How we handle personal data

For the purposes of the UK GDPR and the Data Protection Act 2018, the data controller is Northbridge Computers Ltd. We operate a computer retail and service business in London, providing product guidance, custom desktop builds, and after-sales support.

This policy covers our website and related communications. It does not cover third-party websites that may be referenced from our pages. If you navigate away from our site, review the privacy information provided by that third party.

We collect only the information reasonably needed to answer your questions, provide quotes, deliver support, and improve our website. Depending on what you do on the site, we may collect the following categories of personal data:

• Identity and contact data: full name, email address, phone number (optional), and the content of messages you send.
• Technical data: IP address, approximate location derived from IP (city/region level), device type, operating system, browser type and version, language settings, and referring page.
• Usage data: pages visited, time spent on pages, clicks and navigation patterns, and interactions with site components (such as opening the mobile menu or cookie banner choice).
• Cookies and similar identifiers: small files and browser storage values used to remember preferences and measure site performance.

We do not ask for sensitive personal data such as health information, political opinions, or financial account numbers through our website forms. Please do not send such information to us by email or web form. If you do, we will handle it with care and may delete or redact it where appropriate.

We collect information in the following ways:

We do not use hidden redirects or content changes for different visitors. The content you see is the same content our systems provide to all users and crawlers.

We process personal data only when we have a valid legal basis. The basis depends on the context:

Where we rely on consent, you can withdraw it at any time. Withdrawing consent does not affect processing that took place before the withdrawal.

We use personal data for the following purposes:

• Service delivery and quotes: to answer questions about products, prepare custom build quotes, and explain options such as delivery and financing.
• Customer support: to troubleshoot issues, handle warranty queries, and keep continuity in communication across emails and calls.
• Website operation: to maintain and secure the site, monitor performance, and prevent misuse.
• Analytics (consent-based): to understand which pages are helpful and improve navigation and content quality.
• Legal compliance: to meet obligations related to accounting, dispute handling, and regulatory requirements.

Marketing: we do not send marketing emails by default when you contact us for support. If we introduce optional newsletters or promotions in the future, we will collect explicit opt-in consent and provide a clear unsubscribe option in every message.

We keep personal data only for as long as necessary for the purposes described above, then delete or anonymise it. Retention depends on the type of record:

If you ask us to delete personal data, we will evaluate your request and delete data where we can. Some records may need to be retained to comply with legal obligations or to establish, exercise, or defend legal claims. In those cases, we will restrict use of the data to those purposes.

We do not sell personal data. We may share data with trusted service providers (processors) who help us operate the website and communicate with you. These providers are authorised to process personal data only as needed to provide services to us and are required to protect it.

Categories of processors may include:

• Hosting and infrastructure providers: to serve website content and maintain security and performance.
• Email and communication providers: to send and receive support communications and confirmations.
• Analytics providers: for consent-based site measurement, such as Google Analytics 4.
• Payment and financing providers: if you choose to purchase through third-party payment or financing options, your payment details are handled directly by that provider based on their policies.

We may also disclose information if required by law, regulation, or a lawful request by public authorities, or when needed to protect our rights, property, or safety and that of our customers.

Our primary operations are in the United Kingdom. Some of our processors may store or access data outside the UK or the European Economic Area (EEA), for example when using cloud hosting or analytics services. When personal data is transferred internationally, we use appropriate safeguards to protect it.

Safeguards may include:

• Adequacy regulations where the destination country is recognised as providing an adequate level of protection.
• Standard Contractual Clauses (SCCs) or equivalent UK addendum terms with our processors where applicable.
• Additional contractual and technical measures such as access controls, encryption in transit, and minimisation.

You can contact us at [email protected] to request more information about the safeguards used for a specific processor.

If the UK GDPR applies to you, you have rights regarding your personal data. These include:

To exercise any right, email [email protected] with enough detail to identify your request. We may ask you to verify your identity before providing data or acting on a deletion request. We aim to respond within one month, or inform you if more time is required for complex requests.

Cookies are small text files stored on your device. We also use similar technologies such as local browser storage to remember preferences. Our site is designed to be usable without accepting non-essential cookies. When you first visit, you can choose whether to accept or reject non-essential cookies.

Our cookie banner text: “We use cookies to improve your experience and for analytics. Read our Privacy Policy.” The banner provides Accept and Reject options, stored locally on your device.

Our website and services are not directed to children under 16. We do not knowingly collect personal data from children under 16 through our web forms. If you believe a child has provided us with personal data, contact us at [email protected] and we will take steps to delete the information where appropriate.

If a minor contacts us for support, we will limit processing to what is necessary to respond, and we may request that a parent or guardian contact us for account-related matters where identity verification is needed.

We may update this Privacy Policy to reflect changes in our services, legal requirements, or how we operate the website. When we make changes, we will update the “Last Updated” date at the top of this page. For significant changes that affect your choices, we may also provide a clear notice on the website and, where appropriate, notify you by email if we have a working email address from an active support conversation.

Last Updated: January 15, 2026.

For privacy questions, requests to access or delete data, or concerns about how data is used, contact our privacy mailbox. Northbridge Computers Ltd does not appoint a formal DPO as a statutory requirement for this business type, but we do assign responsibility for privacy management to a designated privacy contact.

For general questions about products and support, visit Support. For legal terms governing the use of this website, see Terms.