Free UK Delivery Over £100  |  UK-Based Support  |  DTF Supplies from a Real Print Shop
DTF

Privacy Policy

DTF Printing Technology ("we", "us", "our") is committed to protecting your privacy. This policy explains what personal data we collect, why we collect it, and how we handle it when you use www.dtf.technology.

What Data We Collect

We collect the minimum amount of data needed to process your orders and improve our website:

  • When you place an order: Name, email address, phone number, and shipping address. This is necessary to fulfil your order and send dispatch notifications.
  • When you create an account: Email address. We use passwordless magic link authentication, so we don't store any passwords.
  • When you contact us: Name, email address, and any information you include in your message.
  • When you request free samples: Name, email address, and shipping address.
  • When you browse our site: If you accept analytics cookies, we collect anonymised usage data through Google Analytics 4 (pages visited, time on site, device type). If you decline cookies, no analytics data is collected.

How We Use Your Data

  • To process and fulfil your orders, including sending order confirmations and dispatch notifications via email
  • To provide customer support when you contact us
  • To maintain your account and order history
  • To improve our website based on anonymised usage patterns (only if you consent to analytics cookies)
  • To comply with legal obligations (e.g. tax records)

We do not use your data for marketing unless you have explicitly opted in. We do not sell, rent, or trade your personal data to third parties.

Payment Processing

We never see or store your credit card details. Payments are processed securely by Stripe and PayPal, who act as independent data controllers for payment data. Your card details are entered directly on their secure platforms and are never transmitted through our servers. Please refer to Stripe's Privacy Policy and PayPal's Privacy Policy for details on how they handle your payment information.

Email Communications

Transactional emails (order confirmations, dispatch notifications, magic link logins) are sent through Brevo (formerly Sendinblue). These are service emails necessary to fulfil your order or provide account access - they are not marketing emails. Brevo processes this data on our behalf as a data processor. See Brevo's Privacy Policy for details.

Data Storage and Security

Your data is stored in a secure PostgreSQL database hosted by Railway within the EU/UK. We use encrypted connections (HTTPS) for all data transmission between your browser and our servers.

Account sessions are secured using HMAC-SHA256 tokens. We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction.

Data Retention

  • Order data: Retained for 6 years after the order date to comply with UK tax and accounting regulations (HMRC requirements).
  • Account data: Retained for as long as your account is active. You can request account deletion at any time.
  • Contact form messages: Retained for up to 12 months, then deleted.
  • Analytics data: Google Analytics retains data for 14 months by default.

Your Rights

Under UK GDPR, you have the following rights regarding your personal data:

  • Right of access: Request a copy of the personal data we hold about you.
  • Right to rectification: Ask us to correct inaccurate or incomplete data.
  • Right to erasure: Ask us to delete your personal data (subject to legal retention requirements).
  • Right to restriction: Ask us to limit how we use your data.
  • Right to data portability: Request your data in a machine-readable format.
  • Right to object: Object to processing of your data for certain purposes.

To exercise any of these rights, please contact us. We will respond within 30 days.

Third-Party Services

We use the following third-party services to operate our website:

Service Purpose Data Shared
Stripe Card payments Payment details (entered directly on Stripe's platform)
PayPal PayPal payments Payment details (entered directly on PayPal's platform)
Brevo Transactional emails Email address, name, order details
Google Analytics 4 Website analytics (consent-based) Anonymised usage data
Google Maps/Places Address autocomplete at checkout Address input text
Railway Website and database hosting All stored data (encrypted at rest)

Cookies

For full details about the cookies we use and how to manage them, please see our Cookie Policy.

Changes to This Policy

We may update this privacy policy from time to time. Significant changes will be communicated via a notice on our website. We encourage you to review this page periodically.

Complaints

If you believe we have not handled your personal data properly, you have the right to lodge a complaint with the UK Information Commissioner's Office (ICO) at ico.org.uk. We would, however, appreciate the chance to address your concerns first - please contact us.