Skip to content
Jdgeeringph

Legal

Privacy policy

This policy explains what personal data we collect, why, how we protect it, and the rights you have. It covers the UK/EU GDPR and the California Consumer Privacy Act (CCPA/CPRA).

1. Who we are

This website is operated by J D Geering's Plumbing & Heating Limited (“we”, “us”), a company registered in England and Wales (company number 03340467), trading as Jdgeeringph. Registered office: Unit 64 Riverside 3, Sir Thomas Longley Road, Medway City Trading Estate, Rochester, Kent, England, ME2 4BH. We are the data controller for the personal data described in this policy.

Contact for privacy matters: support@jdgeeringph.shop.

2. What we collect

  • Order & contact data: name, email, shipping address, phone and order details.
  • Payment data: processed directly by Stripe and (where offered) PayPal. We never receive or store your full card number.
  • Enquiry data: anything you send us via our forms.
  • Technical & usage data: IP address, device/browser, and—only with your consent—analytics and cookie data.

3. How and why we use it (legal bases)

  • To fulfil your order (performance of a contract).
  • To respond to enquiries (legitimate interests / steps prior to a contract).
  • For analytics and marketing (only with your consent).
  • To meet legal and accounting obligations (legal obligation).
  • To prevent fraud and secure the site (legitimate interests).

4. Sharing & processors

We share data only with service providers who help us run the store, including: Stripe and PayPal (payments), our shipping carriers, Resend (email), Supabase (hosting/database), Vercel (hosting) and Cloudflare (security). Each processes data under contract and only on our instructions. We do not sell your personal data.

5. International transfers

Some processors are located outside the UK/EEA. Where data is transferred internationally, we rely on appropriate safeguards such as the UK International Data Transfer Agreement or EU Standard Contractual Clauses (SCCs).

6. Retention

We keep order records for as long as needed to fulfil the order and to meet legal and accounting requirements (typically up to 7 years). Enquiry data is kept only as long as needed to handle your request. Consent-based data is kept until you withdraw consent.

7. Your rights (UK/EU GDPR)

You have the right to access, rectify, erase, restrict or object to processing, to data portability, and to withdraw consent at any time. To exercise any right, email support@jdgeeringph.shop. We respond within one month. You may also complain to your supervisory authority (in the UK, the ICO).

8. California privacy rights (CCPA/CPRA)

If you are a California resident, you have the right to know what personal information we collect, to delete it, to correct it, to opt out of any “sale” or “sharing”, and not to be discriminated against for exercising these rights. We do not sell personal information for money. Where we use analytics or advertising cookies that may count as “sharing” for cross-context advertising, you can opt out via our Do Not Sell or Share My Personal Information page, and we honour Global Privacy Control (GPC) signals. We respond to verifiable requests within 45 days.

9. Cookies

We use essential cookies to run the store, and—only with your consent—analytics and marketing cookies. See our Cookie Policy and manage your choices any time via the cookie settings.

10. Security

The site runs entirely over HTTPS. Payments are handled by PCI-DSS compliant providers (Stripe/PayPal), so your card details never touch our servers.

11. Children

Our products and site are not directed at children, and we do not knowingly collect data from anyone under 16.

12. Changes

We may update this policy and will revise the date below. We review it at least every 12 months.

Last updated: 22 June 2026.