UK FASTENERS
UK FASTENERS
UK Fasteners understands that your privacy is important to you and that you care about how your personal data is used. We respect and value the privacy of everyone who visits this website, https://www.ukfasteners.co.uk ("Our Site") and will only collect and use personal data in ways that are described here, and in a way that is consistent with our obligations and your rights under the law.
Please read this Privacy Policy carefully and ensure that you understand it.
In this Policy the following terms shall have the following meanings:
| "Account" | means an account required to access and/or use certain areas and features of Our Site; |
| "Cookie" | means a small text file placed on your computer or device by Our Site when you visit certain parts of Our Site and/or when you use certain features of Our Site. Details of the Cookies used by Our Site are set out in Part 14, below; and |
| "Cookie Law" | means the relevant parts of the Privacy and Electronic Communications (EC Directive) Regulations 2003; |
Our Site is owned and operated by Till and Whitehead Limited, a Limited Company registered in England under company number 46963.
Registered address: Eadon House, 2 Lonsdale Road, Bolton, BL1 4PW.
VAT number: GB146441573.
This Privacy Policy applies only to your use of Our Site. Our Site may contain links to other websites. Please note that we have no control over how your data is collected, stored, or used by other websites and we advise you to check the privacy policies of any such websites before providing any data to them.
Personal data is defined by the UK GDPR and the Data Protection Act 2018 (collectively, "the Data Protection Legislation") as 'any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier'.
Personal data is, in simpler terms, any information about you that enables you to be identified. Personal data covers obvious information such as your name and contact details, but it also covers less obvious information such as identification numbers, electronic location data, and other online identifiers.
Under the Data Protection Legislation, you have the following rights, which we will always work to uphold:
For more information about our use of your personal data or exercising your rights as outlined above, please contact us using the details provided in Part 15.
It is important that your personal data is kept accurate and up-to-date. If any of the personal data we hold about you changes, please keep us informed as long as we have that data.
Further information about your rights can also be obtained from the Information Commissioner's Office or your local Citizens Advice Bureau.
If you have any cause for complaint about our use of your personal data, you have the right to lodge a complaint with the Information Commissioner's Office.
We would welcome the opportunity to resolve your concerns ourselves, however, so please contact us first, using the details in Part 15.
Depending upon your use of our Site, we may collect and hold some or all of the personal data set out in the table below, using the methods also set out in the table. Please also see Part 14 for more information about our use of Cookies and similar technologies.
| Data Collected | How we Collect the Data |
|---|---|
| Identity Information including names of buyers and accounts contacts. | Collected on submission of a trade account application form. |
| Contact information including trading address, head office address, business email address. | Collected on submission of a trade account application form. |
| Business information including business name business addresses, company registration number, company VAT number, business established date, business activity. | Collected on submission of a trade account application form. |
| Profile information including job titles, purchase history. | Collected through your trade with us. |
| Technical information including IP address and browser type. | When you visit our website, certain technical information (such as your IP address, browser type and version, device identifiers, operating system, and information about how you interact with our site) may be collected automatically by our servers and/or through the use of cookies, log files, pixels, and similar technologies. This information is provided by your browser or device as a normal part of requesting content from our services and may also be collected on our behalf by trusted third-party service providers (for example, analytics or security tools). |
Under the Data Protection Legislation, we must always have a lawful basis for using personal data. The following table describes how we may use your personal data, and our lawful bases for doing so:
| What we Do | What Data we Use | Our Lawful Basis |
|---|---|---|
| Registering you on our Site. | Email address. | Legitimate interest: To enable prospective and existing business customers to register an account so they can access our products and services and manage their relationship with us. |
| Providing and managing your Account. | Name, address, email address, contact information, profile. | To ensure accounts remain secure, up to date and functional so customers can reliably use our services. |
| Providing and managing your access to our Site. | Email address; profile information. | Legitimate interest: To provide secure and reliable access to our website and online services, including authentication, security monitoring and fraud prevention. |
| Personalising and tailoring your experience on our Site. | Profile information. | To improve and tailor our website, products and communications to be more relevant to our business customers, while respecting their privacy expectations and providing opt-out choices. |
| Administering our Site. | Identity, contact, business, profile and technical information. | To operate, maintain and improve our website, including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting. |
| Administering our business. | Identity, contact, business, profile and technical information. | Legitimate interest: To manage and grow our business, including internal reporting, financial management, audit, forecasting, and strategic planning. Legal obligation: To comply with our legal, regulatory and tax obligations as a business. |
| Supplying our products to you. | Identity and contact data. | Lawful basis: Performance of a contract — Processing is necessary to supply our products and services, fulfil orders, provide support and manage the customer relationship in line with our contract or terms of use. |
| Managing payments for our products. | Identity, contact and business information. | Lawful basis: Performance of a contract — Processing is necessary to take and manage payments, fees and charges, and to collect and recover money owed under our contract. Legal obligation (for records): To maintain appropriate accounting and financial records as required by law. |
| Communicating with you. | Identity, business and contact information. | Lawful basis: Performance of a contract — Processing is necessary to contact the customer about their account, orders, service updates and other operational or contractual matters. Legitimate interest: To respond to enquiries, provide support and keep customers informed about important changes to our services and policies. |
| Supplying you with information by email or post. | Identity and contact data. | To send relevant information about our similar products and services to existing business contacts, in line with e-privacy rules and with a clear opportunity to opt out in every communication. |
Where permitted by law, we may also use your personal data for marketing purposes, which may include contacting you by email, telephone, text message or post with information, news, and offers on our products. You will not be sent any unlawful marketing or spam. We will always work to fully protect your rights and comply with our obligations under the Data Protection Legislation and the Privacy and Electronic Communications (EC Directive) Regulations 2003, and you will always have the opportunity to opt-out.
