Privacy policy

1. Introduction and Scope

Company Name: DREO Limited
Registered Address: 61 Bridge Street, Kington, United Kingdom HR5 3DJ
Company Registration Number: 15385336
We are committed to protecting your privacy and complying with applicable data protection laws, including the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018.
This policy applies to:
  • Our official website and mobile applications.
  • Offline services, such as warranty registration.
  • Special scenarios, including smart device data collection and interactions within our recipe communities.

2. Types of Information We Collect

We may collect and process the following categories of personal data:
  • Basic Information: Name, postal address, email address, telephone number.
  • Payment Information: Credit card details, PayPal information, bank account details, and billing information. All payment data is processed securely and stored in encrypted form.
  • Technical Data: IP address, browser type and version, device identifiers, product usage logs.
  • Cookies and Tracking Data: Information from cookies and similar technologies (e.g., Google Analytics, Facebook Pixel).
  • User-Generated Content: Comments, reviews, uploaded files, or other content submitted by the user.

3. Purposes of Data Use

We process your personal data for the following purposes:
  • Core Services: Order fulfilment, warranty support, smart device functionality.
  • Marketing: Newsletters, promotional offers.
  • Personalisation: Recommendations based on user activity (e.g., recipes, targeted advertising).
  • Website Optimisation: Usage pattern analytics to improve user experience.
  • Security: Fraud detection, hacking prevention.

Legal Bases under UK GDPR: We will process your data based on one or more of the following:
  • Consent: e.g., for optional cookies and marketing subscriptions.
  • Contract Performance: e.g., fulfilling orders.
  • Legal Obligation: e.g., tax record retention.
  • Legitimate Interest: e.g., preventing fraud or improving our services.

4. Data Sharing

We may share your data with:
  • Service Providers: Payment processors, logistics partners, cloud storage providers, authorised repair partners.
  • Research Partners: For product development or academic research.
  • Legal Disclosure: When required by law or in response to valid legal requests.

Global Data Transfers: If we transfer your data outside the UK (e.g., to US-based service providers), we will ensure appropriate safeguards, such as the UK Addendum to Standard Contractual Clauses (SCCs).

5. Data Retention

We retain personal data only as long as necessary for the purposes outlined above or as required by law.
When your account is deleted, associated personal data will be anonymised or securely erased unless retention is legally required.

6. Your Rights

You have the following rights under the UK GDPR:
  • Access: Obtain a copy of your personal data.
  • Rectification: Correct inaccurate or incomplete data.
  • Erasure: Request deletion of your data.
  • Restriction: Limit the processing of your data in certain circumstances.
  • Portability: Receive your data in a structured, machine-readable format.
  • Objection: Object to certain processing, including direct marketing.
  • Withdraw Consent: Where processing is based on consent.
We aim to respond to all requests within 30 days.

You also have the right to lodge a complaint with the UK Information Commissioner's Office (ICO). For details, please visit https://ico.org.uk/.

Contact for Rights Requests
Email: uk-support@dreo.com

7. Cookies and Tracking Technologies

We use:
  • Necessary Cookies: Essential for site operation (e.g., shopping cart).
  • Analytics Cookies: For usage analysis (Google Analytics).
  • Marketing Cookies: For targeted advertising (Meta Pixel).
You can manage cookie preferences via our cookie banner or your browser settings.

8. Data Security

We implement industry-standard security measures, including:
  • SSL/TLS encryption.
  • Firewalls and access control.
  • Encrypted storage and transmission.
  • Anonymisation of certain datasets.
  • Regular penetration testing.
In case of a data breach, we will notify the relevant supervisory authority within 72 hours as required by law.

9. Children

Our services are not directed to individuals under the age of 13. We do not knowingly collect personal data from children.

10. Contact Us

For questions or concerns about this policy:
 Email: uk-support@dreo.com
Postal Address: 61 Bridge Street, Kington, United Kingdom HR5 3DJ

11. Updates to This Policy

We may update this Privacy Policy from time to time.
Any changes will be communicated via our website or by direct notification.