Privacy and GDPR Policies

Timber Tracks takes your privacy seriously. Please read the following to find out more about our policy towards this issue.


  • Personal Information - This is information that personally indentifies you. (i.e. Name, address, Telephone number and payment details etc.)
  • Trading name - Timber Tracks

What this privacy statement covers

  • This privacy statement covers the treatment of personal information that is supplied via this web site.
  • This also includes information that may be requested for any downloads from this web site.
  • This privacy statement does not cover any companies that we may have to supply information to while processing an order for products or services that you have requested.

The collection and use of information

  • Timber Tracks collects personal information whenever an order is placed by an individual or business.
  • Or when downloading some items from our web site.
  • This information is used in the processing of any orders for products or services the individual or business has placed with us.

Information disclosure

  • Any personal information you supply will only be used in relation to any order placed for products or services supplied by Timber Tracks.
  • No personal information will be given or divulged to any other person or third party outside Timber Tracks, unless it is required to provide a product or service requested by you;
  • Or if ordered to do so by court order or legal process.


  • Where appropriate personal information and any other such like data will be transmitted via industry standard SSL encryption.
  • If at any time you believe that your personal information has been gained by another person via Timber Tracks then please contact us immediately, we will do our best to determine and correct the problem promptly.


  • If you have any questions or comments with regard to our privacy statement, then please email us at

General Data Protection Regulations.  Our policy.

On 25th May 2018 the General Data Protection Regulation (GDPR) replaced the Data Protection Act 1998. This makes it easier for you to understand what personal data is held and how it is used, and ensures that it is used transparently, fairly and lawfully. The principles to which we must abide by are as follows:

  • we will process all personal data fairly and lawfully
  • we will only process personal data for specified and lawful purposes
  • we will endeavour to hold relevant and accurate personal data, and where practical, we will keep it up to date
  • we will not keep personal data for longer than is necessary
  • we will keep all personal data secure
  • we will endeavour to ensure that personal data is not transferred to countries outside of the European Economic Area (EEA) without adequate protection

The following explains how we comply with these regulations.

When you place an order, you provide your name, address and contact details. This is stored on our database, together with the order details. We need this information so as to be able to process your order.  The data we can see is the same as can be seen by you. However, your log-in user name and password are not revealed to us.  You can amend/update this data at any time.

We have no access to your payment card details, which are held by Global Iris, (part of HSBC). Instead, they advise us that they have debited your account with the invoice sum and will credit this to our bank account in three working days.

This data is stored on our database electronically for as long as is necessary to run our business efficiently. We do not use your personal data in any way. Instead, the order details are used solely for the purpose of stock control and monitoring sales of our products.

The use of passwords, firewalls, anti-virus and malware software ensures your data is being held securely. Our location – 1.5 miles from a public road, with the access lane being monitored 24/7 by  day and night vision cameras, an automatic vehicle number plate reader, together with other security systems, minimises the risk of the physical theft of our computer systems.

We do not sell on, or share your personal data.

If you have concerns about the way your data is being handled, you have the right to complain to the Information Commissioner’s Office, who may be contacted on 0303 123 1113.