Privacy Policy

STEPS Inclusive Design Ltd

Privacy Policy

Effective Date: 01.01.2026
Last Updated: 23.02.2026

1. Who We Are

STEPS Inclusive Design Ltd is a company registered in England and Wales.

Company Number: 16657416
Registered Office: Alexander House, 30 Troutbeck Road, Sheffield
S7 2QAContact Email: [Insert Email]

For the purposes of UK data protection law, STEPS Inclusive Design Ltd is the Data Controller responsible for your personal data.

We are registered with the Information Commissioner’s Office (ICO).

2. What Personal Data We Collect

We may collect and process:

Information You Provide

• Full name
• Email address
• Telephone number
• Billing address
• Delivery address
• Order details
• Product enquiries
• Customer service communications
• Product testing feedback

Payment information is processed securely by third-party payment providers and is not stored by us.

Automatically Collected Information

• IP address
• Browser type
• Device type
• Website usage data
• Cookies

3. Special Category Data

As an inclusive product company, we may receive information relating to:

• Health conditions
• Disabilities
• Functional limitations
• Rehabilitation or clinical feedback

We only process this information:

• With your explicit consent
• For product development, safety and validation purposes
• In anonymised or pseudonymised form wherever possible

We do not use health-related information for marketing.

4. Lawful Basis for Processing

We rely on the following lawful bases under UK GDPR:

• Contract – To fulfil orders and provide products
• Legitimate Interests – To improve products and services
• Consent – For marketing and product testing participation
• Legal Obligation – For tax, accounting and regulatory requirements

5. How We Use Your Data

We use personal data to:

• Process and deliver orders
• Provide customer support
• Improve product design and safety
• Conduct product testing and validation
• Send updates where consent is given
• Meet legal obligations

6. Data Sharing

We may share data with:

• Payment processors
• Website hosting providers
• Delivery couriers
• IT service providers
• Professional advisors

We do not sell personal data.

7. International Transfers

Where data is transferred outside the UK, appropriate safeguards will be applied in accordance with UK GDPR.

8. Data Retention

We retain personal data only as long as necessary:

• Order records: 6 years
• Marketing data: Until consent is withdrawn
• Product testing data: As required for development and compliance documentation

9. Your Rights

You have the right to:

• Access your personal data
• Correct inaccuracies
• Request erasure
• Restrict or object to processing
• Withdraw consent
• Lodge a complaint with the Information Commissioner’s Office (ICO)

Contact us at: [Insert Email]

ICO website: https://ico.org.uk

10. Data Security

We implement appropriate technical and organisational measures, including:

• Secure hosting
• Restricted access controls
• Encrypted payment processing
• Controlled access to testing documentation

11. Cookies

Our website uses cookies to enhance user experience and analyse performance.
You can manage cookie preferences via our consent banner.

12. Changes to This Policy

We may update this Privacy Policy periodically.
The latest version will always be published on our website.