Polyaire
Request a Quote

Privacy Policy

Last updated: 1 June 2026

Polyaire Limited (company number 02780551, trading as Polyaire UK) respects your privacy and is committed to protecting your personal data. This policy explains how we collect, use, and look after your information when you visit our website or get in touch with us.

We supply products to customers in the United Kingdom, the Republic of Ireland, and other parts of Europe. This policy addresses our obligations to data subjects under both UK GDPR (for UK residents) and EU GDPR (for EU residents). The two regimes give you substantially the same rights, and we apply the same standards across both.

1. Who we are

We are the data controller for the personal data we hold about you. This means we are responsible for deciding how and why your personal data is used.

  • Company: Polyaire Limited

  • Trading name: Polyaire UK

  • Company number: 02780551

  • Registered office: Headlands House, 1 Kings Court, Kettering Parkway, Kettering, NN15 6WJ

  • Trading address: 3-4 Torridge Close, Telford Way Industrial Estate, Kettering, NN16 8PY

  • ICO registration: ZC149057

  • Contact for privacy queries: sales@polyaire.co.uk or 01536 519 922

Our corporate group

Polyaire Limited is part of a corporate group which includes Polyaire Pty Ltd, an Australian-registered company. References in this policy to "our group" or "group companies" include Polyaire Pty Ltd and any other affiliated entity in the group. Where personal data is shared with our group companies, it is governed by a binding intra-group data sharing agreement which includes the safeguards required by law for cross-border transfers (see Section 6).

EU Representative

We value your privacy and your rights as a data subject and have therefore appointed Prighter Group with its local partners as our privacy representative and your point of contact for the following regions:

  • European Union (EU)

Prighter gives you an easy way to exercise your privacy-related rights (e.g. requests to access or erase personal data). If you want to contact us via our representative, Prighter or make use of your data subject rights, please visit the following website: https://app.prighter.com/portal/17175836631.

2. What information we collect

We only collect the information we need to respond to your enquiries and run our business.

When you contact us through this site we collect: your first and last name, email address, and the message you send us. You may also choose to provide your phone number and company name.

When you place an order or open a credit account we collect: your business details (company name, registered address, delivery address), the name and contact details of the individual(s) we deal with at your business, order and transaction information, payment information (excluding card numbers — these are processed by our payment processor), and (for credit accounts) business credit information, trade references, and personal guarantee information where applicable.

When you browse the site, and only if you accept analytics cookies, we collect: an anonymised IP address, browser type, pages visited, and how you arrived at the site. See Section 4 for details.

Personal data of sole traders and named individuals

Our customer base includes sole traders, partnerships of named individuals, and other small businesses where the business is identified by reference to a natural person. The names of such persons constitute personal data under both UK GDPR and EU GDPR, and this policy applies to them in the same way as to any other natural person.

Categories not collected

We do not collect special-category data (health, biometrics, religious beliefs, racial or ethnic origin, political opinions, sex life or sexual orientation) in the ordinary course of our business. This site is intended for trade and business customers and is not directed at children under 18; we do not knowingly collect personal data from children.

3. How we use your information and our lawful basis

GDPR requires us to identify a lawful basis for each way we use your personal data. The lawful bases under UK GDPR and EU GDPR are the same and are set out in Article 6. We rely on the following bases for the following purposes:

  • Replying to your enquiry or quote request — legitimate interests (responding to the question you asked).

  • Processing your order and providing customer service — performance of contract; legitimate interests.

  • Operating a credit account and assessing creditworthiness — performance of contract; legitimate interests; legal obligation.

  • Processing payments and managing accounts receivable — performance of contract; legal obligation (HMRC and equivalent EU tax authorities).

  • Keeping accurate business records — legitimate interests; legal obligation (HMRC).

  • Site analytics — consent (you accept analytics cookies in our banner).

  • Detecting spam and abuse on our website — legitimate interests.

