Skip to main content

Privacy Policy

1. Who We Are

Printout.Graphics is a trading name of Printout Graphics Ltd, a company registered in England and Wales. We are committed to protecting your personal data and respecting your privacy in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

If you have any questions about this policy or how we handle your data, please contact us at:

2. What Data We Collect

When you use our website or place an order, we may collect the following personal information:

  • Identity data: your full name, company name (if applicable)
  • Contact data: email address, telephone number, postal/delivery address
  • Payment data: processed securely by our third-party payment provider — we do not store your full card details on our servers at any time
  • Order data: details of the products you have ordered, artwork files you have uploaded, order history, and any correspondence relating to your orders
  • Account data: if you create a customer account, we store your login credentials (password is encrypted and never stored in plain text), saved addresses, and order history
  • Technical data: IP address, browser type and version, time zone, operating system, and platform
  • Communication data: records of all correspondence if you contact us via email, phone, contact form, or social media

3. Why We Collect Your Data (Lawful Basis)

We process your personal data under the following lawful bases:

  • Contract performance: to process, produce, and deliver your orders, and to manage your customer account
  • Communication: to respond to enquiries, provide order updates, send dispatch notifications, and request artwork where needed
  • Payment processing: to take payment securely via our payment provider and manage refunds where applicable
  • Legal obligation: to comply with our legal and regulatory requirements (e.g. tax records, fraud prevention, HMRC reporting)
  • Legitimate interest: to improve our website, products, and services based on how customers use them, and to protect against fraud or misuse
  • Consent: for marketing communications only — you can withdraw consent at any time by contacting us or using the unsubscribe link in any marketing email

4. How We Store Your Data

Your personal data is stored securely on UK-based servers. We implement appropriate technical and organisational measures to protect your data against unauthorised access, alteration, disclosure, or destruction. These measures include:

  • SSL/TLS encryption on all pages of our website
  • Encrypted password storage using industry-standard hashing algorithms
  • Regular security updates and vulnerability assessments
  • Restricted access — only authorised personnel can access personal data
  • Automated encrypted database backups

Data Retention Periods

  • Order records: retained for six years from the date of the transaction in accordance with HMRC requirements
  • Artwork files: retained for 90 days after order completion to allow for reprints or queries, then permanently deleted. We do not retain your artwork beyond this period unless you request otherwise in writing.
  • Customer accounts: retained for as long as your account is active. Inactive accounts may be deleted after 24 months — we will notify you by email before doing so.
  • Communication records: retained for two years from the date of the last correspondence
  • Technical/usage data: anonymised or deleted after 12 months

5. Third Parties

We share your personal data with the following categories of third parties, only to the extent necessary to provide our services:

  • Payment processor: our payment provider handles all card and online transactions securely. We do not have access to your full card details at any point.
  • Print fulfilment partners: for certain products, we work with specialist print suppliers who receive only the information necessary to produce and ship your order (name, delivery address, and artwork files).
  • Royal Mail and courier services: to deliver your orders. We share your name, delivery address, and contact number for this purpose.
  • Email service providers: to send transactional emails such as order confirmations and dispatch notifications.
  • Website hosting provider: our hosting infrastructure stores website data securely within the UK.

We do not sell, rent, or trade your personal data to any third parties for marketing purposes. We will never share your data with third parties for their own marketing without your explicit consent.

6. Cookies

Our website uses cookies to provide essential functionality and, with your consent, to analyse how visitors use our site. We use a cookie consent banner that appears on your first visit — analytics cookies are only activated if you choose to accept them.

Cookie Inventory

Cookie NamePurposeDurationType
pw_pg Session cookie — maintains your shopping cart, login state, and delivery preferences as you browse the site. Contains a random session identifier only; no personal data is stored in the cookie itself. Browser session (deleted when you close your browser) Strictly necessary
pg_cookie_consent Records your cookie consent preference (accepted or rejected) so the banner is not shown on every visit. 1 year Strictly necessary
_ga Google Analytics 4 — distinguishes unique visitors using a randomly generated identifier. Does not contain personally identifiable information. 2 years Analytics (requires consent)
_ga_G-Y54W43N2CD Google Analytics 4 — maintains session state for our specific measurement property. 2 years Analytics (requires consent)

Session Data

The session cookie (pw_pg) links to server-side session data that may include:

  • Shopping cart contents (product selections and quantities)
  • Selected delivery tier (Standard, Express, or Priority)
  • Login state (if you have a customer account)
  • Temporary notification messages (e.g. "Item added to cart")

This data is stored securely on our server, not in the cookie itself. Session data is automatically deleted when the session expires or when you close your browser.

