Privacy Policy

What is GDPR (General Data Protection Regulation)?

The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) is a regulation by which the European Parliament, the Council of the European Union, and the European Commission intend to strengthen and unify data protection for all individuals within the European Union (EU). It creates consistent data protection rules across Europe and applies to companies who are based in the EU and global companies who process personal data about individuals in the EU. The regulation came into effect on the 25th May 2018.

How does GDPR affect you?

If you process personal data of any person in the EU, GDPR will apply to you regardless of whether you’re based in the EU or not. Besides strengthening and standardizing user data privacy across the EU nations, it will require new or additional obligations on all organizations that handle EU citizens’ personal data, regardless of where the organizations themselves are located.

You can read the full General Data Protection Regulation here.

GDPR’s concept of ‘Personal Data’ is explained in this article.

How is The-Mad-Group (HQ) Ltd compliant with GDPR? take the security of your data very seriously. uses an Extended Validation Thwate SSL so that you know exactly who you are dealing with and to ensure information is encrypted before being transmitted over the internet. Encryption makes it very difficult for unauthorized people to view information travelling between computers. It is therefore unlikely anyone can read this page as it travels across the network.

We endeavour to take all reasonable steps to protect your personal information. However, we cannot guarantee the security of any data you disclose online. You accept the inherent security risks of providing information and dealing online over the Internet, and will not hold us responsible for any breach of security unless this is due to our negligence or wilful default.
Please see our updated Privacy Policy below. Privacy Policy & DATA PROTECTION

This statement outlines how we obtain your personal information and how it is used. Please be assured; we take the issue of the privacy of your personal information very seriously.
1. Who is collecting the data?
The-Mad-Group (HQ) Ltd is collecting your data, which is stored on our secure servers and web servers maintained by Gravit-e 
2. Who is the Data Controller and Data Protection Officer?
Your personal data collected by is controlled by The-Mad-Group (HQ) Ltd, which is located at 430 Enterprise Way, Vale Park, Evesham, Worcestershire, WR11 1AD, UK.’s  EU Data Protection Officer is located at the same address and can also be reached by email at custo[email protected]
3. What data is being collected?
Your name, address, email address, phone number, customer segmentation and transaction history. If you have subscribed to any newsletters we also store information regarding your preferences. & The-Mad-Group (HQ) Ltd do not store any credit card, PayPal, or other payment details.
4. What is the legal basis for processing your data?
Your data is held solely for the purposes of fulfilling our business contract and information requests received from you including administering any accounts, processing and obtaining payment, delivering your orders and providing product safety information. In addition to this, we shall also process your data if consent has been provided by you for us to use your data for the provision of marketing information, you can be unsubscribed from all marketing communication at any time. 
5. Will your data be shared with any third parties?
Your data will not be shared with 3rd parties except in the fulfilment of any business contract e.g. supplying your delivery information to our delivery companies or, supplying transactional detail to payment processors or IT support.
6. How will the information be used?
To fulfil our agreement with you, including administering any accounts, processing and obtaining payment, delivering your orders or requested marketing information, and for the administration of any competitions, you may enter. In exceptional circumstances, it may be used for fraud prevention and detection
7. How long will your data be stored for?
Personal data which has related transactional data will be stored for a minimum of 7 years in line with legal requirements. Personal data for those without transactional details will be purged approximately every 2 years if users unsubscribe from marketing communications. Personal data for those without transactional details will be deleted upon request at any time.
8. Your right to see the data we store about you
You have the right under the General Data Protection Regulation to request from access to and rectification, or erasure of:your personal data, data portability, restriction of processing of your personal data, the right to object to the processing of your personal data, and the right to lodge a complaint with a supervisory authority. If you reside outside of the European Union, you may have similar rights under your local laws. Information requested will be provided within 30 days as per GDPR legislation.
9. Email Marketing

The-Mad-Group (HQ) Ltd use a third party email service provider, MailChimp, to send you our emails.  To allow us to send our emails through MailChimp, we provide MailChimp with certain information, including your name, email address, country of residence, customer type and interest. MailChimp treats information about you in accordance with the provisions of its Privacy Policy.  MailChimp also utilizes certain technologies, such as pixels and web beacons, in the emails that are sent through MailChimp. These technologies allow MailChimp to track whether you have opened or clicked on our emails and if so, the date, time, and IP address associated with the open and/or click. For more information on MailChimp's use of these technologies, you can read their Cookie Statement.  

10. Live Chat

The Mad Group (HQ) Ltd use a third-party Live Chat service provider, treats any information collected about you in accordance with the provisions of its Privacy Policy, which can be viewed online here Like most internet-service operators, collects non-personally-identifying information of the sort that web browsers, apps and servers typically make available, such as the browser type, language preference, geographical location, referring site, and the date and time of each visitor request.’s purpose in collecting non-personally identifying information is to better understand how’s visitors use its services, and to provide users the ability to understand how their visitors use their services. From time to time, may release non-personally-identifying information in the aggregate, e.g., by publishing a report on trends in the usage of its services. also collects potentially personally-identifying information like Internet Protocol (IP) addresses for users that use the services and visitors.

For further information about and how they use your data, please visit their website.


11. How can I raise a data related complaint?
Please contact [email protected] outlining your concerns
To request access to or rectification, portability or erasure of your personal data, or to delete your account, or you wish to exercise your right to restriction of processing or your right to object to processing, please contact’s  EU Data Protection Officer at 430 Enterprise Way, Vale Park, Evesham, Worcestershire, WR11 1AD, UK or email [email protected]
When ordering or submitting inquiries to you are agreeing to the use of your personal information as laid out above. For information on our cookie policy please visit our Cookie Policy page 
Please be aware we are not responsible for the data policies or procedures or the content of websites linked to If you have any comments or queries in connection with our privacy policy, please e-mail us at [email protected]

Back to top
back to top