details you provide — usually your name, email address, and message — so we can respond to your enquiry.
Messages are stored securely and deleted when no longer needed.

Uploaded Artwork & Files

Files uploaded for printing are stored securely on our servers. They are used only to produce your order and are typically deleted within 60 days after completion unless requested otherwise.

Cookies

Our website uses cookies to:

    • Maintain your shopping basket
    • Keep you signed in to your account
    • Improve website performance and security
    • Measure anonymous visitor activity through analytics tools

You can manage or delete cookies in your browser settings. For full details, see our Cookie Policy.

Comments

If comments or product reviews are enabled, we collect the data shown in the comment form, along with your IP address and browser user agent, to help prevent spam.
An anonymised string (hash) of your email may be sent to Gravatar to display your profile image.

Embedded Content

Some pages may include embedded content (for example, videos or maps). Embedded content from other websites behaves exactly as if you visited the other site directly and may collect data or use cookies.

Analytics

We use privacy-friendly analytics tools (such as Google Analytics) to understand how our website is used. This collects anonymous information such as page visits and device types.
No personally identifiable data is shared or stored.

Who we share your data with

We only share your data when necessary to provide our services, for example:

    • Delivery partners (DPD, FedEx, etc.) for dispatch and delivery
    • Payment processors (e.g. Stripe, PayPal) to securely handle transactions
    • IT and hosting providers who maintain our website and databases under strict confidentiality

We never sell or rent your personal data to anyone.

How long we retain your data

    • Orders and accounts: up to Four years for accounting and legal purposes
    • Artwork/files: usually deleted within 60 days after order completion
    • Contact enquiries: deleted within 12 months of resolution
    • Cookies: expire between a few days and one year depending on type

Your rights

Under UK GDPR you have the right to:

    • Request a copy of the data we hold about you
    • Request correction of any inaccurate information
    • Request deletion of your data (“right to be forgotten”)
    • Withdraw consent at any time where consent is used
    • Lodge a complaint with the Information Commissioner’s Office (ICO)

To make a request, email [email protected] or submit a Data Removal Request via our contact page.

Where we send your data

Visitor comments may be checked through an automated spam detection service.
Payments are handled securely by trusted third-party processors using encrypted connections.

How we protect your data

    • SSL encryption across the entire website
    • Restricted internal access to personal data
    • Regular software updates and security monitoring
    • Encrypted off-site backups stored within the UK or EU

What happens in the event of a data breach

If a data breach occurs, we will assess the risk, notify affected individuals where necessary, and report the incident to the ICO within 72 hours as required by law.

Third-party data

We may receive limited information from payment and delivery partners (such as confirmation of successful payment or delivery) to complete your order.

Automated decision-making and profiling

We do not carry out any automated decision-making or profiling using your personal data.

Regulatory compliance

We comply fully with the UK GDPR, the Data Protection Act 2018, and all other applicable UK privacy laws.

Contact us

If you have questions about this policy or how your information is used, contact: [email protected]