Session Cookie Security

  • The cookie is served over HTTPS only (Secure flag)
  • The cookie is not accessible to JavaScript (HttpOnly flag)
  • Session fingerprinting is enabled to prevent session hijacking

Analytics

We use Google Analytics 4 (GA4) to understand how visitors use our website. GA4 collects anonymous usage data such as pages visited, time on site, and general geographic region. It does not collect your name, email address, or other personally identifiable information.

We use Google Consent Mode v2 to ensure that analytics cookies are only set after you have given explicit consent via our cookie banner. If you reject non-essential cookies or do not interact with the banner, no analytics cookies are placed on your device and no analytics data is collected.

You can withdraw your consent at any time by clearing your cookies and revisiting the site — the consent banner will reappear. You can also opt out of Google Analytics across all websites by installing the Google Analytics Opt-out Browser Add-on.

Google processes analytics data in accordance with its own privacy policy. Data collected through GA4 may be processed on servers outside the UK, including in the United States — see Section 8 (International Transfers) below.

Third-Party Cookies

Other than the Google Analytics cookies listed above (which require your consent), our website does not embed third-party content (social media widgets, advertising pixels, or additional trackers) that would set cookies on your device. When you proceed to checkout, you are redirected to our payment processor's hosted checkout page, which may set its own cookies subject to its own privacy policy.

Managing Cookies

You can control cookies through your browser settings. Most browsers allow you to block or delete cookies. Please note that disabling essential cookies may affect the functionality of our website, including the ability to add items to your cart or place orders.

7. Your Rights Under UK GDPR

Under the UK General Data Protection Regulation (UK GDPR), you have the following rights regarding your personal data:

  • Right of access: you can request a copy of the personal data we hold about you (known as a Subject Access Request)
  • Right to rectification: you can ask us to correct any inaccurate or incomplete data
  • Right to erasure: you can request that we delete your personal data, subject to any legal obligations we have to retain it (e.g. HMRC tax records)
  • Right to restrict processing: you can ask us to limit how we use your data in certain circumstances
  • Right to data portability: you can request your data in a structured, commonly used, machine-readable format
  • Right to object: you can object to processing based on legitimate interests or for direct marketing purposes
  • Right to withdraw consent: where we rely on your consent, you can withdraw it at any time without affecting the lawfulness of processing carried out before withdrawal

To exercise any of these rights, please contact us at hello@printout.graphics. We will respond to your request within one calendar month. In complex cases, we may extend this by a further two months, but we will inform you of any delay within the initial one-month period.

There is no fee for making a request unless the request is manifestly unfounded or excessive, in which case we may charge a reasonable administrative fee or refuse the request.

8. International Transfers

We store all website and customer data on UK-based servers. However, by using Google Analytics 4 (with your consent), some anonymised usage data may be processed by Google on servers located outside the UK, including in the United States.

Google LLC participates in the EU-US Data Privacy Framework and maintains appropriate safeguards for data transfers from the UK. We rely on Google's compliance with these frameworks and their Standard Contractual Clauses to ensure your data is protected to a standard equivalent to UK GDPR.

No other personal data is transferred outside the UK unless necessary to fulfil your order (for example, if a delivery address is overseas).

9. How to Contact Us About Data

If you have any concerns about how we handle your personal data, or if you wish to make a complaint, please contact us at hello@printout.graphics.

If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):

10. Changes to This Policy

We may update this privacy policy from time to time to reflect changes in our practices or legal requirements. Any changes will be posted on this page with an updated revision date. Where changes are significant, we will make reasonable efforts to notify you (for example, by email or a notice on our website). The version in effect at the time of your order or interaction applies to the data collected at that time.

Last updated: 29 April 2026