Controller: Deividas Rapsevicius, trading as OnePlaceDirect
Address: 59C Logie Place, Aberdeen, United Kingdom
Website: oneplacedirect.com
Email (privacy): privacy@oneplacedirect.com
VAT registration number: GB504720620

• Identity & contact – name, email, phone, billing & shipping addresses.
• Account & orders (WooCommerce) – order details/history, saved addresses, preferences.
• Payments – identifiers/tokens & fraud-prevention signals from WooPayments/Stripe, Revolut (and PayPal if enabled). We never store full card numbers or CVV.
• Delivery – courier and tracking information.
• Returns/RMA (WP Swings – Lite) – request details, your messages, attachments (photos/video); internal RMA codes/statuses.
• Communications – emails, order messages, contact forms (Contact Form 7; if Flamingo enabled, a copy may be stored in our DB).
• Chat & inbox (OPD Chat Suite) – chat messages, attachments, reply history/statuses.
• Social login (Nextend) – if you use it, we receive basic profile data (e.g., name, email); you can disconnect anytime.
• Marketing & analytics (consent-based) – GA4, Meta/Facebook Pixel, TikTok, Pinterest, Trustpilot widgets, OneSignal (web push if you opt in).
• Technical & security – IP, device/browser info, session IDs, login/security logs, cookie consent choices; LiteSpeed Cache performance data; PWA local storage (no sensitive data).
• Sources – directly from you (checkout, My Account, RMA, chat/forms), automatically via cookies/logs, and from payment/delivery partners (payment status, tracking, fraud signals).

1. Contract – take payment, fulfil/deliver orders, handle returns/refunds.
2. Legal obligation – accounting/tax records; consumer protection.
3. Legitimate interests – customer support, fraud prevention (incl. Stripe Radar), IT/site security, service analytics, anti-spam/abuse.
4. Consent – newsletters, push notifications (OneSignal), and non-essential analytics/marketing cookies (GA4, Meta, TikTok, Pinterest, Trustpilot). You can withdraw consent at any time.

We do not collect special category data and we do not sell personal information.

Payments

WooPayments/Stripe, Revolut (and PayPal if enabled).

Delivery

Royal Mail, Evri, DPD (and similar couriers).

Dropship suppliers/warehouses

Only what’s needed to fulfil your order (name, address, phone, ordered items, tracking).

RMA

WP Swings (Lite) to register and manage requests.

Hosting & email/CDN

Hostinger and related infrastructure so the website and emails operate.

Analytics/ads (consent-based)

Google Analytics 4, Meta (Facebook) Pixel, TikTok, Pinterest, Trustpilot widgets.

Push notifications (consent-based)

OneSignal.

All recipients are expected to protect your data and use it only for the agreed purpose.

Some items may ship from suppliers outside the UK (e.g., CN/HK). We share only what’s necessary to perform the contract (UK GDPR Art. 49(1)(b)). For service providers outside the UK/EEA we use appropriate safeguards where feasible (e.g., SCCs/UK IDTA or adequacy).

• Orders & accounting records: up to 6 years.
• Customer support & RMA (incl. photos/video): up to 3 years after closure.
• Chat/inbox logs: up to 12 months (longer only if needed for a case).
• Marketing/push: until you unsubscribe or withdraw consent.
• Technical/security logs & cookie choices: up to 12 months.
• Contact form DB copies (Flamingo, if used): up to 12 months.
• Inactive accounts: may be anonymised/closed after 24 months of inactivity.

We use essential cookies for cart, checkout, login and security. With your consent we use analytics (to understand usage) and marketing cookies (to measure/serve ads and load third-party widgets). See our separate Cookie Policy for details.

You can access, rectify, erase, restrict, object (where based on legitimate interests), and request data portability. Where we rely on consent, you can withdraw it at any time.

To exercise your rights email privacy@oneplacedirect.com. We may ask for ID and respond within one month.

We do not make decisions with legal or similarly significant effects based solely on automated processing. Payment providers may apply automated fraud screening (e.g., Stripe Radar). Contact us to contest or request human review.

We use SSL/TLS, access controls, backups, and other technical/organisational measures. No online service is 100% secure—please don’t send card details by email or chat.

Our services are aimed at adults. We do not knowingly collect data about children.

Our site may link to third-party websites. We are not responsible for their privacy practices—please review their notices.

We may update this notice from time to time. The latest version and date will always appear here.

Privacy: privacy@oneplacedirect.com

Postal: 59C Logie Place, Aberdeen, United Kingdom