We will only use your personal data for the purpose(s) for which it was originally collected unless we reasonably believe that another purpose is compatible with that or those original purpose(s) and need to use your personal data for that purpose. If we do use your personal data in this way and you wish us to explain how the new purpose is compatible with the original, please contact us using the details in Part 15.
If we need to use your personal data for a purpose that is unrelated to, or incompatible with, the purpose(s) for which it was originally collected, we will inform you and explain the legal basis which allows us to do so.
In some circumstances, where permitted or required by law, we may process your personal data without your knowledge or consent. This will only be done within the bounds of the Data Protection Legislation and your legal rights.
We will not keep your personal data for any longer than is necessary in light of the reason(s) for which it was first collected.
We retain personal data relating to contacts at our business customers for as long as we have an ongoing relationship with the relevant customer (for example, to manage our contract, orders, invoicing, support, and day-to-day communications). When a customer account is closed or we are informed that an individual is no longer a contact for that customer, we will mark the relevant records as inactive and restrict access to them rather than delete them immediately.
We may continue to retain certain personal data in our operational systems where we have a legitimate business need to do so, for example to maintain accurate financial and transaction records, to manage queries or disputes, or to demonstrate our compliance with legal or regulatory obligations (such as tax or accounting rules). In addition, copies of information may be retained in backup media and in archived paper records which are kept for limited periods and are securely stored with restricted access.
We routinely review the personal data that we hold and take reasonable steps to erase or anonymise data when it is no longer needed for the purposes described above or when our legal obligations to retain it have expired.
We will some of your personal data in the UK. This means that it will be fully protected under the Data Protection Legislation.
We will store some of your personal data within the European Economic Area (the "EEA"). The EEA consists of all EU member states, plus Norway, Iceland, and Liechtenstein. This means that your personal data will be fully protected under the EU GDPR and/or to equivalent standards by law. Transfers of personal data to the EEA from the UK are permitted without additional safeguards.
Some personal data may be shared with third party service providers, for purposes such as fulfilling our obligations to customers, and sending service messages and marketing.
We host certain customer data on Microsoft Azure in the North Europe region. Microsoft operates an EU Data Boundary, under which customer data and personal data for core cloud services are stored and processed within the European Union and European Free Trade Association, subject to limited exceptions necessary for service operation, security, and support. In some cases, this may involve access to or processing of personal data from countries outside the EU/EEA (for example by Microsoft support personnel or through specific Azure service components), but such transfers are governed by Microsoft's Data Protection Addendum and the European Commission's Standard Contractual Clauses, together with additional technical and organizational safeguards (including encryption and strict access controls) designed to protect your data in accordance with GDPR requirements.
The security of your personal data is essential to us, and to protect your data, we take a number of important measures, including the following:
We will not share any of your personal data with any third parties for any purposes, subject to the following exceptions.
Where we use selected third-party systems and services in the operation of our business.
If we sell, transfer, or merge parts of our business or assets, your personal data may be transferred to a third party. Any new owner of our business may continue to use your personal data in the same way(s) that we have used it, as specified in this Privacy Policy.
In some limited circumstances, we may be legally required to share certain personal data, which might include yours, if we are involved in legal proceedings or complying with legal obligations, a court order, or the instructions of a government authority.
