Privacy Policy

Rallyn Pickleball Store — United Kingdom — Effective 29 March 2026

1. Who We Are

This Privacy Policy explains how Rallyn collects, uses, stores, and protects your personal data when you visit erallyn.co.uk or purchase our pickleball paddles and apparel.

Rallyn is the data controller for personal data collected through this website. As data controller, we determine how and why your personal data is processed. Our contact details are:

Rallyn (Data Controller)
7 Salcombe Road, Bristol, BS4 1AH, United Kingdom
Email: info@erallyn.co.uk
Phone: +44 7733 236110

This policy is written in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, the Privacy and Electronic Communications Regulations (PECR), and the Data (Use and Access) Act 2025, which came into force on 19 June 2025.

2. Data We Collect

We collect personal data in the following ways:

Data You Provide Directly

  • Name and contact details (email address, phone number, delivery address) when placing an order or contacting us
  • Payment information processed securely through our payment providers - we do not store full card details
  • Order details including products purchased, order value, and order history
  • Messages and enquiries submitted through our contact form
  • Marketing preferences if you subscribe to our mailing list

Data Collected Automatically

  • IP address and browser type when you visit our website
  • Pages viewed, time spent on site, and browsing behaviour via analytics tools
  • Device type and operating system
  • Referring website or search query that brought you to erallyn.co.uk
  • Cookie and tracking data as described in Section 6

Data from Third Parties

Where you purchase through Shopify's checkout, Shopify may share transaction data with us in accordance with their own privacy policy. Payment processors such as Stripe, PayPal, and Klarna process payment data on their own platforms under their respective privacy policies.

3. How We Use Your Data

We use your personal data for the following purposes:

  • Order processing - to fulfil your purchase, process payment, arrange delivery, and provide order confirmations and tracking information
  • Customer support - to respond to your enquiries, process returns or refunds, and resolve complaints
  • Account management - to manage any customer account you create on our website
  • Legal compliance - to meet our obligations under UK law including consumer protection, tax, and financial record-keeping requirements
  • Marketing - to send you news, product updates, and promotions where you have given consent or where we have a legitimate interest to do so
  • Website improvement - to analyse how visitors use our website and improve its performance and content
  • Fraud prevention - to detect and prevent fraudulent transactions and protect our business and customers

5. Third Party Sharing

We share your personal data only where necessary and with the following categories of third parties:

Shopify

Our website is built on Shopify, which processes order, payment, and customer account data on our behalf as a data processor. Shopify is certified under UK GDPR-compliant data processing agreements. For more information, see Shopify's Privacy Policy.

Payment Processors

Payments are processed by Stripe, PayPal, Klarna, and card networks (Visa, Mastercard, American Express, Apple Pay, Google Pay, Maestro). These providers process payment data under their own privacy policies and are subject to PCI DSS standards. We do not receive or store your full card details.

Delivery Carriers

We share your name and delivery address with our UK delivery partners to fulfil your order. These carriers process your data solely for the purpose of delivering your parcel.

Analytics Providers

We use analytics tools to understand website usage. These tools may collect anonymised or pseudonymised data about browsing behaviour. Where personal data is processed, appropriate safeguards are in place.

What We Never Do

  • We do not sell your personal data to any third party
  • We do not share your data with advertisers for targeting purposes without your consent
  • We do not transfer your data outside the UK without ensuring adequate protections are in place

6. Cookies and Tracking

Our website uses cookies and similar tracking technologies. Cookies are small text files stored on your device that help us operate the website, understand how it is used, and improve your experience.

In line with the Data (Use and Access) Act 2025 updates to PECR, consent is not required for strictly necessary cookies. For all other cookie categories we obtain your consent.

Category Purpose Consent Required
Strictly Necessary Essential for the website to function - shopping cart, checkout session, security tokens No
Analytics Understand how visitors use our site, page performance, traffic sources Yes
Preferences Remember your settings and preferences across visits Yes
Marketing Track conversions and deliver relevant advertising Yes

You can manage or withdraw your cookie consent at any time through your browser settings or our cookie banner. Withdrawing consent for non-essential cookies will not affect the functionality of your shopping cart or checkout.

7. Marketing Communications

We may send you marketing emails about new products, promotions, and updates related to Rallyn pickleball equipment and apparel in the following circumstances:

  • New subscribers - where you have explicitly opted in to receive marketing communications from us
  • Existing customers - where you have purchased from us and we are marketing similar products, under the soft opt-in rule, unless you have opted out

Every marketing email we send includes a clear and easy one-click unsubscribe link. You can also opt out at any time by emailing info@erallyn.co.uk with the subject line "Unsubscribe".

Unsubscribing from marketing does not affect transactional emails such as order confirmations, dispatch notifications, or responses to your enquiries.

We do not engage in SMS marketing, cold calling, or postal marketing without your explicit consent. In accordance with the DMCCA 2024, we do not post or commission fake reviews.

8. Data Retention and Deletion

We retain your personal data only for as long as necessary for the purposes set out in this policy, or as required by UK law. Our general retention periods are:

  • Order and transaction records - 7 years, in line with HMRC financial record-keeping requirements
  • Customer account data - for the duration your account is active, plus 2 years after your last interaction
  • Contact form enquiries - up to 2 years from the date of correspondence
  • Marketing consent records - for the duration of the marketing relationship plus 1 year after opt-out
  • Analytics data - up to 26 months in anonymised or aggregated form

When your data is no longer required, it is securely deleted or anonymised. You may request earlier deletion of your personal data under your right to erasure, subject to our legal obligations to retain certain records.

9. Your UK GDPR Rights

Under UK GDPR and the Data Protection Act 2018, you have the following rights in relation to your personal data:

Right of Access

Request a copy of the personal data we hold about you (Subject Access Request).

Right to Rectification

Ask us to correct inaccurate or incomplete personal data about you.

Right to Erasure

Request deletion of your personal data where there is no overriding legal reason to retain it.

Right to Restriction

Ask us to restrict how we process your data in certain circumstances.

Right to Portability

Receive your data in a structured, machine-readable format to transfer to another service.

Right to Object

Object to processing based on legitimate interests, including direct marketing.

Withdraw Consent

Withdraw consent for marketing or non-essential cookies at any time without affecting past processing.

Right to Complain

Lodge a complaint with the ICO at ico.org.uk or call 0303 123 1113.

To exercise any of these rights, contact us at info@erallyn.co.uk with the subject line "Data Rights Request". We will respond within one calendar month as required by UK GDPR. We may need to verify your identity before processing your request.

ICO Contact Details: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF
Website: ico.org.uk — Helpline: 0303 123 1113

10. Data Security

We take the security of your personal data seriously and implement appropriate technical and organisational measures to protect it from unauthorised access, loss, alteration, or disclosure. These measures include:

  • SSL encryption across all pages of erallyn.co.uk
  • Secure processing of payment data through PCI DSS-compliant providers
  • Access controls limiting who within Rallyn can access customer data
  • Regular review of our data handling practices

No method of transmission over the internet is completely secure. While we do our best to protect your personal data, we cannot guarantee absolute security. In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will notify the ICO within 72 hours and inform affected individuals where required by UK GDPR.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our data practices, legal requirements, or business operations. Any changes will be published on this page with an updated effective date.

We recommend checking this page periodically. For significant changes that materially affect how we use your data, we will notify you by email where we hold your contact details.

This policy was last updated on 29 March 2026.

Questions About Your Data?

If you have any questions about this Privacy Policy, want to exercise your rights, or have a concern about how we handle your data, contact us directly.

Contact Us