Privacy Policy

This Privacy Policy explains how Deer Central (Light Alder Ltd) collects, uses and protects your personal data when you use our website or services. Light Alder Ltd trading as Deer Central is the data controller for the purposes of UK data protection law.

If you have any questions regarding this policy, please contact:
Ben Lightowler
Light Alder Ltd T/A Deer Central
[email protected]

What Personal Data We Collect

We may collect and process the following categories of personal data:

  • Name
  • Billing address
  • Delivery address
  • Email address
  • Telephone number
  • Financial information including bank details and credit/debit card details (although we do not retain complete payment card information)
  • Identifiers assigned to your computer or devices including Internet Protocol (IP) address
  • Attendance at events and training courses
  • Where necessary for legal compliance: forms of identity, FAC/SGC details
  • Where relevant and necessary for our duty of care in our services: health details and relevant medical history

Age-Restricted Products & Identity Verification

Certain products sold by Deer Central are age-restricted under UK law, including knives and other bladed articles. Under the Criminal Justice Act 1988 and the Offensive Weapons Act 2019, we are legally required to take robust steps to prevent the sale of bladed articles to persons under 18 years of age.

Where you purchase an age-restricted product, we may collect and process:

  • A copy of a valid passport or photocard driving licence
  • A PASS-accredited proof of age card
  • Firearms Certificate (FAC) or Shotgun Certificate (SGC) where relevant
  • The name and address of the intended recipient

Lawful Basis for Processing

We process identity documents and age-verification data under:

  • Article 6(1)(c) UK GDPR – Legal Obligation, where processing is necessary to comply with UK legislation governing the sale of age-restricted products; and
  • Article 6(1)(f) UK GDPR – Legitimate Interests, in operating our business lawfully and protecting against unlawful transactions.

Failure to provide satisfactory proof of age may result in cancellation of your order.

Data Minimisation

We only request the minimum identity information required to:

  • Confirm that the purchaser or named recipient is over 18
  • Match the ID to the delivery details
  • Demonstrate compliance with age-restricted sales legislation

Identity documents are not used for marketing purposes.

How Long We Retain Your Data

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including legal, accounting and reporting requirements.

General Customer Records

Order records, invoices and associated transaction data may be retained for up to 7 years in accordance with accounting and tax requirements.

Identity Documents for Age Verification

Identity documents submitted solely for age-verification purposes will be retained only as long as necessary to demonstrate legal compliance and resolve disputes or regulatory enquiries.

In most cases, ID documents will be retained for a maximum of:
12 months from the date of order completion or delivery

After this period, identity documents will be securely deleted or permanently anonymised. Where an order is subject to complaint, investigation, enforcement enquiry or legal proceedings, relevant records may be retained for longer where required or permitted by law.

How We Use Your Information

We use personal data to:

  • Process and fulfil orders
  • Deliver products and services
  • Manage course bookings and event attendance
  • Comply with legal obligations
  • Respond to enquiries
  • Prevent fraud and unlawful transactions
  • Improve our website and services

We do not sell your personal data.

Payment Information

Payments are processed via secure third-party payment processors. We do not store full credit or debit card details on our servers.

Sharing Your Data

We may share your data with:

  • Delivery service providers (including age-verified delivery services where required)
  • Payment processors
  • Accountants and professional advisers
  • Regulatory authorities where required by law

We only share the minimum data necessary.

Security of Your Data

We take appropriate technical and organisational measures to protect personal data from unauthorised access, alteration, disclosure or destruction. Access to identity documents is restricted and used solely for compliance purposes.

Your Rights Under UK GDPR

You have the right to:

  • Access your personal data
  • Request correction of inaccurate data
  • Request erasure of your data (subject to legal retention obligations)
  • Restrict processing
  • Object to processing where based on legitimate interests
  • Lodge a complaint with the Information Commissioner’s Office (ICO)

Requests can be made via email to [email protected].

Cookies

Our website uses cookies to improve user experience and monitor website performance. You can control cookies through your browser settings.

Changes to This Policy

We may update this Privacy Policy from time to time. The most current version will always be published on our website.