Privacy policy
PRIVACY POLICY
(For VESTAUX LTD trading as Rust Wolf London)
Last Updated: 20 November 2025
This Privacy Policy describes how VESTAUX LTD (“Rust Wolf London”,
“we”, “us”, “our”) collects, processes, stores, and protects your personal
information when you visit our website, purchase our products, create an
account, or interact with our services.
We operate in accordance with the UK General Data Protection Regulation (UK
GDPR), the Data Protection Act 2018, and all relevant data protection and
consumer legislation applicable in the United Kingdom.
By accessing our website or providing personal data, you acknowledge that you have read and understood this Privacy Policy.
1. About Us
VESTAUX LTD
Trading Name: Rust Wolf London
Registered in: England & Wales
Registered Office: 20 Vincent Way, Banbury, Oxfordshire, OX16 9GT, United
Kingdom
Data Controller: VESTAUX LTD
Contact: vestauxdirector@gmail.com
We are responsible for determining how your data is used and ensuring it is
handled lawfully.
2. Scope of This Policy
This Privacy Policy applies to:
• Visits to the Rust Wolf London website
• Online purchases
• Customer accounts and guest checkout
• Email communications
• Social media interactions
• Customer service enquiries
• Marketing subscriptions
• Participation in events, promotions, or surveys
It does not apply to third-party websites that may be linked from our site.
3. Categories of Personal Data We Collect
We collect a range of personal and technical information depending on your
interaction with us.
3.1 Identity & Contact Data
• Full name
• Email address
• Phone number
• Billing and delivery address
• Account login details
3.2 Transaction & Order Data
• Order details
• Delivery preferences
• Returns & refund information
• Payment method (processed securely and never stored by us)
3.3 Technical & Usage Data
• IP address
• Device type
• Browser information
• Operating system
• Website behaviour (clicks, time spent, referring URLs)
• Cookie identifiers
• Session data
3.4 Marketing & Communication Data
• Subscription preferences
• Communication history
• Interests and brand interactions
3.5 Social Media Data
If you interact with us through Instagram, Facebook, TikTok or others:
• Username
• Public profile information
• Comments and interactions
• Messages sent on social platforms
3.6 Anti-Fraud & Compliance Data
• Validation checks
• Transaction risk assessments
• Flags from payment gateways
• Compliance verifications required by law
4. How We Collect Personal Data
We collect information through:
• Direct interactions (orders, customer service messages, account creation)
• Automated technologies (cookies, tracking tools, analytics)
• Third-party integrations (payment processors, delivery partners)
• Social media engagement
• Marketing sign-ups
• Participation in campaigns or reviews
5. Legal Bases for Processing (UK GDPR)
We process your personal data:
5.1 Contractual Necessity
To fulfil your order, deliver goods, and manage your account.
5.2 Consent
For email marketing, cookies, and certain analytics activities.
5.3 Legitimate Interest
To improve services, prevent fraud, and ensure platform security.
5.4 Legal Obligation
To comply with tax, accounting, and consumer laws.
5.5 Protection of Vital Interests
In rare cases where processing is necessary to protect someone’s safety.
6. How We Use Your Personal Data
Your information is used to:
• Process and deliver your orders
• Provide customer support
• Reduce fraud and ensure secure transactions
• Improve website performance
• Personalise your shopping experience
• Send marketing communications if you consent
• Analyse buying patterns and product demand
• Operate loyalty, referral, or reward programs
• Maintain accurate internal records
• Comply with legal requirements
We never use your data in ways that are incompatible with these purposes.
7. Marketing Communications
We only send marketing emails if you have:
• Subscribed voluntarily, or
• Consented during checkout, or
• Opted in via account preferences
You can unsubscribe at any time through:
• The “unsubscribe” link
• Customer account settings
• Contacting us directly
Unsubscribing does not affect service messages (orders, returns, etc.)
8. Cookies, Analytics & Tracking Technologies
We use cookies and related technologies to:
• Enable core website functionality
• Support checkout and payment workflows
• Analyse website performance
• Provide personalised recommendations
• Improve user experience
• Support advertising and retargeting campaigns
Users can adjust cookie preferences through browser settings or cookie pop-up controls.
9. Automated Decision-Making & Profiling
We may use automated processes for:
• Fraud detection
• Payment risk scoring
• Personalised product suggestions
• Marketing segmentation
These systems do not make decisions that produce legal or similarly significant
effects without human oversight.
10. Sharing Your Data
We do not sell your personal information.
We share data only with trusted service partners essential to our operations:
• Payment processors (for secure transactions)
• Courier and logistics providers
• IT infrastructure and cloud hosting
• Customer service tools
• Email marketing platforms
• Fraud prevention systems
• Professional auditors or legal advisors
• Social media advertising partners (with consent)
All third-party partners are contractually bound to comply with UK GDPR.
11. International Transfers
Some of our service providers may operate outside the UK.
Where data is transferred internationally, we ensure lawful protection through:
• UK adequacy regulations
• Standard Contractual Clauses (SCCs)
• Equivalent data protection safeguards
12. Data Retention Periods
We retain data only as long as needed:
Data Type
Retention Period
Order & transaction
records
6 years (legal requirement)
Customer accounts
Active + 2 years of
inactivity
Marketing preferences
Until consent withdrawn
Customer service messages Up to 24 months
Cookies
Per cookie policy duration
After expiry, data is securely deleted or anonymised.
13. Your Rights Under UK GDPR
You have the right to:
• Access your personal data
• Request correction
• Request deletion (where lawful)
• Restrict processing
• Object to processing
• Withdraw consent
• Request portability
• Lodge a complaint with ICO (Information Commissioner’s Office)
All requests can be submitted via our contact details.
14. Protecting Your Data
We use rigorous measures to protect your information:
• Secure SSL encryption
• Firewalls and intrusion monitoring
• Encrypted payment processing
• Limited internal access controls
• Regular security audits
• Secure password and authentication protocols
No system is entirely risk-free, but we apply industry-leading standards.
15. Children’s Data
Our services are not intended for individuals under the age of 18.
We do not knowingly collect or process children’s information.
16. Social Media Features
Interactions through social media (likes, comments, shares, messages) may be
collected according to the platform’s own privacy settings.
We do not control how third-party platforms handle your data.
17. Data Breach Response
In the unlikely event of a data breach:
• We investigate immediately
• We take urgent steps to contain the issue
• We notify affected users where legally required
• We report breaches to the ICO when necessary
18. Links to External Websites
Our website may contain links to third-party websites.
We are not responsible for their privacy practices and encourage users to review their policies before providing personal data.
19. Policy Updates
We may update this Privacy Policy to reflect:
• Legal changes
• Operational changes
• Website developments
• New product features
Updated policies will be published with a revised date.
20. Contact Information
For privacy enquiries or exercising your rights:
Data Protection Officer
VESTAUX LTD
Email: vestauxdirector@gmail.com
Address: 20 Vincent Way, Banbury, Oxfordshire, OX16 9GT, United Kingdom