Privacy Policy
Privacy Policy
The Fluid Power Catalogue & Its Sister Companies
Effective Date: 1st January 2023
Last Updated: 5th March 2025
1. Introduction
The Fluid Power Catalogue website and Sturdy Fluid Power LTD are part of Flowtech plc, a group of businesses supplying hydraulic and pneumatic components, solutions, and services. Our Privacy Policy applies to The Fluid Power Catalogue website and Sturdy Fluid Power LTD and our 18 sister companies, collectively referred to as ‘we,’ ‘us,’ and ‘our’ throughout this document. A full list of our subsidiaries is available upon request.
This Privacy Policy outlines how we collect, use, share, and safeguard your information in compliance with the UK General Data Protection Regulation (UK GDPR).
2. About Sturdy Fluid Power
Sturdy Fluid Power is a leading provider of fluid power solutions. Our organisation includes 18 sister companies that collaborate to deliver a wide range of products and services. A full list of these companies is available upon request.
3. Data Controller & Data Processor Roles
The Fluid Power Catalogue and Sturdy Fluid Power Ltd is the Data Controller for the personal data collected directly through our services, website, and business operations. In some cases, Flowtech may also act as a Data Processor when handling data on behalf of our business customers who remain the Data Controller. In such instances, we adhere to strict contractual obligations to ensure compliance with GDPR and data security requirements.
4. Data We Collect
We may collect and process the following types of personal data:
- Personal Identification Data: Name, address, telephone number, email address.
- Account & Transaction Data: Purchase history, login credentials, payment details.
- Technical & Usage Data: IP addresses, browser type, operating system, cookies.
- Marketing & Communication Preferences: Subscription choices, interests.
- Business Interactions: Correspondence, feedback, and customer service inquiries.
5. How We Collect Your Data
We collect personal data through the following means:
- Direct Interactions: Information you provide via our website, telephone, email, or in-person communications.
- Automated Technologies: Data collected automatically through cookies and similar tracking technologies when you interact with our website.
- Third-Party Sources: Information obtained from third-party business partners and publicly available sources.
6. Purpose of Data Processing
We process your data to:
- Provide, manage, and improve our products and services.
- Process transactions, manage orders, and administer accounts.
- Communicate with you about products, services, and promotions.
- Comply with legal and regulatory obligations.
- Detect and prevent fraud and security threats.
- Share information within the Flowtech Group and its sister companies to enhance service delivery and compliance.
7. Legal Basis for Processing
Our legal bases for processing your personal data include:
- Contractual Necessity: Processing necessary for contract performance.
- Legal Obligation: Processing necessary to comply with legal requirements.
- Legitimate Interests: Processing necessary for business operations, balanced against your rights.
- Consent: Processing based on your consent, particularly for marketing communications and certain cookies.
8. AI & Automated Decision-Making & Profiling
We may use artificial intelligence (AI) and automated decision-making profiling in specific scenarios, such as fraud detection or targeted marketing. Individuals have the right to request human intervention, express their point of view, and contest automated decisions by contacting us at enquiries@thefluidpowercatalogue.com
9. Sharing & Disclosure of Data
We may share data with our sister companies, with trusted service providers (IT, logistics, legal advisors), and regulatory authorities where legally required. We do not sell personal data.
Your data may be shared:
- Within Sturdy Fluid Power Group: Other members of plc, for the purpose of providing you with the services that you have requested and to improve our customer insights for service improvement.
- With Service Providers: Such as logistics partners (for shipping), IT and digital partners (for website optimisation, statistical analysis, business insight, product recommendations) and sometimes professional and legal advisors.
- Legal and Regulatory Authorities: e.g. customs authorities (for international shipping), law enforcement, governmental authority or credit check companies (to report a fraud or fulfil a lawful request). We do not provide information to these agencies or companies for marketing or commercial purposes.
- Business Transactions: If we sell any part of our business or its assets, customer personal information may be disclosed to a potential buyer. In such cases, we will take reasonable steps to ensure the buyer is bound by the terms of this privacy policy.
We may also disclose personal information where necessary to protect the rights, property, or safety of our business, customers, employees, or the public, or where legally permitted or required.
Except as outlined above, we will not share personal information with third parties without your consent unless required by law.
Anonymous data may be stored on servers within the European Economic Area (EEA) or internationally with partners such as Microsoft and Google, where appropriate agreements are in place to ensure compliance with GDPR-level protections. Certain third-party organisations may use cookies to identify your browser and internet device when you visit our site. You can manage this by referring to our cookie policy.
We do not sell personal data to third parties. Any data sharing is conducted under strict confidentiality agreements and in compliance with GDPR.
10. International Data Transfers
If personal data is transferred outside the UK or EU, we ensure compliance through:
- Adequacy Decisions: Countries deemed to have adequate protection by regulatory bodies.
- Standard Contractual Clauses (SCCs): Approved safeguards for international transfers.
- Binding Corporate Rules (BCRs): For intra-group transfers.
- Transfer Impact Assessments (TIAs): Evaluating risks before data transfer.
Our key third-party service providers, including Microsoft and Google, store some data in the USA and EEA under SCCs and encryption standards.