If any of your personal data is shared with a third party, as described above, we will take steps to ensure that your personal data is handled safely, securely, and in accordance with your rights, our obligations, and the third party's obligations under the law, as described above in Part 9.
You may access certain areas of our Site without providing any personal data at all. However, to use all features and functions available on our Site you may be required to submit or allow for the collection of certain data.
You may restrict our use of Cookies. For more information, see Part 14.
If you want to know what personal data we have about you, you can ask us for details of that personal data and for a copy of it (where any such personal data is held). This is known as a "subject access request".
All subject access requests should be made in writing and sent to the email or postal addresses shown in Part 15.
There is not normally any charge for a subject access request. If your request is 'manifestly unfounded or excessive' (for example, if you make repetitive requests) a fee may be charged to cover our administrative costs in responding.
We will respond to your subject access request within 20 working days of receiving it. Normally, we aim to provide a complete response, including a copy of your personal data within that time. In some cases, however, particularly if your request is more complex, more time may be required up to a maximum of three months from the date we receive your request. You will be kept fully informed of our progress.
Our Site may place and access certain first-party Cookies on your computer or device. First-party Cookies are those placed directly by us and are used only by us. We use Cookies to facilitate and improve your experience of Our Site and to provide and improve our products and services. We have carefully chosen these Cookies and have taken steps to ensure that your privacy and personal data is protected and respected at all times.
All Cookies used by and on our Site are used in accordance with current Cookie Law.
Before Cookies are placed on your computer or device, you will be shown a pop-up banner requesting your consent to set those Cookies. By giving your consent to the placing of Cookies you are enabling us to provide the best possible experience and service to you. You may, if you wish, deny consent to the placing of Cookies; however certain features of our Site may not function fully or as intended.
Certain features of our Site depend on Cookies to function. Cookie Law deems these Cookies to be "strictly necessary". These Cookies are shown in the table below. Your consent will not be sought to place these Cookies, but it is still important that you are aware of them. You may still block these Cookies by changing your internet browser's settings as detailed below, but please be aware that our Site may not work properly if you do so. We have taken great care to ensure that your privacy is not at risk by allowing them.
The following first-party Cookies may be placed on your computer or device:
| Name of Cookie | Purpose | Strictly Necessary |
|---|---|---|
| .AspNet.Consent |
This cookie records whether you have given or refused consent to the use of non-essential cookies on this site. It allows us to remember your choice so that you do not see the cookie banner on every visit.
This cookie does not track your browsing outside this site.
Purpose: Store your cookie consent preference. Type: First-party, strictly necessary (for managing consent). Typical duration: Up to 1 year (or until you clear your cookies). |
Yes |
| .AspNetCore.Antiforgery.<random code> |
This cookie helps protect the website and its users against Cross-Site Request Forgery (CSRF) attacks. It stores a security token that is checked when you submit forms or perform certain actions, to confirm
the request comes from your browser and not from a malicious third party.
Purpose: Security token to prevent CSRF attacks. Type: First-party, strictly necessary (security). Typical duration: Session cookie (deleted when you close your browser), or short-lived. |
Yes |
| .AspNetCore.Cookies |
This cookie is used by the to manage your authentication or application session. For example, it can remember that you are signed in as you move between pages, or preserve other essential state needed for the
site to function correctly.
Purpose: Maintain your login/session and essential site state. Type: First-party, strictly necessary (core functionality, authentication). Typical duration: Session cookie or persists for the lifetime of your login, depending on configuration. |
Yes |
| ARRAffinity |
This cookie is set by the hosting platform to ensure that, during a visit, your requests are consistently routed to the same server instance. This "session affinity" is required for some technical features of
the site to work reliably and for performance reasons.
Purpose: Keep your requests routed to the same server ("sticky session"). Type: First-party, strictly necessary (load balancing / performance). Typical duration: Session cookie (deleted when you close your browser). |
Yes |
| ARRAffinitySameSite |
This cookie serves the same technical purpose as ARRAffinity: it helps keep your requests routed to the same server instance in a load-balanced environment. It is configured with specific "SameSite" attributes
to ensure correct behaviour in modern browsers while maintaining compatibility with older ones.
