Privacy Statement

At CODA COMMERCE LTD  Registered number 03874501 , Unit 16 Wellington Business Park, Dukes Ride, Crowthorne, Berkshire RG45 6LS, ICO Registration ZB507341 we understand the importance of your privacy and are dedicated to safeguarding your personal data. Our privacy notice is designed to provide you with all the necessary information about how we handle your personal data, including details on your privacy rights and legal protections. Trust us to keep your personal information secure.

Our privacy policy notice is designed to give you clear and concise information on how we collect and process your personal data. This includes any data that you may provide to us through our website, when you visit our offices, make an enquiry, sign up to our newsletter or purchase a product or service. To ensure that you are fully informed about how we use your data, we may also provide additional privacy notices or fair processing notices on specific occasions when we are collecting or processing personal data about you. It is important that you read these notices in conjunction with our privacy policy notice.

Please note that this privacy policy notice is intended to supplement any other notices that we provide and is not intended to override them. We want you to be fully informed about how we use your personal data, so please take the time to read this notice carefully.

Ensuring the accuracy and currency of your personal data is of utmost importance to us. In order to maintain this accuracy, we kindly request that you keep us informed of any changes to your personal data during your relationship with us. Please note that we may update our privacy policy periodically. Should any changes be made, we will notify you in advance by posting a notice on our websites. Additionally, we may also send you a notification where appropriate.

At our company, safeguarding your personal information is a top priority. We have implemented stringent measures to ensure that your data is secure and inaccessible to unauthorized parties. Rest assured that any personal information you provide us through email or a form will be kept confidential and used only for the purpose it was intended. We never rent or sell your personal information to third parties. Please be aware that we may record all telephone calls for training and monitoring purposes, in compliance with the UK Data Protection Act and other legislation.

Our commitment to protecting your privacy is clearly stated in our Privacy Statement. This document outlines how we collect and use your personal information when you use our website and services. We strive to provide you with all the information you need to make informed decisions when using our products and services. All personal information collected by us is handled in accordance with the UK General Data Protection Regulation.

If you have any questions about what information we collect and how we handle it, please contact us by emailing

Our collection of data about you includes personal information, which refers to any data that can identify an individual based on the content, purpose, or use of that information. This excludes anonymous data, which does not reveal one’s identity.

To provide you with our services, we may collect, use, store, and transfer various types of personal data about you. We’ve categorized these into the following groups:

Identity Data

Identity Data is a crucial piece of information that can include your first and last name, email address, postal address, phone number, and vehicle registration number. It may also include your job description, company name, and other contact details that are necessary to establish your identity.

Financial Data

Financial data refers to sensitive information like credit card details, payment records, and other financial transactions.

Transaction Data

Transaction Data provides information about all payments made to and from you, as well as any products or services you have purchased from us.

Technical Data

Our Technical Data provides valuable insights into your interaction with our website. This data includes your IP address, click stream data that tracks your browsing activity on our site, the source website address from which you reached us, and the type of device you are using to access our platform.

CCTV Data:

Our CCTV system gives you access to in the form of recorded video, providing visual evidence for  security measures.

Marketing and Communications Data

Marketing and Communications Data refer to the information we collect about your preferences in receiving marketing communications from us and our third-party partners, as well as your communication preferences. This data enables us to tailor our marketing efforts to your specific interests and needs.



How is your personal data collected

Your personal data is collected through various methods, including direct interactions and automated technologies. When you fill in forms, correspond with us by phone, email, or post, or purchase our services, you may give us your identity data and financial data. Additionally, when you subscribe to our newsletter or publications, request marketing materials, participate in market research, or enter a competition or survey, we may collect your personal data.

We also use automated technologies such as cookies, server logs, and similar technologies to collect technical data about your equipment and browsing behaviour as you interact with our website. This information is used to improve our services and provide a better user experience.

How we use your personal data

Here are the circumstances in which we may use your personal data:-


To perform a contract we are about to enter into or have entered into with you
Legitimate Interest

– When it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests

– To prevent fraud or default

– To comply with a legal or regulatory obligation


We generally do not rely on consent as a legal basis for processing your personal data, except in relation to sending third-party direct marketing communications to you via email or text message. In some cases, we may rely on a soft opt-in to send electronic direct marketing messages when you have purchased services from us. You have the right to withdraw consent or opt-out of marketing at any time by contacting us or by following the instructions for opt-out.

How Do We Protect Your Information?

We hold data security in high regard and adhere to strict standards. However, it is important to note that transmitting information over the internet is never completely secure. Despite our best efforts to safeguard your personal information, we cannot offer a guarantee of its complete security. By transmitting your information to us, you do so at your own risk. Upon receipt of your information, we employ stringent procedures and security measures to ensure its safety.



Purposes for which we will use your personal data

Please find outlined below a comprehensive description of all the ways in which we intend to utilize your personal data, accompanied by an identification of the legal bases that we rely on to do so. Where deemed relevant, we have also highlighted our legitimate interests.

Purpose Type of data Lawful basis for processing including basis of legitimate interest
To respond to enquiries about our services a)    Identity

b)    Technical


Performance of a contract with you.
To deliver our services a)    Identity

b)    Financial

c)    Transaction

d)    Marketing and Communications

Performance of a contract with you.


