Privacy Policy

Last Updated: March 3, 2026

SteelDarts.co.uk

1. Introduction

SteelDarts.co.uk (“we”, “us”, or “our”) is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our membership website and services.

This policy complies with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. We are registered with the Information Commissioner’s Office (ICO) for data protection purposes.

Key Commitment: We will never sell your personal data to third parties. Your information is used solely to provide and improve our membership services.

2. Data Controller Information

Data Controller: SteelDarts.co.uk

Contact Email: info@steeldarts.co.uk

Address: Steel Darts
55a/55b Lord Street
Redcar, TS10 3HN

If you have any questions about this Privacy Policy or how we handle your personal data, please contact us using the details above.

3. What Personal Data We Collect

We collect and process the following types of personal data:

Data Type	Examples	Purpose
Account Information	Name, email address, username, password (encrypted)	To create and manage your membership account
Payment Information	Credit/debit card details, billing address	To process subscription payments
Technical Data	IP address, browser type, device information, cookies	To provide and improve our services, ensure security
Usage Data	Pages visited, time spent on site, membership content accessed	To understand user behavior and improve content
Communications	Email correspondence, support tickets	To provide customer support and respond to inquiries

3.1 How We Collect Data

We collect personal data through:

Direct Interactions: When you register for an account, subscribe to our service, or contact us
Automated Technologies: As you navigate our website, we automatically collect technical data through cookies and similar technologies
Third Parties: Payment processors provide transaction data when you make payments

4. Legal Basis for Processing Your Data

Under UK GDPR, we must have a legal basis to process your personal data. We rely on the following:

4.1 Contract Performance (Article 6(1)(b) UK GDPR)

Processing is necessary to fulfill our contract with you, including:

Creating and managing your membership account
Processing subscription payments
Providing access to membership content
Communicating about your subscription

4.2 Legitimate Interests (Article 6(1)(f) UK GDPR)

We have legitimate interests in:

Improving our services and user experience
Detecting and preventing fraud and security threats
Analyzing website usage to optimize content
Sending service-related communications

4.3 Legal Obligations (Article 6(1)(c) UK GDPR)

We process data to comply with legal requirements, such as:

Tax and accounting regulations
Financial record-keeping requirements
Responding to lawful requests from authorities

4.4 Consent (Article 6(1)(a) UK GDPR)

For marketing communications and non-essential cookies, we obtain your explicit consent. You can withdraw consent at any time.

5. How We Use Your Personal Data

We use your personal data for the following purposes:

5.1 Service Provision

Creating and maintaining your membership account
Processing monthly subscription payments
Granting access to membership content and features
Managing subscription renewals and cancellations
Sending important service notifications

5.2 Customer Support

Responding to your inquiries and support requests
Resolving technical issues
Processing refund requests
Handling complaints

5.3 Service Improvement

Analyzing usage patterns to improve content
Testing new features and functionality
Conducting user surveys (with consent)
Optimizing website performance

5.4 Security and Fraud Prevention

Detecting and preventing unauthorized access
Monitoring for fraudulent payment activity
Protecting against spam and abuse
Ensuring account security

6. Payment Data Processing

Payment processing is handled securely through third-party payment processors. We do not store complete credit card numbers or CVV codes on our servers.

6.1 Payment Security

Encryption: All payment data is encrypted using TLS 1.2 or higher during transmission
Tokenization: Sensitive payment details are replaced with secure tokens
PCI DSS Compliance: Our payment processors maintain PCI DSS Level 1 certification
Limited Storage: We store only the last 4 digits of your card for reference purposes

6.2 Payment Processor Data Sharing

When you make a payment, we share necessary information with our payment processors, including:

Name and billing address
Email address
Payment card information
Transaction amount and subscription details

Our payment processors act as data processors and are bound by Data Processing Agreements (DPAs) to protect your information in accordance with UK GDPR.

7. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience on our website.

7.1 Types of Cookies We Use

Cookie Type	Purpose	Duration
Essential Cookies	Required for login, session management, and site security	Session or up to 1 year
Functional Cookies	Remember your preferences and settings	Up to 1 year
Analytics Cookies	Help us understand how visitors use our site	Up to 2 years
Marketing Cookies	Track visits across websites for marketing purposes (with consent)	Up to 1 year

7.2 Managing Cookies

You can control cookies through your browser settings. However, disabling essential cookies may affect your ability to use certain features of our website. Most browsers allow you to:

View what cookies are stored and delete them individually
Block third-party cookies
Block cookies from specific websites
Delete all cookies when you close your browser

8. Data Sharing and Third-Party Services

We share your personal data only when necessary and with appropriate safeguards in place.

8.1 Third Parties We Work With

Payment Processors: To process subscription payments securely
Cloud Hosting Providers: To host our website and store data securely
Email Service Providers: To send transactional emails and notifications
Analytics Providers: To analyze website usage (anonymized where possible)
Customer Support Tools: To provide efficient support services

8.2 Data Processing Agreements

All third-party service providers act as data processors and are bound by contracts that:

Require them to protect your data in accordance with UK GDPR
Prohibit them from using your data for their own purposes
Include appropriate technical and organizational security measures
Require notification of any data breaches

8.3 International Data Transfers

Some of our service providers may be located outside the UK. When we transfer data internationally, we ensure appropriate safeguards are in place, such as:

UK Adequacy Decisions for countries deemed to have adequate data protection
Standard Contractual Clauses (SCCs) approved by the ICO
Binding Corporate Rules for multinational organizations

8.4 We Will Never

Sell your personal data to third parties
Share your data for third-party marketing without explicit consent
Transfer data without appropriate safeguards

9. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy or as required by law.