  • Sharing information with our group companies for group operational, financial, and management reporting purposes — legitimate interests (Recital 48 GDPR).

  • Complying with legal and regulatory obligations — legal obligation.

  • Establishing, exercising, or defending legal claims — legitimate interests.

We do not currently send marketing emails to our customers. If we introduce a marketing list, we will ask for separate opt-in consent first.

4. Cookies and similar technologies

We use cookies only after you give consent through our cookie banner.

  • Strictly necessary cookies (always on): keep the site working and remember your cookie choice.

  • Analytics cookies (off until you accept): Google Analytics 4. Used to count visits and understand which pages are useful. IP addresses are anonymised. We do not use these for advertising.

You can change your choice at any time using the Cookie Settings link in the website footer, or by clearing this site's cookies in your browser and reloading the page.

Search queries entered into our product search are logged anonymously by Algolia for product improvement, retained for 90 days, and not linked to your identity.

5. Who we share your data with

We share personal data only with the recipients listed below.

Our group companies

We share personal data with members of our corporate group, in particular Polyaire Pty Ltd (Australia), for group operational, finance, customer service, and management reporting purposes. This includes:

  • granting Polyaire Pty Ltd personnel access to certain shared mailboxes and systems for sales support and customer service purposes;

  • sharing financial and accounting data with Polyaire Pty Ltd finance personnel for group financial reporting and oversight;

  • transferring sales and stock data to a business intelligence platform operated by Polyaire Pty Ltd for group management reporting;

  • planned access by Polyaire Pty Ltd personnel to our customer relationship management system (HubSpot) for sales support purposes following the launch of our new website.

These intra-group transfers are governed by a binding Intra-Group Data Sharing Agreement which incorporates both the EU Commission's Standard Contractual Clauses (for transfers of EU resident data) and the UK International Data Transfer Addendum to those Clauses (for transfers of UK resident data). Together these provide the appropriate safeguards required under Article 46 GDPR for transfers to countries (such as Australia) which do not benefit from an adequacy decision.

Within the group, certain analytics activities are performed by personnel located in Malaysia who act as an operational extension of Polyaire Pty Ltd. Their access to data sourced from us is limited to customer names within sales and stock metrics, is read-only, is logged, and is subject to contractual obligations equivalent to those imposed on Polyaire Pty Ltd's own personnel.

Service providers

We share personal data with trusted service providers who help us run our website and deliver our services. They process data on our written instructions:

  • HubSpot, Inc. (United Kingdom tenant) — receives contact form submissions and supports customer relationship management.

  • Google LLC (United States) — provides analytics (Google Analytics 4), only after you accept analytics cookies.

  • Algolia SAS (France) — powers our product search functionality.

  • Contentful GmbH (Germany) — stores the content shown on this site.

  • Vercel Inc. (United States, with global edge infrastructure) — hosts this website.

  • Our professional advisers (lawyers, accountants, insurers, auditors) and credit reference agencies in connection with credit account applications.

All our service providers are bound by written contracts which require them to handle personal data in accordance with our instructions and with appropriate security safeguards.

Other recipients

We may also share personal data with legal and regulatory bodies where we are required by law or court order to do so, and with prospective purchasers, sellers, financiers, or merger / acquisition partners in connection with any actual or proposed sale or restructuring of our business, in each case subject to appropriate confidentiality undertakings.

We do not sell your data and we do not share it with advertisers.

6. International transfers

Some of our group companies and service providers are located outside the United Kingdom and the European Economic Area, including Australia (Polyaire Pty Ltd), Malaysia (group analytics personnel) and the United States (HubSpot, Google, Vercel). When we transfer personal data to such countries, we rely on appropriate safeguards recognised by GDPR:

  • UK and EU adequacy decisions — for transfers to countries the UK Government or the European Commission has decided provide an adequate level of protection.