Purpose: Support session affinity with appropriate SameSite behaviour in browsers. Type: First-party, strictly necessary (load balancing / performance). Typical duration: Session cookie (deleted when you close your browser). |
Yes |
| OrderRef | This cookie is used to track and retain your shopping basket as you navigate around the site. | Yes |
| UKFWebsiteSelectedAccount | If your email address is associated with more than one account on our system, we use this cookie to associate your browsing session with the account data you have selected to view. | Yes |
Our site uses an authentication system provided by Auth0. During the process of signing in to our website, Auth0 may place the following Cookies on your device:
| Name of Cookie | First / Third Party | Provider | Purpose |
|---|---|---|---|
| auth0 | Third | Auth0 | This cookie stores the main Auth0 session used to provide single sign-on and keep you logged in across visits and between different applications that use our Auth0 identity service. It is set by Auth0 on its own domain and is therefore treated as a third-party authentication cookie. |
| auth0_compat | Third | Auth0 | This cookie is a compatibility cookie that supports the same single sign-on session as the auth0 cookie in browsers that do not fully support newer cookie attributes (such as SameSite=None). It is also set by Auth0 on its own domain, so it is treated as a third-party authentication cookie. |
| did | Third | Auth0 | This cookie stores a pseudonymous device identifier that helps Auth0 recognise the browser or device you use, for example to support secure session management and additional security checks. It is set by Auth0 on its domain and is treated as a third-party cookie. |
| did_compat | Third | Auth0 | This is a compatibility version of the did cookie, used in certain browsers to ensure device recognition and security features work correctly when newer cookie attributes are not supported. Like did, it is set by Auth0 and is treated as a third-party cookie. |
Our Site uses analytics services provided by Microsoft and Google. Website analytics refers to a set of tools used to collect and analyse anonymous usage information, enabling us to better understand how Our Site is used. This, in turn, enables us to improve Our Site and the products and services offered through it.
The analytics service(s) used by our Site use Cookies to gather the required information. You do not have to allow us to use these Cookies, however whilst our use of them does not pose any risk to your privacy or your safe use of our Site, it does enable us to continually improve our Site, making it a better and more useful experience for you.
The analytics services used by our Site use the following Cookies:
| Name of Cookie | First / Third Party | Provider | Purpose |
|---|---|---|---|
| ai_user | Third | Microsoft | A unique, anonymous user identifier used to recognise returning visits from the same browser over time and to measure how many distinct users access the site. It is used for usage analytics and performance monitoring, not for marketing. |
| ai_session | Third | Microsoft | A unique, anonymous session identifier that groups multiple page views and events into a single visit, so that Application Insights can measure things like session length and pages per session. It is used to understand how the site is used and to diagnose performance or reliability issues. |
| _ga | Third | Used to distinguish unique users by assigning a randomly generated identifier to each browser; this identifier is sent with each page view to help calculate visitor, session and campaign statistics. Typically persists for up to two years. | |
| _gid | Third | Used to distinguish users at a shorter interval (e.g. 24 hours) to provide more granular daily analytics. | |
| _gat or _ga_* | Third | Used to throttle the rate of requests to Google's servers and to associate analytics data with a specific property or measurement ID. This helps ensure the service performs efficiently without overloading either the browser or Google's infrastructure. |
In addition to the controls that we provide, you can choose to enable or disable Cookies in your internet browser. Most internet browsers also enable you to choose whether you wish to disable all Cookies or only third-party Cookies. By default, most internet browsers accept Cookies, but this can be changed. For further details, please consult the help menu in your internet browser or the documentation that came with your device.
You can choose to delete Cookies on your computer or device at any time, however you may lose any information that enables you to access our Site more quickly and efficiently including, but not limited to, login and personalisation settings.
It is recommended that you keep your internet browser and operating system up-to-date and that you consult the help and guidance provided by the developer of your internet browser and manufacturer of your computer or device if you are unsure about adjusting your privacy settings.
To contact us about anything to do with your personal data and data protection, including to make a subject access request, please use the following details:
Email address: website.support@ukfasteners.co.uk.
Telephone number: 01242 577 077.
Postal Address: Sterling House, Moreton Road, Longborough, Moreton in Marsh, GL56 0QJ.
We may review and update this Privacy Policy from time to time to ensure continued compliance with the law and best practice. This may be necessary, for example, if the law changes, or if we change our business in a way that affects personal data protection.
Any changes will be immediately posted on our Site and you will be deemed to have accepted the terms of the Privacy Policy on your first use of our Site following the alterations. We recommend that you check this page regularly to keep up-to-date.
This Privacy Policy was last updated on 19/02/2026.
This Privacy Policy has been created using a document template from www.simply-docs.co.uk.
We use cookies to enhance your browsing experience and analyze our traffic. By clicking "Accept", you consent to our use of cookies. Learn more