Effective Date: 01/09/2025
This Privacy Policy explains how Derma Direct UK Ltd (“we”, “us”, “our”) collects, uses, and protects your personal information when you use the website www.nexfill.co.uk (the “Site”).
We are committed to protecting your privacy and complying with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
1. Who We Are
The Site is owned and operated by:
Derma Direct UK Ltd
Company Number: 15629396
Registered Address: M1, Atria, Spa Road, Bolton, England, BL1 4AG
If you have any questions about this Privacy Policy, please contact us at:
info@dermadirect.com
2. Information We Collect
We may collect and process the following types of personal data:
Identity Data: name, title, company, username, date of birth (if applicable).
Contact Data: email address, phone number, billing and delivery addresses.
Transaction Data: details of payments made and products purchased.
Technical Data: IP address, browser type/version, time zone, device type, operating system.
Usage Data: information on how you use the Site, including browsing and purchase behaviour.
Marketing & Communications Data: your preferences in receiving marketing from us.
3. How We Use Your Information
We use your personal data to:
Process and deliver your orders.
Manage your account and provide customer support.
Communicate with you about orders, updates, and services.
Send you marketing communications (if you have opted in).
Improve our website, products, and services.
Comply with legal, tax, and regulatory obligations.
4. Sharing Your Information
We do not sell your data. We may share your personal data with:
Service providers (e.g. payment processors, couriers, IT and hosting providers).
Professional advisors (e.g. accountants, auditors, lawyers).
Regulatory bodies where required by law.
All third parties are required to respect the security of your personal data and to treat it in accordance with the law.
5. Cookies
Our Site uses cookies and similar technologies to improve user experience, analyse traffic, and personalise content.
For more details, please see our Cookie Policy [link if available].
6. Your Data Protection Rights
Under UK GDPR, you have the right to:
Access the personal data we hold about you.
Request correction of inaccurate or incomplete data.
Request deletion of your personal data (subject to legal requirements).
Object to processing or restrict processing of your data.
Withdraw consent where we rely on consent for processing.
Request transfer of your data to another service provider (data portability).
To exercise any of these rights, please contact us at [insert email address].
7. Data Retention
We will retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, including legal, accounting, or reporting requirements.
8. Security
We have put in place appropriate technical, organisational, and security measures to protect your data against loss, misuse, and unauthorised access.
9. International Transfers
If we transfer your personal data outside the UK/EEA, we ensure appropriate safeguards (such as Standard Contractual Clauses) are in place.
10. Updates to This Policy
We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated “Effective Date.”