Privacy Policy
Effective Date: 09/07/2025
Reference Point Computers Ltd (“we”, “us”, or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our services or visit our website.
1. Who We Are
We are Reference Point Computers Ltd, registered in England (Company Number: 2800498). We provide software, technical support, hardware, and hosted services, primarily to commercial customers and sellers using ecommerce platforms such as Amazon.
2. Scope
This policy covers personal data we process as:
A data controller (e.g. our own client billing records), and
A data processor (e.g. handling customer order data on behalf of our clients).
3. Data We Collect
3.1 Customers and Business Contacts
We may collect:
Contact names, job titles
Business addresses, emails, phone numbers
Billing and transaction details
Support correspondence
Communication preferences
This information is collected directly via forms, orders, email, phone, or through ongoing support services.
3.2 Hosted Services (including EPOS, websites, integrations)
Where we host services or provide integrations on your behalf, we may have access to data such as:
Your customer names, addresses, contact details
Order history and purchase records
Site logs and usage data
We act as a data processor in this case, and only access such data as necessary to provide, maintain, or support the service.
3.3 Amazon Selling Partner API (SP-API) Data
If you are a seller using our services to integrate with Amazon's Selling Partner API (SP-API), we may, on your behalf, access order information including customer names, shipping addresses, and order details that are classified as Personally Identifiable Information (PII).
We process this data strictly as a data processor, under your instruction, to:
Sync and manage your Amazon orders
Facilitate delivery, invoicing, and customer service
Meet Amazon compliance requirements
All data is handled in accordance with Amazon’s Acceptable Use and Data Protection policies, transmitted via secure encrypted connections, retained only as necessary, and accessed only by authorised staff.
4. How We Use Personal Data
We may use your data to:
Fulfil orders and provide services
Communicate with you regarding support or billing
Meet our contractual and legal obligations
Improve and maintain the security and performance of our systems
We do not use hosted customer data for our own marketing or analysis.
5. Sharing and Disclosure
We do not sell personal data. We may share information:
With our staff and authorised contractors working under confidentiality
With payment processors (e.g. Stripe, our bank) to process transactions
With cloud and hosting providers (e.g. UK-based data centres)
Where required by law or regulation (e.g. HMRC, law enforcement)
6. Data Retention
Client account data is kept as long as necessary to maintain the business relationship and meet financial/tax obligations
Data accessed through hosted systems or integrations is retained only for the period necessary for the task or contract
Logs, backups, and access credentials are retained according to strict internal policies and securely destroyed when no longer needed
7. Your Rights
Under UK GDPR, you have the right to:
Access your personal data
Request correction or deletion
Object to or restrict processing
Lodge a complaint with the ICO
Contact us at: privacy@refpoint.co.uk to exercise these rights.
8. Security
We implement appropriate technical and organisational measures to protect data, including:
Encrypted data transmission and secure authentication
Isolated hosting environments for client data
Strict internal access controls
Regular software and infrastructure updates
9. International Data Transfers
We primarily store and process data within the UK or EEA. Where services require access outside this region, we ensure appropriate safeguards (e.g. Standard Contractual Clauses).
10. Cookies and Website Analytics
Our website uses minimal cookies to provide essential functionality. No tracking or third-party advertising cookies are used.
11. Contact Us
If you have questions about this policy or wish to exercise your rights, please contact:
Reference Point Computers Ltd. Registered in England & Wales 2800498
Address: Hill Spring House, Westmancote, Tewkesbury, Gloucestershire, GL20 7ES
Email: privacy@refpoint.co.uk
Phone: 01386725150
VAT GB 618 2101 75. E&OE