Forgot your password?
Free UK delivery on TCG orders over £30! Free UK delivery on TCG orders over £30!
Fast UK delivery, 1-3 working days! Fast UK delivery, 1-3 working days!
Order before 3pm for same day dispatch! Order before 3pm for same day dispatch!
Earn 4% store credit on purchases! Earn 4% store credit on purchases!

Privacy policy

Looking after your personal information is very important to us. We want you to be confident that your personal data is held securely and that it is used solely for the purpose of providing an excellent shopping experience.

This policy has been written to help you understand how and why Big Orbit Cards collects personal information from you, who we share this information with and why; also what your rights are with regard to your personal data.

Contents

What information we collect

When you buy from us you are entering in to a contract. You will need to set up a Big Orbit Cards account before ordering, and so that we can set this up we ask you to provide the following personal information:

  • Full name
  • Address
  • Email address
  • Confirmation that you are 16 or over

We collect the minimum amount of information to allow us to practically and legally process your order.

Additional information may be required to establish customer identify in the even that an exceptionally large order is placed or if an order meets any of our criteria for potential fraud.

Back to top ^

How we use your information

The General Data Protection Regulation (GDPR) states that we are only permitted to use and share your personal data where we have a proper reason to do so. The law says we must have one or more of the following reasons:

Contract fulfilment - your personal information is processed in order to complete a sale / order.

Legitimate interests - Big Orbit Cards' interest in managing our business to allow us to provide you with excellent service in a secure and responsible way.

Consent – you agree to us using your information in a certain way e.g. sending our newsletter.

Legal obligation – where there is statutory or other legal requirement to share the information e.g. when we have to share your information for law enforcement purposes.

The following list details various ways in which we may use your personal information, attributing the reason described above we rely on to do so in each case. Where legitimate interest is listed as a reason, we follow this with a description of what we believe these legitimate interests to be.

  • Account set-up - Legitimate interest: Necessary for account set-up, as requested by customer.
  • Process your orders - Contract fulfilment.
  • Order status update notification - Legitimate interest: Required to provide quality customer service.
  • Account management - Legal obligation/Legitimate interest: Enable us to keep our records up to date.
  • Customer service - Legal obligation/Legitimate interest: Allowing efficient handling of customer contact.
  • Fraud Prevention - Legal obligation/Legitimate interest: Allowing us to protect the business from fraudulent transactions.
  • Website personalisation and administration - Legitimate interest: Improving customer interaction with our site.
  • Marketing communication - Legitimate interests: Informing customers of products and promotions that attract and retain customers. Improving customer interaction with our site.
  • Customer satisfaction surveys/market research - Legitimate interest: Allows us to understand our customers and to develop the business in such a way that meets customer needs.
  • Demand forecasting, management information and research - Legitimate interest: We use aggregated data regarding shopping habits, products bought and sales volumes, to help us to respond to demand and to help us plan our range.
  • Aiding law enforcement agencies - Legal obligation/Legitimate interest: Providing information to law enforcement agencies on request.

Back to top ^

Who we share your information with and why

We do not store credit card details nor do we share customer details with any 3rd party that is not essential for the fulfillment of a customer's order. In order to complete your order we work with a number of trusted businesses in order to provide you the excellent service you expect from us. These include delivery companies, payment processing companies and marketing companies, details below:

Delivery Partner (Royal Mail)

In order for you to receive your order, we work with Royal Mail. We only pass information required for them to deliver your items and when appropriate to allow you to track your delivery.

Payment processing (Worldpay)

We pass your name and address information to our trusted third party payment processing provider, Worldpay, in order to securely take payments.

Marketing Companies (MailChimp & Trust Pilot)

We work with marketing companies who help us manage our electronic communications with you and to carry out surveys and reviews on our behalf.

Back to top ^

How long we keep your information

When we collect your personal information, the length of time we retain it for is determined by a number of factors, including the purpose for which we use that information and our obligations under the law.

We require your personal information for accountancy purposes and to allow us to support you as a customer. For these purposes, we retain personal information for at least 7 years. Exceptions to this are listed below:

  • We are required by law to hold your personal information for a longer or shorter period.
  • You exercise your right to have the information erased (where applicable) and we do not need to retain it for any permitted reason or where by law we are required to continue to hold it.

Back to top ^

What are your rights

You are entitled to make the following requests of Big Orbit Cards; these are your Data Subject Rights. To exercise these rights please email dataprotection@bigorbitcards.co.uk or call 01386 718060 and ask to speak to the Data Officer.

  • Right of access: you may request access to the personal information we hold and information about how we process it
  • Right to rectification: your right to have your personal information corrected if it is inaccurate and to have incomplete personal information completed
  • Right to erasure (also known as the Right to be Forgotten): your right to have your personal information erased
  • Right to restriction of processing: your right to restrict processing of your personal information
  • Right to data portability: your right to electronically move, copy or transfer your personal information in a standard form
  • Right to object: your right to object to processing of your personal information

You have the right to complain to a data protection regulator in Europe, generally in the country you work or live or where your legal rights have been infringed. In the United Kingdom this is the Information Commissioner’s Office (ICO) and their contact details are available on their website: www.ico.org.uk. We would ask that you contact us in the first instance and we will work to actively resolve any issues or concerns you might have.

Back to top ^

Why we ask for confirmation of age

Under the General Data Protection Regulation (GDPR) - in the European Union a person may only provide consent for their data to be processed if they are aged sixteen years or older.

Back to top ^

How do we protect your information?

We implement a variety of security measures to maintain the safety of your personal information when you place an order or enter, submit, or access your personal information.

We offer the use of a secure server. All supplied sensitive information is transmitted via Secure Socket Layer (SSL) technology and then encrypted into our payment gateway providers' database, only to be accessible by those authorized with special access rights to such systems, and are required to keep the information confidential.

Back to top ^

Do we use cookies?

Yes. Cookies are small files that a site or its service provider transfers to your computers' hard drive through your Web browser (if you allow) that enables the sites or service providers systems to recognize your browser and capture and remember certain information.

We use cookies to help us remember and process the items in your shopping cart, no personal information is stored in the cookies created when visiting our website.

Back to top ^

Integration with Trust Pilot

We have integrated Trust Pilot on this website to allow current and future customers to assess our performance as an online retailer.

Integration with Trust Pilot serves the purpose of protection of our legitimate interests in the optimal marketing of our offer according to art. 6(1)(f) GDPR that are overriding in the process of balancing of interests.

Customers need to be aware that their use of our website is therefore additionally subject to the Trust Pilot terms of use.

Back to top ^

Integration of Google reCAPTCHA

We use Google reCAPTCHA v3 to prevent malicious software from engaging in abusive activities on our website, customers need to be aware that their use of our website is therefore additionally subject to the Google Privacy Policy and Terms of Use.

Back to top ^

Occasionally, at our discretion, we may include or offer third party products or services on our website. These third party sites have separate and independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.

Back to top ^

Changes to our privacy policy

If we decide to change our privacy policy, we will post those changes on this page, and/or update the Privacy Policy modification date below.

This policy was last modified on 03.02.2023

Back to top ^

Cookiebot Declaration

Back to top ^