Privacy Policy

Matt Lewis Racing Ltd (“we”, “us”, “our”) is committed to protecting and respecting your privacy.

This Privacy Policy explains how we collect, use, and protect your personal data when you visit www.mattlewisracing.co.uk, make a purchase, or otherwise interact with us.

We are the data controller for the purposes of the UK General Data Protection Regulation.

1. Who We Are

Matt Lewis Racing Ltd
Abinger Hammer, Surrey
United Kingdom
Email: sales@mattlewisracing.co.uk

If you have any questions about this policy or how we handle your personal data, please contact us using the details above.

2. What Personal Data We Collect

We may collect and process the following categories of personal data:

Information You Provide Directly

  • Full name
  • Billing and delivery address
  • Email address
  • Telephone number
  • Order details
  • Account login details (if applicable)
  • Vehicle details provided for compatibility purposes

Information Collected Automatically

When you visit our website, we may automatically collect:

  • IP address
  • Device and browser type
  • Pages visited and time spent on site
  • Referring website
  • Cookie and tracking data

Payment Information:

We do not store full credit or debit card details. Payments are processed securely by third-party providers.

3. How We Use Your Personal Data

We use your personal data to:

  • Process and fulfil orders
  • Arrange shipping and delivery
  • Provide customer service and technical support
  • Send order confirmations and updates
  • Prevent fraud and protect our business
  • Comply with legal and accounting obligations
  • Improve our website, products, and services
  • Send marketing communications where you have opted in
  • Send abandoned cart reminders where checkout has been initiated

4. Lawful Bases for Processing

Under UK data protection law, we rely on the following lawful bases:

  • Contract – to fulfil orders and provide services
  • Legal obligation – for accounting, tax, and regulatory compliance
  • Legitimate interests – to operate and improve our business, prevent fraud, recover abandoned carts, and provide customer support
  • Consent – for email marketing communications

You may withdraw marketing consent at any time by unsubscribing from emails.

5. E-Commerce Platform Hosting

Our website is hosted by Shopify, which provides the online platform that allows us to sell our products and services.

Your data is stored through Shopify’s secure data storage, databases, and general application. Shopify processes personal data on our behalf as a data processor.

6. Payment Processing

We accept payments via:

  • Shopify Payments
  • PayPal
  • Klarna

Payment transactions are processed securely by these providers. We do not store full credit or debit card details on our systems.

Payment providers process personal data as independent data controllers in accordance with their own privacy policies.

7. Fraud Prevention

To protect our business and customers from fraudulent transactions, we use fraud detection and prevention tools provided by Shopify and our payment partners. This may involve automated processing and risk analysis.

8. Order Fulfilment & Disclosure of Personal Data

We share personal data only where necessary with trusted third parties, including:

  • Courier and delivery companies
  • Payment processors
  • Website hosting and IT providers
  • Marketing and email service providers
  • Analytics and advertising partners
  • Professional advisers (such as accountants and insurers)

Where products are dispatched directly from a supplier or manufacturer, we may share necessary delivery details (such as name, address, and contact number) solely for the purpose of fulfilling your order. Suppliers do not use this information for marketing or independent contact.

We only share the minimum information necessary and require all third parties to handle personal data securely and lawfully.

9. Analytics, Advertising & Tracking

We use analytics and advertising services provided by Shopify and third-party partners, including Meta Platforms and Google.

These services use cookies and similar technologies to:

  • Analyse website performance
  • Measure advertising effectiveness
  • Improve marketing campaigns
  • Help prevent fraud

You can manage your cookie preferences via our cookie consent banner and your browser settings.

10. Abandoned Cart Communications

If you begin the checkout process but do not complete your purchase, we may send a reminder email regarding your abandoned cart.

These communications are sent on the basis of our legitimate interests in recovering sales and improving customer experience. You may opt out of these emails at any time.

11. International Transfers

Some of our service providers, including Shopify, Meta and Google, may process personal data outside the United Kingdom.

Where personal data is transferred internationally, appropriate safeguards are used, such as:

  • Transfers to countries subject to UK adequacy regulations
  • UK-approved standard contractual clauses
  • Other lawful transfer mechanisms

12. Data Retention

We retain personal data only for as long as necessary:

  • Order and billing records: retained for at least 6 years in accordance with UK tax and accounting requirements
  • Customer service records: retained as necessary for support and warranty purposes
  • Marketing data: retained until you unsubscribe or withdraw consent
  • Analytics data: retained in accordance with cookie duration settings

After this period, data is securely deleted or anonymised.

13. Your Rights

Under UK data protection law, you have the right to:

  • Access your personal data
  • Request correction of inaccurate data
  • Request the deletion of your data
  • Restrict processing
  • Object to processing
  • Request data portability
  • Withdraw consent at any time (where processing is based on consent)

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) if you believe your personal data has been handled improperly.

We encourage you to contact us first so we can resolve any concerns.

14. Data Security

We implement appropriate technical and organisational measures to protect personal data against unauthorised access, alteration, disclosure, or destruction.

However, no method of transmission over the internet is completely secure, and we cannot guarantee absolute security.

15. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices of external sites.

16. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated revision date.

 

Matt Lewis Racing Ltd
Last updated: 01/02/2026