Necessary for our legitimate interests: to recover debts due to us;
for direct marketing purposes; and
to study how customers use our services.

To ensure the smooth functioning and security of our business and website, we undertake necessary measures such as troubleshooting, data analysis, testing, system maintenance, support, reporting, and hosting of data Identity


Necessary, in pursuit of our legitimate interests, to engage in activities that facilitate the smooth running of our business. These activities include the provision of administration and IT services, implementation of network security measures, and the prevention of fraud. Additionally, in the event of a business reorganization or a group restructuring exercise, such activities may also be necessary.

Necessary to comply with a legal obligation

To use data analytics to improve our website, products, services and marketing a)    Technical necessary, in pursuit of our legitimate interests, to define the various types of customers for our products and services. We also strive to keep our website updated and relevant, as well as to develop our business and inform our marketing strategy.


International transfers

We uphold strict compliance with EU data protection laws, hence we do not transfer any of your personal data outside the European Economic Area (EEA) unless it is necessary for us to do so. There may be instances where the information we hold may have originated outside the EEA We may also transfer your personal data outside the EEA when required by law.

Data security

We have implemented stringent security measures to safeguard your personal data against any accidental loss, unauthorized access, misuse, alteration, or disclosure. Furthermore, we strictly restrict access to your personal data to only those employees, agents, contractors, and other third parties who have a legitimate business need to know. They are required to process your personal data only on our instructions and are bound by a strict duty of confidentiality. We have also established comprehensive procedures to address any suspected data security breach and will promptly notify you and any relevant regulatory authority of any such breach where we are legally obligated to do so.

Data retention

Coda Commerce Ltd want to assure you that we will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of meeting any legal, accounting, or reporting requirements. To determine the appropriate retention period for your personal data, we carefully consider several factors including the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data, and whether we can achieve those purposes through other means. Additionally, we take into account any applicable legal requirements.

For your convenience, details of retention periods for different aspects of your personal data are available in our retention policy. If you would like to request the relevant section of our retention policy, please do not hesitate to contact us at the email address provided in the Contact section of this document. Thank you for entrusting us with your personal information.

Your legal rights

Under certain circumstances, you have rights under data protection laws in relation to your personal data.

Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.

Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.

Request erasure of your personal data. This grants you the ability to ask us to delete or remove your personal data in cases where there is no justifiable reason for us to continue processing it. Furthermore, you hold the right to request the deletion or removal of your personal data if you have successfully exercised your right to object to processing, as mentioned below.

Object to processing here may be situations in which you do not wish us to process your personal data, specifically when we rely on a legitimate interest (or those of a third party), and you feel that such processing may impact your fundamental rights and freedoms. In such cases, you have the right to object to such processing. Additionally, if we are processing your personal data for direct marketing purposes, you also have the right to object.t

Request restriction you have the right to request the restriction of processing of your personal data. This right enables you to request the temporary suspension of the processing of personal information about you, for instance, if you wish to verify its accuracy or the purpose for which it is being processed. We strive to ensure that your personal data is processed in compliance with all applicable laws and regulations.

Request  Data Portability The right to data portability gives individuals the right to receive personal data they have provided to a controller in a structured, commonly used and machine readable format. It also gives them the right to request that a controller transmits this data directly to another controller.

Right to withdraw consent As an individual, you possess the right to withdraw your consent for the collection, processing, and transfer of your personal data, under specific circumstances. In case you have previously provided your consent for a particular purpose, you hold the right to withdraw it for that specific processing at any given time. This right is in compliance with our commitment to respect your privacy and personal data.

Automated decision-making, including profiling

Subject to certain exceptions as described below, you have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.

Circumstances where this does not apply include: where such processing is necessary for entering into or performing a contract with you (such as an employment contract); where such processing is authorized by EU or other applicable law; or where it is based on your prior, explicit consent (which may always be withdrawn).


However, we do not, at the date of this document, make such decisions or carry out such profiling.  If we intend to in future, we will provide you with advance notice as required by DP Laws, including the GDPR.

If you wish to exercise any of the rights set out above, please contact us via email provided in the Contact section of this document and we will endeavour to resolve them as soon as practically possible.

As per your right to data protection, you are entitled to make a complaint at any time to the supervisory authority. In the United Kingdom, the appropriate authority is the Information Commissioner’s Office (ICO) and in Ireland, it is the Data Protection Commissioner (DPC). To file a complaint with the ICO, you may visit their website at

We value your concerns and would appreciate the opportunity to address them directly before escalating the matter to the supervisory authority. Therefore, we kindly request that you contact us in the first instance.

We would like to inform you that you will not be charged any fee for accessing your personal data or exercising any of your rights. However, if your request is found to be clearly unfounded, repetitive, or excessive, we may levy a reasonable fee for processing the request. In certain situations, we may also refuse to comply with your request.

To ensure the protection of your personal data and to confirm your identity, we may require specific information from you. This is a security measure that guarantees that no unauthorized person can gain access to your personal data. Additionally, we may reach out to you for further information related to your request, which will help us expedite our response. Thank you for your cooperation in maintaining the safety and privacy of your personal information.