top of page

COMPLETE COOKIE, PRIVACY AND GDPR POLICY OCTOBER 2025

COMPLETE COOKIE, PRIVACY AND GDPR POLICY OCTOBER 2025

 

Pennine VA Ltd’s website may gather information about your general Internet use by using cookies in order to help you personalise your online experience. Where used, these cookies are downloaded to

your computer automatically. A cookie is a text file that is placed on your hard disk by a web page server.

Cookies cannot be used to run programs or deliver viruses to your computer. Cookies are uniquely

assigned to you, and can only be read by a web server in the domain that issued the cookie to you.

‘Essential’ cookies are automatically placed on your computer or device when you access our website or

take certain actions on our website. ‘Non-essential’ cookies and other technologies are only placed on

your computer or device if you have consented to us doing so. You consent to us placing non-essential

cookies on your computer or device by continuing to use our website with your browser settings set to

accept cookies.

Cookies may be either "persistent" cookies or "session" cookies: a persistent cookie will be stored by a

web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry

date; a session cookie, on the other hand, will expire at the end of the user session, when the web

browser is closed.

Cookies do not typically contain any information that personally identifies a user, but personal information

that we store about you may be linked to the information stored in and obtained from cookies.

 

We use cookies for the following purposes: 

(a) authentication - we use cookies to identify you when you visit our website and as you navigate

our website;

(b) status - we use cookies to help us to determine if you are logged into our website;

(c) personalisation - we use cookies to store information about your preferences and to personalise

the website for you;

(d) security - we use cookies as an element of the security measures used to protect user accounts,

including preventing fraudulent use of login credentials, and to protect our website and services

generally;

(e) advertising - we use cookies to help us to display advertisements that will be relevant to you;

(f) analysis - we use cookies to help us to analyse the use and performance of our website and

services; and

(g) cookie consent - we use cookies to store your preferences in relation to the use of cookies more

generally.

Some of our service providers also use cookies and those cookies may be stored on your computer

when you visit our website. These are the third party service providers that store cookies when you visit

our website:

(a) We use Google Analytics to analyse the use of our website. Google Analytics gathers information about website use by means of cookies. The information gathered relating to our website is used to create

reports about the use of our website. Google's Privacy Policy is available at:

https://www.google.com/policies/privacy/.)

 

(b) List of additional items

You have the ability to accept or decline cookies. Most web browsers automatically accept cookies,

but you can usually modify your browser setting to decline cookies if you prefer. If you do not know how

to do this, the links below set out information about how to change your browser settings for some of the

most commonly used web browsers:

Google Chrome

Mozilla Firefox

Microsoft Internet Explorer

Apple Safari

 

Other items from our server include:

svSession - Used for security reasons - .www.pennine-va.co.uk

s7 - Gather data regarding site usage and user behavior on the website.engage.wixapps.net

s7 - Gather data regarding site usage and user behavior on the website.www.pennine-va.co.uk

 

XSRF-TOKEN - This cookie is written to help with site security in preventing Cross-Site Request Forgery attacks..engage.wixapps.net

XSRF-TOKEN - This cookie is written to help with site security in preventing Cross-Site Request Forgery attacks..wix.com

XSRF-TOKEN - This cookie is written to help with site security in preventing Cross-Site Request Forgery attacks..www.pennine-va.co.uk

 

fedops.logger.defaultOverrides - Used for stability/effectiveness measurementengage.wixapps.net

fedops.logger.sessionId - Used for stability/effectiveness measurementwww.pennine-va.co.uk

_wixAB3|c2b798fc-a8bd-4fef-9b38-0e933f26c417

none found.wix.com

 

www.pennine-va.co.uk

 

server-session-bind

none foundwww.pennine-va.co.uk

 

For further information on how we handle personal information please refer to our Privacy Policy included on this page

 

 

GDPR Policy of PENNINE VA

Effective Date: OCT 2025

Introduction

PENNINE VA LTD is committed to protecting the privacy of our users and customers. This privacy policy explains how we collect, use, share, and protect personal information in accordance with the General Data Protection Regulation (GDPR).

Data Controller, DPO, and Contact

JANE FOX

   • Data Controller: JANE FOX

  • Data Protection Officer (DPO): N/A

  • Address: Pennine VA Ltd

  • Registered in England & Wales Company No 15816557

  • 16 Queen Street, Ilkeston, Derbyshire, United Kingdom, DE7 5GT

  • Email: jane@pennine-va.co.uk

  • Phone Number: on request


Data Collection

We collect personal data when you visit our website, use our services, or interact with us. This may include:

  • Name and contact information
    Example: When you create an account with us or sign up for our newsletter, we collect your name and email address to communicate with you.