9.1 Retention Periods

Data Type	Retention Period	Reason
Active Account Data	Duration of membership plus 30 days	To provide membership services
Financial Records	6 years from end of accounting period	UK tax and accounting requirements
Support Communications	3 years from last interaction	To resolve disputes and improve service
Analytics Data	26 months (anonymized after 14 months)	To analyze trends and improve services
Marketing Consent	Until consent is withdrawn	To send marketing communications

9.2 Account Deletion

When you close your account or request deletion:

Your account data will be deleted within 30 days
Financial records will be retained for legal compliance (6 years)
Analytics data will be anonymized so it cannot identify you
Backup copies will be deleted within 90 days

10. Your Data Protection Rights

Under UK GDPR, you have the following rights regarding your personal data:

10.1 Right of Access (Article 15)

You have the right to request a copy of the personal data we hold about you. We will provide this within one month of your request.

10.2 Right to Rectification (Article 16)

You can request that we correct any inaccurate or incomplete personal data. You can update most information directly through your account settings.

10.3 Right to Erasure (Article 17)

You can request that we delete your personal data in certain circumstances, such as:

The data is no longer necessary for the purposes for which it was collected
You withdraw consent and there is no other legal basis for processing
You object to processing and there are no overriding legitimate grounds
The data has been unlawfully processed

Note: We may need to retain certain data for legal compliance (e.g., financial records).

10.4 Right to Restriction of Processing (Article 18)

You can request that we limit how we use your data in certain circumstances, such as when you contest the accuracy of the data.

10.5 Right to Data Portability (Article 20)

You can request a copy of your personal data in a structured, commonly used, machine-readable format (e.g., CSV or JSON).

10.6 Right to Object (Article 21)

You can object to processing based on legitimate interests or for direct marketing purposes. We will stop processing unless we have compelling legitimate grounds.

10.7 Right to Withdraw Consent (Article 7(3))

Where we rely on consent, you can withdraw it at any time. This will not affect the lawfulness of processing before withdrawal.

10.8 Right to Lodge a Complaint (Article 77)

You have the right to complain to the Information Commissioner’s Office (ICO) if you believe we have not handled your data properly:

Information Commissioner’s Office (ICO)

Website: www.ico.org.uk

Helpline: 0303 123 1113

Address: Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF

10.9 How to Exercise Your Rights

To exercise any of these rights, please contact us at info@steeldarts.co.uk with:

Your full name and email address
A description of your request
Proof of identity (if required to verify your identity)

We will respond to your request within one month. In complex cases, we may extend this by two months and will inform you of the extension.

11. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction.

11.1 Technical Security Measures

Encryption: Data is encrypted in transit (TLS 1.2+) and at rest (AES-256)
Access Controls: Role-based access controls limit who can access personal data
Authentication: Multi-factor authentication for administrative access
Firewalls: Network security measures to prevent unauthorized access
Regular Updates: Software and security patches are applied promptly
Secure Hosting: Data is hosted with reputable, security-certified providers

11.2 Organizational Security Measures

Staff Training: All staff receive data protection and security training
Confidentiality Agreements: Staff are bound by confidentiality obligations
Access Restrictions: Personal data access is limited to authorized personnel only
Security Audits: Regular security assessments and vulnerability testing
Incident Response: Documented procedures for handling security incidents

11.3 Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we will:

Notify the ICO within 72 hours of becoming aware of the breach
Notify affected individuals without undue delay if the breach poses a high risk
Provide details of the breach, its likely consequences, and our response measures
Take immediate action to contain and remediate the breach

12. Children’s Privacy

Our services are not intended for individuals under the age of 16. We do not knowingly collect personal data from children under 16.

If you are a parent or guardian and believe your child has provided us with personal data, please contact us at info@steeldarts.co.uk, and we will delete the information promptly.

13. Automated Decision-Making and Profiling

We do not use automated decision-making or profiling that produces legal effects or similarly significantly affects you.

Any automated processing we conduct (such as analyzing usage patterns) is used solely to improve our services and does not result in decisions that affect your rights or access to our membership.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or services.

When we make material changes, we will:

Update the “Last Updated” date at the top of this policy
Notify you by email at least 30 days before changes take effect
Post a notice on our website
Request your consent if required by law

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your data.

15. WordPress and Plugin Data Processing

Our website is built on WordPress and uses the Ultimate Membership Pro plugin. These systems process personal data as follows:

15.1 WordPress Core

WordPress processes data necessary for website functionality, including:

User accounts and authentication
Session management
Content management
Comments (if enabled)

15.2 Ultimate Membership Pro Plugin

This plugin processes:

Membership registration and account data
Subscription management and payment processing
Access control to membership content
Membership renewal and cancellation records

15.3 Data Processed by WordPress

When you interact with our website, WordPress may collect:

IP addresses for security and spam prevention
Browser user agent strings
Referrer information
Cookies for session management

16. Contact Us

For privacy-related questions or to exercise your data protection rights: