Privacy Policy
Effective date: 13 November 2025
Who we are: Maydin Ecommerce Trade Ltd (trading as Fox Car Parts) (“we”, “us”, “our”).
Company number: 11799853
Registered office: Unit 2c Little Britain House, Alma Road, Chesham, England, HP5 3HB
Website: foxcarparts.com
We process personal data in accordance with the UK GDPR, the Data Protection Act 2018 and, where applicable to EEA residents, the EU GDPR.
1) Data Controller & Contact
Controller: Maydin Ecommerce Trade Ltd
Postal: Unit 2c Little Britain House, Alma Road, Chesham, England, HP5 3HB
Email: info@foxcarparts.com
If we appoint a Data Protection Officer (DPO) or EU/EEA Representative, we will update this Policy with their details.
2) What data we collect
- Identity & contact data: name, billing/shipping address, email, phone, order history.
- Vehicle/fitment data: registration (number plate), make, model, year, engine for compatibility.
- Transaction data: items purchased, prices, VAT, payment method (tokenised), refunds.
- Technical data: IP address, device IDs, browser type/version, time zone, referrer, page interactions, cookies.
- Marketing preferences: newsletter opt-in/opt-out, communication choices.
- Support communications: emails, forms, live chat (e.g., Chatwoot), social messages.
- Fraud/risk signals: fraud checks, chargeback information.
- User-generated content: reviews, Q&A, documents/photos you provide.
We do not intentionally collect special category data, nor do we knowingly collect children’s data.
3) Sources of data
- Directly from you (checkout, account, forms, chat, phone/email).
- Automatically via our site (cookies, analytics, logs).
- From third parties (payment providers, delivery partners, fraud-prevention tools, marketing platforms).
4) Purposes & lawful bases
| Purpose | Examples | Lawful basis |
|---|---|---|
| Order processing & delivery | Take payment, fulfil orders, provide tracking, manage returns/warranty. | Contract (Art. 6(1)(b)); Legal obligation (records/tax). |
| Customer support | Answer queries, fitment checks, troubleshooting. | Legitimate interests and/or Contract. |
| Fraud prevention & security | Verify identity, risk scoring, protect accounts/funds. | Legitimate interests; possible Legal obligation. |
| Analytics & improvement | Measure performance, fix bugs, improve UX. | Legitimate interests or Consent (for non-essential cookies). |
| Marketing | Newsletters, offers, product updates. | Consent; soft opt-in where lawful with opt-out. |
| Legal & compliance | Tax/VAT, accounting, regulatory requests. | Legal obligation. |
| Reviews & UGC | Publish/manage product/store reviews. | Legitimate interests. |
Where we rely on consent, you may withdraw it at any time (see Section 10).
6) Disclosures/recipients of data
We share data with trusted recipients as needed:
- E-commerce/hosting (e.g., Shopify/theme/apps).
- Payment providers (e.g., Stripe, PayPal) — usually independent controllers for payment data.
- Delivery & logistics (e.g., Royal Mail, DPD, Evri, UPS).
- Customer communications (email service, live chat such as Chatwoot, CRM/helpdesk).
- Fraud prevention & security (risk scoring, anti-spam, CDN/DDoS).
- Analytics/advertising (only where consented).
- Professional advisers (accountants, auditors, legal counsel).
- Authorities where required by law or to protect rights/safety.
- Business transfers (merger, acquisition, asset sale) with safeguards.
Processors are bound by contract to confidentiality, security and data protection obligations.
7) International transfers
Where data is transferred outside the UK/EEA, we implement safeguards such as the UK IDTA/UK Addendum to EU SCCs and/or EU Standard Contractual Clauses, plus supplementary measures as needed. Contact us for details.
8) Data retention
- Orders/invoices/tax: 6–7 years.
- Customer service correspondence: up to 3 years after resolution.
- Marketing data: until you unsubscribe/withdraw consent (suppression lists retained to honour opt-out).
- Fitment checks: with order history or up to 24 months if no order.
- Security/logs: typically 12–24 months unless needed longer for investigations.
Data is securely deleted or anonymised when no longer required.
9) Your rights (UK/EU/EEA)
Subject to law, you can:
- Request access to your data (copy).
- Rectify inaccurate/incomplete data.
- Request erasure.
- Restrict processing.
- Exercise data portability.
- Object to processing based on legitimate interests or to direct marketing (including related profiling).
- Withdraw consent where processing relies on consent.
- Not be subject to decisions based solely on automated processing that produce legal or similarly significant effects. We do not make such decisions without human involvement.
To exercise rights, email info@foxcarparts.com. We may need to verify your identity. We aim to respond within one month (extendable for complex requests).
10) Marketing communications
We send marketing only with your consent or under the soft opt-in rule where lawful. You can opt out anytime via unsubscribe links, account settings, or by emailing info@foxcarparts.com. Service emails (order updates, legal notices) will still be sent.
11) Security
We implement appropriate technical and organisational measures (encryption in transit, access controls, staff training, vendor reviews). No system is 100% secure; please keep your account details safe and contact us if you suspect misuse.
12) Children
Our services are for adults. We do not knowingly collect children’s data. If you believe a child has provided data, contact us and we will delete it.
13) Third-party links
Our site may link to third-party websites/services. Their privacy practices are their own; please review their policies.
15) Changes to this Policy
We may update this Policy. The latest version will be posted on foxcarparts.com with a new effective date. Significant changes will be notified where appropriate.
16) Contact us
Maydin Ecommerce Trade Ltd (t/a Fox Car Parts)
Unit 2c Little Britain House, Alma Road, Chesham, England, HP5 3HB
Email: info@foxcarparts.com
Website: foxcarparts.com