Privacy Policy
We keep it straight. Here’s exactly what data we collect, why we collect it, and what you can do about it.
Who We Are
Keeper iD is a goalkeeper glove brand registered in England and Wales. Our website is keeperid.com.
Keeper iD is the data controller responsible for your personal information collected through this website. When this policy says “we”, “us” or “our”, it refers to Keeper iD.
We are registered with the Information Commissioner’s Office (ICO) in the UK and comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
What Data We Collect
We collect data in two ways — information you give us directly, and information collected automatically when you use our site.
| Category | What it includes | When collected |
|---|---|---|
| Account data | Name, email address, password (hashed) | When you register or checkout |
| Order data | Billing address, delivery address, order history, payment method type (not card details) | When you place an order |
| Contact data | Name, email, message content | When you contact us via form or email |
| Usage data | Pages visited, products viewed, time on site, referral source | Automatically via cookies and analytics |
| Technical data | IP address, browser type, device type, operating system | Automatically when you visit |
| Marketing data | Email marketing preferences, newsletter opt-in status | When you opt in |
Payment security: We do not store your full card details. All payment processing is handled by our secure payment provider. We only see the last four digits of your card and the payment status.
How We Use Your Data
We only use your data for purposes that are necessary, reasonable, and where we have a proper legal basis. Here’s exactly what that looks like:
- Processing and fulfilling your orders — including delivery, invoicing, and returns
- Managing your account if you choose to create one
- Responding to enquiries, complaints, or support requests
- Sending order confirmations and shipping updates by email
- Sending marketing emails — only if you’ve opted in, and you can unsubscribe any time
- Improving the website — understanding how pages perform and where people drop off
- Preventing fraud and ensuring the security of transactions
- Complying with our legal obligations, including tax records
We do not sell your data. We do not use your data for automated decision-making or profiling that has a legal or significant impact on you.
Legal Basis for Processing
Under UK GDPR, we must have a lawful basis for every type of data processing we carry out. Here’s ours:
| Purpose | Legal basis |
|---|---|
| Processing orders and payments | Contract — necessary to fulfil your order |
| Account management | Contract — you have an account with us |
| Legal and tax obligations | Legal obligation — required by law |
| Fraud prevention and site security | Legitimate interests — protecting our business and customers |
| Website analytics and improvement | Legitimate interests — improving user experience |
| Email marketing | Consent — only if you’ve opted in |
Who We Share Data With
We share your data only where necessary to run the business. We never sell your information to third parties.
- Payment processors — to handle card transactions securely
- Delivery and courier services — your name and address, to ship your order
- Email marketing platforms — if you’ve opted into marketing communications
- Analytics providers — anonymised usage data to understand site performance
- Hosting and IT providers — who provide the infrastructure this website runs on
- Law enforcement or regulators — where we are legally required to disclose
All third-party service providers are required to handle your data securely and only for the purposes we’ve specified. Where providers are based outside the UK, we ensure appropriate safeguards are in place.
Cookies
Cookies are small files stored on your device when you visit a website. We use them to keep the site working properly and to understand how people use it.
| Type | Purpose | Required? |
|---|---|---|
| Essential | Shopping cart, login sessions, security tokens — the site can’t function without these | Yes — always active |
| Functional | Remembering your preferences (size, region, language) | Optional |
| Analytics | Understanding how pages are used (e.g. Google Analytics — anonymised) | Optional — consent required |
| Marketing | Retargeting and ad performance tracking | Optional — consent required |
You can manage cookie preferences at any time via your browser settings. Note that disabling essential cookies will break the checkout process.
How Long We Keep It
We don’t hold data longer than we need to. Here’s our standard retention schedule:
- Order records — 7 years (HMRC requirement for financial records)
- Account data — for the life of your account, plus 12 months after closure
- Marketing preferences — until you unsubscribe or withdraw consent
- Contact/enquiry records — 2 years from last contact
- Analytics data — 26 months (industry standard)
- Fraud prevention data — up to 5 years where a risk exists
When data reaches the end of its retention period, it is securely deleted or anonymised.
Your Rights
Under UK GDPR, you have the following rights regarding your personal data. These aren’t complicated — they’re yours by law.
Request a copy of the personal data we hold about you.
Ask us to correct inaccurate or incomplete data.
Request deletion of your data in certain circumstances.
Object to processing based on legitimate interests or for marketing.
Ask us to limit how we use your data while a dispute is resolved.
Receive your data in a structured, machine-readable format.
Unsubscribe from marketing or withdraw any consent at any time.
Lodge a complaint with the ICO if you’re unhappy with how we’ve handled your data.
To exercise any of these rights, email us at privacy@keeperid.com. We’ll respond within 30 days. We may need to verify your identity before we can act on the request.
If you’re not satisfied with our response, you have the right to complain to the Information Commissioner’s Office (ICO): ico.org.uk — 0303 123 1113.
Security
We take the security of your data seriously. Our measures include:
- SSL/TLS encryption on all data transmitted through keeperid.com
- Secure, hashed password storage — we cannot see your password in plain text
- Access controls ensuring only authorised staff can access personal data
- Regular security monitoring of our hosting environment
- Payment processing handled by PCI-DSS compliant third parties — your card data never touches our servers
No method of transmission over the internet is 100% secure. If you suspect a security issue with your account, contact us immediately at privacy@keeperid.com.
Children
Our website is intended for use by individuals aged 16 and over. We do not knowingly collect personal data from children under 16 without verifiable parental consent.
Many of our products — junior goalkeeper gloves in particular — are intended for young players. When purchases are made for children, we expect the transaction to be completed by a parent or guardian. The personal data collected relates to the adult making the purchase, not the child using the product.
If you believe a child has provided us with personal data without appropriate consent, contact us at privacy@keeperid.com and we will delete it promptly.
Changes to This Policy
We may update this Privacy Policy from time to time — for example when we add new features, change service providers, or when legislation changes.
Any significant changes will be communicated via the website or by email if we have your contact details. The “Last updated” date at the top of this page will always reflect when we last made changes.
Continuing to use keeperid.com after changes have been posted constitutes acceptance of the updated policy.
Contact Us
Questions about this policy, your data, or how we use it? Get in touch directly — no automated replies, no runaround.
Keeper iD
Email: privacy@keeperid.com
Website: keeperid.com/contact-us
We aim to respond to all privacy requests within 5 working days, and in all cases within the statutory 30-day limit.