  • Standard Contractual Clauses — for transfers to Australia, Malaysia, and certain transfers to the United States, we use the EU Commission's Standard Contractual Clauses (Commission Implementing Decision (EU) 2021/914) for transfers governed by EU GDPR, and the UK International Data Transfer Addendum to those Clauses for transfers governed by UK GDPR.

  • EU-US Data Privacy Framework — for transfers to the United States where the recipient is certified under the Framework (and the equivalent UK extension).

You can ask for a copy of the safeguard we use for any specific transfer by emailing us at sales@polyaire.co.uk.

7. How long we keep your data

  • Contact enquiries: up to 24 months after the last contact, then deleted.

  • Customer and trade-account records: 7 years after the last transaction (UK tax law; EU member state requirements may vary).

  • Analytics: GA4 cookies expire after 13 months; aggregated reports may be kept longer.

  • Cookie consent choice: stored on your device for 6 months.

  • Records held for the establishment, exercise, or defence of legal claims: up to the relevant limitation period (typically up to 6 years in the UK; limitation periods in EU member states vary).

When personal data is no longer required, we delete or anonymise it securely.

8. Your rights

Under GDPR you have the following rights in relation to your personal data. They apply whether you are a UK resident under UK GDPR or an EU resident under EU GDPR — they are substantively the same under both regimes.

  • Access — request a copy of the data we hold about you.

  • Rectification — ask us to correct anything that is wrong or complete information that is incomplete.

  • Erasure — ask us to delete your data ("right to be forgotten"). Not absolute; we may be required to retain data for legal, regulatory, or contractual reasons.

  • Restriction — ask us to restrict how we use your data in certain circumstances.

  • Objection — object to our use of your data for direct marketing at any time, and to certain other uses on grounds relating to your particular situation.

  • Portability — ask us to provide your data in a structured, commonly used, machine-readable format.

  • Withdraw consent — where we rely on your consent, you can withdraw it at any time.

  • Automated decision-making — we do not currently make decisions about you using solely automated processing or profiling.

To exercise any of these rights, email sales@polyaire.co.uk. EU residents may also contact our EU Representative using the details in Section 1. We respond to valid requests within one calendar month.

9. Complaints

If you are not satisfied with the way we have handled your personal data, please contact us first using the details in Section 1 so that we have an opportunity to address your concerns. You also have the right to lodge a complaint with the data protection supervisory authority in your country:

United Kingdom

Information Commissioner's Office (ICO): ico.org.uk · 0303 123 1113 · Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF.

Republic of Ireland

Data Protection Commission (DPC): dataprotection.ie · +353 (0)761 104 800 · 21 Fitzwilliam Square South, Dublin 2, D02 RD28, Ireland.

Other EU member states

A list of all EU national data protection authorities is maintained by the European Data Protection Board at edpb.europa.eu.

10. How we protect your data

  • Data is transmitted to and from our site over HTTPS.

  • Our service providers hold ISO 27001 or SOC 2 certification (or equivalent industry-recognised certifications).

  • Access to enquiry data and customer records inside Polyaire is limited to staff who need it to do their job.

  • Multi-factor authentication and conditional access policies are enforced on accounts with access to personal data.

  • We maintain audit logs of access to personal data and review them periodically.

  • Our personnel are trained on data protection obligations and are bound by contractual confidentiality.

11. Automated decision-making

We do not make decisions about you using automated processing or profiling.

12. Children

This site is intended for trade and business customers. We do not knowingly collect data from anyone under 18.

13. Changes to this policy

We may update this policy from time to time to reflect changes in our practices, in technology, in legal requirements, or for other reasons. The "Last updated" date at the top of this page indicates when it was most recently revised. Material changes will be highlighted on the site for 30 days before they take effect.

14. Questions

Email sales@polyaire.co.uk or write to: Privacy, Polyaire Limited, 3-4 Torridge Close, Telford Way Industrial Estate, Kettering, NN16 8PY. EU residents may also contact our EU Representative directly using the details in Section 1.