11. Data Retention Policy
We retain personal data only as long as necessary:
System
Type of Data
Purpose
Retention
Customer Data Platform / Analytics platform(s)
Customer and contact names, addresses and emails, orders and transactions, website visits
Analysis and Marketing
5 years
Email Service Provider
Customer and contact names and emails
Email Marketing
5 years
Web personalisation
Email addresses, preferences
Tailored content based on customer profile
90 days
Customer databases and order processing
Customer and contact names, addresses and emails, bank details, orders and transactions
Order processing
2 years
Customer sales information
10 years
Cookies
Various
Web and performance monitoring, security and targeted marketing
See cookie policy
Exceptions
Information will only be retained beyond its retention period in limited circumstances including;
- If the information required to fulfil statutory or regulatory requirements
- If the information relevant to ongoing litigation / subject to a legal hold / public enquiry
- If the information the subject of an information request or relate to information recently disclosed in a response
- If retention is required to evidence events in the case of a dispute
In these circumstances the data retention period will be extended by 2 years.
12. Data Security Measures
We implement strict security measures to protect your data, including:
- SSL encryption & secure login processes.
- Regular penetration testing.
- Third-party compliance audits.
- Strict access controls and internal policies.
However, no website or internet transmission is entirely secure. While we take every reasonable measure to protect your data, we cannot guarantee that unauthorised access, hacking, data loss, or breaches will never occur. You are responsible for safeguarding your passwords and account credentials and ensuring that your personal information with us remains accurate and up to date.
This website may contain links to external sites beyond our control. We are not responsible for the privacy practices of those third-party websites.
13. Cookies & Tracking Technologies
Our website uses cookies and similar technologies. These include:
- Essential Cookies: These cookies are necessary for the website to function correctly, including secure login, navigation, and access to protected areas.
- Performance & Analytics Cookies: We use cookies to collect information about how visitors interact with our website. This helps us analyse and improve performance, usability, and content.
- Marketing Cookies: Some cookies help us deliver relevant advertisements and measure the effectiveness of our marketing campaigns by tracking user activity across our website.
- Security & Fraud Prevention: We use cookies to detect and prevent fraudulent activity, enhance website security, and protect user data.
You can manage cookie preferences via our Cookie Settings in compliance with UK PECR regulations.
14. Your rights
Under the terms of UK data protection legislation, you have the following rights;
- Your Right to be Informed. This Privacy Policy, together with our Cookies Policy and Data Retention Policy, fulfils our obligation to tell you about the ways in which we use your information as a result of you visiting this website.
- Your Right to Access. You have the right to ask in writing for a copy of any Personal Information (a “Subject Access Request”) In most cases you can obtain this information at no cost (we would discuss with you in advance if this was not the case). Information will be supplied within 30 days of request. To make a request, please write to us using the email or postal address in section 7.
- Your Right to Rectification. If information we hold about you is inaccurate, please contact us. We will be happy to make corrections promptly (within 30 days of notification).
- Your Right to be Forgotten. You can ask that we erase all personal information that we hold about you. Where it is appropriate that we comply within 30 days.
- Your Right to Object. You can update your cookies settings to object and stop any information being held. For further information, please refer to our cookie policy.
- Your Right to Restrict Processing. Can unsubscribe at any time should you wish to restrict any use of your data please contact our email/address above.
- Your Right to data Portability. Whilst we respect this right we do not hold any portable data.
- Your Rights related to Automated Decision-Making. Marketing emails we send you may also automatically detect whether you have received or opened the email or clicked on a link in our marketing materials. We use this information for our own performance measurement, but also so that we can tailor our promotional messages and advertising to you. You may opt out at any time.
- Data privacy and security. We have an appropriate data security policy and our sub-processing partners including Microsoft and Google meet high standards of data management. All of our websites are covered with a minimum SSL Standard. Data protection is a key consideration of all IT systems that hold data. Where any risks are identified we conduct assessments to determine any corrective actions.
15. Contact Us
To exercise your rights under GDPR, contact us at:
Sturdy Fluid Power Ltd
Email:enquiries@thefluidpowercatalogue.com
Phone: +44 (0) 845 50505 3040
Address:
Linden House
Monk Street
Abergavenny
Monmouthshire
NP7 5NF
Data Protection Committee
Flowtech plc
Bollin House
Bollin Walk
Wilmslow
SK9 1DP
For complaints, you may also contact the Information Commissioner's Office (ICO):
Post:
Information Commission,
Wycliffe House
Water Lane,
Wilmslow,
Cheshire,
SK9 5AF
Helpline: 0303 123 1113
Website:
15. Disclaimer
We are committed to complying with GDPR. Upon request, we will provide any personal data we hold and will correct or remove it as required. Sturdy Fluid Power is the Data Controller for information collected and processed through this website.
Website Information
Our website provides information about our company, products, and services. While we make every effort to ensure accuracy, we do not guarantee that all information is error-free, and we disclaim liability for any inadvertent mistakes or omissions. We may update or amend content at any time without notice. Any material accessed or downloaded from our website is at your own risk, and we recommend using appropriate security measures, including anti-virus software. Links to external websites are provided for convenience; however, we are not responsible for their content or liable for any issues arising from their use.
Technical/Product Information
Technical drawings, designs, and information on our website are for reference only and may contain inaccuracies. We do not guarantee their completeness, accuracy, or currency. Any reliance on such information is at your own risk, and we are not liable for any direct, indirect, or consequential loss or damage arising from its use.
Intellectual Property
All intellectual property rights, including copyright, in the site's design, text, graphics, technical drawings, and other content belong to us or our licensors. Reproduction of any material is permitted only for personal, non-commercial use and must retain all original copyright or intellectual property notices. The products, technology, designs, or processes described on this website may be subject to additional intellectual property rights held by Sturdy Fluid Power Ltd or third parties. No licence is granted for such rights.
By using our website, you consent to our Privacy Policy and agree to our Terms and Conditions.