  • Payment details (for customers)
    Example: During the checkout process, we collect your credit card details and billing address to process payments securely.

  • Preferences and user feedback
    Example: We collect feedback from surveys or product reviews that you provide to help us improve our products and services.

  • Usage data and cookies
    Example: We use cookies to track how you navigate our site, which helps us improve your browsing experience. We collect information about your IP address, browser type, and pages visited.


This document was generated with the use of the GDPR privacy policy template.

Purpose of Processing

Your data is processed for the following purposes:

  • To provide and improve our services
    Example: We use your data to manage your account, process orders, and enhance our website features. If you sign up for an account, we use your data to personalize your shopping experience and ensure faster checkout.

  • For customer support and communication
    Example: If you contact customer support, we use your data to respond to your inquiries, resolve issues, and keep you updated on the status of your support requests.

  • To comply with legal obligations
    Example: We store your personal information for tax and accounting purposes, and comply with laws such as the EU VAT regulations.

  • For marketing purposes, with your consent
    Example: We may send you promotional emails about new products or discounts if you have opted in to receive marketing communications. You can withdraw your consent at any time.

Legal Basis for Processing

We process your personal data based on the following legal grounds:

  • Your consent
    Example: If you subscribe to our newsletter, we process your email address based on your consent. You can withdraw consent at any time by unsubscribing.

  • The need to fulfill a contract with you
    Example: When you place an order on our website, we process your name, address, and payment information to fulfill the contract of sale.

  • Our legitimate business interests
    Example: We may process your data to analyze customer behavior and improve our product offerings or website performance. This helps us provide you with better services and tailor our marketing efforts.

  • Legal requirements
    Example: We may process your data to comply with obligations such as tax reporting, audits, or responding to legal requests for information.

Data Transfer Outside the EU

 

In some cases, we may need to transfer your personal data to countries outside the European Union (EU) or the European Economic Area (EEA). These transfers may occur when our service providers or partners are located in countries outside of the EU/EEA or when we need to store or process data in global data centers. We ensure that any such transfer of your personal data is carried out in compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR). To safeguard your data during these transfers, we rely on standard contractual clauses or other appropriate safeguards, ensuring that your data is protected in accordance with GDPR standards. 

Use of Cookies and Other Trackers

Our website uses cookies and similar tracking technologies to improve your browsing experience, understand how you use our site, and show you personalized advertising. You can manage your cookie preferences through your browser settings.

Example: We use cookies to remember items in your cart, so you don't lose them while browsing other parts of the site.

You can access our full cookie policy included in this document

Data Subject Rights

Under GDPR, you have the right to:

  • Access your personal data
    Example: You can request a copy of all the personal information we hold about you, such as your account details, order history, and preferences.

  • Rectify incorrect data
    Example: If you notice an error in your personal details (like a misspelled name or incorrect address), you can request that we correct it.

  • Erase your data in certain circumstances
    Example: You can request the deletion of your account data if you no longer wish to use our services or if your data is no longer necessary for the purposes it was collected.

  • Restrict or object to processing
    Example: If you believe your data is being processed unlawfully or if you no longer wish to receive marketing emails, you can request that we restrict or stop processing your personal data.

  • Data portability
    Example: You can request a copy of your data in a machine-readable format, which can be transferred to another service provider.

 

Data Security

We take appropriate measures to ensure data security, protect against unauthorized access, and comply with GDPR.

  • Technical Measures
    Example: We use encryption for payment transactions and secure your personal account data with multi-factor authentication.

  • Organizational Measures
    Example: Our employees and contractors are trained on GDPR requirements, and access to your personal data is restricted to those who need it to perform their roles.

 

Data Retention

Personal data is retained as long as necessary for the purposes stated, unless a longer retention period is required or permitted by law.

Example: We store your order history for a period of 7 years for tax and auditing purposes, after which it will be anonymized or deleted.

Changes to this Policy

We may update this policy. We will notify you of significant changes and update the “last updated” date at the top of the policy.

Example: If we introduce new features on our website that require additional data collection or processing, we will update this policy and inform you about the changes.

Contact Us

For questions or to exercise your data protection rights, please contact us at:

  • Data Controller: PENNINE VA LTD

  • Address: AS ABOVE

  • Email: AS ABOVE

  • Phone Number: ON REQUEST

bottom of page