Privacy Policy
Privacy Policy
Proteus Facades Ltd (“We”, “us”, or “our”) are committed to protecting and respecting your privacy.
This policy sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our practices regarding your personal data and how we will treat it.
For the purpose of the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, the data controller is:
Proteus Facades Ltd
1 Gerrard Place, Skelmersdale, Lancashire, WN8 9SU
Company Number: 11833935
Our Data Protection Manager can be contacted at: [email protected]
- Information We May Collect From You
We may collect and process the following data about you:
Information you provide to us: You may give us information about you by filling in forms on our website (our “Site”) or by corresponding with us by phone, email, or otherwise. This includes information you provide when you register to use our Site, search for a product, place an order, enter a competition or promotion, or report a problem. The information you give us may include your name, billing/delivery address, email address, phone number, and financial/credit card information.
Information we collect automatically: With regard to each of your visits to our Site, we may automatically collect technical information, including your Internet Protocol (IP) address, login information, browser type and version, time zone setting, browser plug-in types, operating system, and platform. We also collect information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through, and from our Site (including date and time); products viewed or searched for; page response times, download errors, and lengths of visits to certain pages.
Information we receive from third parties: We work closely with third parties (including business partners, sub-contractors in technical, payment, and delivery services, advertising networks, analytics providers, and credit reference agencies) and may receive information about you from them.
- Legal Bases and Purposes for Processing
Under the GDPR, we must have a valid lawful basis to process your personal data. We rely on the following bases depending on the context of your interaction with us:
Performance of a Contract: We process your Identity, Contact, Financial, and Transactional data where it is necessary to fulfil your orders, deliver products, and carry out our obligations under any commercial contracts between you and us.
Performance of a Contract & Legitimate Interests: We process your Identity, Contact, Financial, and Transactional data to manage your payments and fees, and to collect or recover any outstanding debts owed to us. This is necessary for our legitimate business interest to recover debts due to us.
Legitimate Interests (Website Security): We process your Technical and Usage data to secure our website, prevent fraud, and troubleshoot technical issues. This supports our legitimate interest in running our business safely, maintaining IT services, and protecting network security.
Legitimate Interests (Customer Marketing): We process the Identity and Contact data of existing customers to send you direct marketing communications about goods and services similar to those you have previously purchased. This relies on our legitimate interest to grow our business through relevant marketing (using the “soft opt-in” rule).
Explicit Consent: We process your Contact, Marketing, and Usage data to place non-essential analytics cookies on your device or to send direct marketing messages to prospective new customers. We will only do this if you give us your explicit opt-in consent, which you can withdraw at any time.
- Disclosure of Your Information
We may share your personal information with selected third parties, including:
Service Providers: Business partners, suppliers, web hosting providers, and sub-contractors who perform services on our behalf (e.g., payment processing and delivery logistics).
Analytics Providers: Analytics and search engine providers that assist us in the improvement and optimisation of our Site (subject to your cookie preferences).
Corporate Transactions: In the event that we sell or buy any business or assets, we may disclose your personal data to the prospective seller or buyer. If Proteus Facades ltd or substantially all of its assets are acquired by a third party, personal data held by us about our customers will be one of the transferred assets.
Legal Obligations: If we are under a duty to disclose or share your personal data to comply with any legal obligation, or to enforce our terms and conditions, protect our rights, safety, or property, or that of our customers or others. This includes exchanging information with other companies for fraud protection and credit risk reduction.
- Where We Store Your Personal Data
All information you provide to us is stored on secure servers. Where we have given you (or where you have chosen) a password to access certain parts of our Site, you are responsible for keeping this password confidential.
Your data is primarily processed and stored within the UK or the European Economic Area (EEA). If we transfer your data outside the UK or EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data.
Where we use certain service providers, we may use specific contracts approved for use in the UK (International Data Transfer Agreements) which give personal data the same protection it has in the UK.
- Data Retention Period
We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting, or reporting requirements.
Customer Account & Contract Data: We retain transactional and contractual data for 6 years following the end of the customer relationship or the last transaction, in line with statutory limitation periods for breach of contract claims under UK law.
Marketing Contact Data: We retain your marketing preferences for up to 2 years from your last active engagement with us, unless you opt out or withdraw consent sooner.
Technical & Analytics Data: Standard website logs and analytics data are kept for a maximum of 14 months before automatic deletion.
- Your Legal Rights
Under the GDPR, you have the following rights regarding your personal data:
Right of Access: You can request a copy of the personal data we hold about you (a Subject Access Request). This is free of charge and will be responded to within one calendar month.
Right to Rectification: You can request that we correct inaccurate or incomplete data.
Right to Erasure: You can ask us to delete your personal data where there is no good reason for us continuing to process it.
Right to Object / Restrict Processing: You can object to us processing your data where we are relying on a legitimate interest, or ask us to suspend processing.
Right to Data Portability: You can request the transfer of your personal data to you or a third party in a structured, machine-readable format.
Right to Withdraw Consent: Where we rely on consent to process your data (such as marketing to new contacts), you can withdraw it at any time by emailing [email protected].
- Complaints
If you have any concerns or complaints about how we handle your personal data, please contact our Data Protection Manager first at [email protected] so we can resolve the issue directly.
You also have the right to lodge a formal complaint at any time with the UK supervisory authority:
Information Commissioner’s Office (ICO)
Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
Tel: 0303 123 1113
Website: www.ico.org.uk



































