GDRP & Privacy Policy

GDPR & Privacy Policy

Last Updated: June 2026

Introduction

Lab Fifteen Co is committed to protecting your privacy and handling your personal information responsibly.

This Privacy Policy explains what information we collect, how we use it, and your rights regarding your personal data when you visit our website or place an order.

By using our website, you agree to the collection and use of information in accordance with this policy.

Who We Are

Lab Fifteen Co is the data controller responsible for your personal information.

Contact Email:

matt@labfifteenco.com

Information We Collect

When you visit our website, place an order, contact us or subscribe to updates, we may collect the following information:

Personal Information

Name
Billing address
Shipping address
Email address
Telephone number
Order details

Payment Information

Payments are processed securely through our payment providers.

Lab Fifteen Co does not store or have access to your full payment card details.

Website Usage Information

We may collect information such as:

IP address
Browser type
Device information
Pages visited
Website usage statistics

This information helps us improve our website and customer experience.

How We Use Your Information

We use personal information to:

Process and fulfil orders
Communicate regarding purchases and enquiries
Provide customer support
Arrange shipping and delivery
Prevent fraud and abuse
Comply with legal obligations
Improve our website and services
Send marketing communications where consent has been provided

Legal Basis for Processing

We process personal data under one or more of the following legal bases:

Performance of a contract
Compliance with legal obligations
Legitimate business interests
Customer consent where required

Third-Party Services

To operate our business, we may share information with trusted third-party providers including:

Shopify (website and ecommerce platform)
Payment providers such as PayPal, Shop Pay, Stripe and other checkout providers
Shipping providers including Royal Mail, DHL and other courier services
Website analytics providers
Email and marketing service providers

These providers only receive the information necessary to perform their services.

International Transfers

Some of our service providers may process data outside the United Kingdom or European Economic Area.

Where this occurs, appropriate safeguards are used to protect personal information in accordance with applicable data protection laws.

Marketing Communications

If you subscribe to marketing emails, we may send occasional updates regarding products, offers and business news.

You may unsubscribe at any time using the unsubscribe link included in our emails.

Data Retention

We retain personal information only for as long as necessary to:

Fulfil orders
Provide customer support
Meet legal and tax obligations
Resolve disputes
Enforce our agreements

When information is no longer required, it will be securely deleted or anonymised.

Your Rights

Under UK GDPR and EU GDPR, you may have the right to:

Access your personal data
Correct inaccurate information
Request deletion of your personal data
Restrict processing
Object to processing
Request data portability
Withdraw consent where processing is based on consent

To exercise any of these rights, please contact us using the details provided below.

Cookies

Our website uses cookies and similar technologies to improve functionality, analyse website performance and enhance the customer experience.

You can manage cookie preferences through your browser settings.

Data Security

We take reasonable technical and organisational measures to protect personal information against unauthorised access, disclosure, alteration or destruction.

However, no method of internet transmission or electronic storage can be guaranteed to be completely secure.

Contact Us

If you have any questions about this Privacy Policy or wish to exercise your data protection rights, please contact: