Legal
Privacy Policy
Last updated: 18 April 2026
AvClock is committed to protecting your personal data. This Privacy Policy explains what information we collect, how we use it, and your rights under UK data protection law.
AvClock is the data controller for personal data processed through this website. We are subject to the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
1. Data We Collect
We may collect the following categories of personal data:
- Identity & contact data: name, email address, delivery address, billing address, phone number (if provided).
- Order & transaction data: details of products purchased, order history, payment status (we do not store full card numbers — these are handled by Stripe).
- Account data: username, hashed password, account preferences.
- Device data: your AvClock device identifier, home location (latitude/longitude), tracking radius, and bearing preferences that you configure.
- Usage data: pages visited, time on site, referring URLs, device and browser type — collected via Google Analytics.
- Communications data: messages you send us via support tickets or bug reports.
2. How We Collect Your Data
- Directly from you when you create an account, place an order, register a device, or contact us.
- Automatically through cookies and analytics tools when you visit our website.
- From third parties — Stripe may share transaction confirmation data with us to fulfil your order.
3. How We Use Your Data
| Purpose | Legal basis |
|---|---|
| Processing and fulfilling your order | Contract performance |
| Sending order confirmations and shipping updates | Contract performance |
| Managing your account and device configuration | Contract performance |
| Providing customer support | Contract performance / Legitimate interest |
| Improving our website and services | Legitimate interest |
| Complying with legal obligations | Legal obligation |
| Sending marketing emails (where you have opted in) | Consent |
4. Cookies and Analytics
We use cookies and similar technologies to improve your experience on our site. These include:
- Essential cookies: required for the site to function (e.g. session, CSRF protection).
- Analytics cookies: we use Google Analytics to understand how visitors use our site. This data is aggregated and anonymised where possible. Google Analytics sets cookies to track sessions and page visits.
You can control cookie preferences through your browser settings. Disabling cookies may affect site functionality.
5. Sharing Your Data
We do not sell your personal data. We may share it with the following categories of third party only where necessary:
- Stripe — payment processing. Stripe is PCI-DSS compliant and processes your card data on our behalf.
- Google Analytics — website usage analytics.
- Delivery carriers — your name and delivery address are shared with our shipping provider to fulfil your order.
- Legal authorities — where required by law or a valid court order.
6. International Transfers
Some of our third-party providers (including Google and Stripe) may process data outside the United Kingdom. Where this occurs, we ensure appropriate safeguards are in place in accordance with UK GDPR, such as standard contractual clauses or adequacy decisions.
7. Data Retention
We retain your personal data only for as long as necessary:
- Account data: for the duration of your account, plus 2 years after closure.
- Order records: 7 years to comply with UK tax and accounting obligations.
- Support communications: 2 years from the date of the last correspondence.
- Analytics data: aggregated data retained per Google Analytics default retention settings.
8. Your Rights
Under UK GDPR you have the following rights in relation to your personal data:
- Right of access — request a copy of the personal data we hold about you.
- Right to rectification — ask us to correct inaccurate data.
- Right to erasure — ask us to delete your data (subject to legal obligations).
- Right to restriction — ask us to restrict how we process your data.
- Right to data portability — receive your data in a structured, machine-readable format.
- Right to object — object to processing based on legitimate interest, including direct marketing.
- Right to withdraw consent — where processing is based on consent, you may withdraw it at any time.
To exercise any of these rights, email us at [email protected]. We will respond within one calendar month.
9. Security
We implement technical and organisational measures to protect your personal data against unauthorised access, loss, or destruction. These include encrypted connections (HTTPS), hashed passwords, and access controls. No method of transmission over the internet is completely secure; we cannot guarantee absolute security.
10. Children
Our website and products are not directed at children under 18. We do not knowingly collect personal data from children. If you believe we have inadvertently collected such data, please contact us so we can delete it.
11. Changes to This Policy
We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date. We encourage you to review this page periodically.
12. Contact & Complaints
For any privacy queries or to exercise your rights, contact us at:
AvClock
Email: [email protected]
If you are unhappy with how we have handled your data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.