PRIVACY NOTICE
Last updated: 16 March 2026
Lords Group Trading PLC and its group companies (“Lords Group”, “we”, “our” or “us”) are committed to protecting and respecting your privacy.
This Privacy Notice explains how personal data is handled when you interact with Lords Group companies, including when you visit our website, purchase goods or services, open a trade account, apply for employment, or otherwise communicate with us.
This notice provides a general overview of how personal data is processed within the Lords Group. More detailed information about specific types of processing can be found in the privacy notices linked below.
WHO WE ARE
This website is operated by Lords Group Trading PLC, the parent company of a number of trading businesses within the Lords Group.
When you interact with a Lords Group company — for example when purchasing products, opening a trade account or applying for employment — the relevant group company you deal with will act as the data controller for your personal data.
Each trading company within the Lords Group is responsible for complying with UK data protection law and maintains its own registration with the UK data protection regulator where required.
If you have any questions about how your personal data is handled, please contact:
Your enquiry will be directed to the appropriate Lords Group company.
HOW WE USE PERSONAL DATA
Lords Group companies may process personal data for a variety of legitimate business purposes, including:
- supplying goods and services to customers
- managing customer and trade accounts
- assessing credit applications
- managing supplier and business partner relationships
- recruitment and employment administration
- marketing communications where permitted
- operating and securing our websites and IT systems
- complying with legal and regulatory obligations
Further information is provided in the detailed privacy notices listed below.
LAWFUL BASES FOR PROCESSING
Depending on the circumstances, Lords Group companies process personal data under one or more of the following lawful bases:
- Contractual necessity – to provide goods/services or enter into a contract
- Legal obligations – to comply with applicable laws
- Legitimate interests – including fraud prevention, credit risk assessment and administration
- Consent – where required for specific activities such as marketing
AUTOMATED DECISION MAKING
We may use automated tools for fraud prevention, identity verification and credit risk assessment.
These tools generate indicators or risk scores, however we do not make decisions with legal or significant effects based solely on automated processing without human review.
SHARING PERSONAL DATA
Personal data may be shared where necessary with:
- other companies within the Lords Group
- trusted service providers
- delivery and logistics providers
- professional advisers
- credit reference agencies and fraud prevention organisations
- regulators and law enforcement where required
INTERNATIONAL TRANSFERS
Some service providers may process data outside the UK. Where this occurs, appropriate safeguards are in place in line with UK data protection law.
DATA RETENTION
Personal data is retained only as long as necessary to m
DISCLOSING YOUR DATA
We never make your personal details available to companies outside of the Group for marketing purposes and will only disclose your personal details to other companies within the Group if you have agreed to us doing so.
However, we may use other companies to provide services to you on our behalf. These services may include but are not limited to answering your questions about products or services, sending postal mail and e-mails and analyzing data. We will only provide those companies with the information they need to deliver the service we have engaged them for and they are prohibited from using that information for any other purpose.
We may have to disclose your information by law or because a court or the police or other law enforcement agency has asked us for it. In the event that a majority of our shares were bought by another company or we transferred a substantial amount of our assets to another company, we would disclose your personal information to that purchaser.
HOW IS YOUR INFORMATION PROTECTED?
We take protection of your information seriously and have appropriate physical and technological security measures in place to keep it safe. Internally, we restrict access to personal information. Only employees who need the information to do their jobs have access to it. We never transfer your data outside of the UK.
DATA PROTECTION ACT
The Group fully supports the requirements of the Data Protection Act and is committed to the protection of personal data belonging to our suppliers, customers, and colleagues. We conduct regular audits around the Group to ensure compliance with our policies.
We are aware of our obligations under the General Data Protection Regulations (GDPR) and have adopted a proactive approach to the implementation of the new legislation. This includes reviewing existing and where appropriate developing and implementing new policies and procedures to ensure personal data is collected, stored and disposed of in a manner compliant with the requirements of the GDPR.
Contact Us
If you have any questions relating to this policy or the use by Next of personal data please write to the Group Data Protection Manager at our registered address or via dataprotection@lordsbm.co.uk, quoting Security and Privacy Enquiry.
We may also use your information, including shopping habits, to open and run your credit account including payment recovery, fraud prevention and debt tracing and for our marketing.
As part of running our business, we are keen to let people know about our range of products and services, including new products and services which we introduce from time to time. In order to do this, we send marketing emails to people – our approach to doing so is as follows:
- Potential customers:
- Individuals – we will obtain consent of individuals before sending you marketing emails,
- Corporate subscribers - for business subscribers (e.g. people who have an email address of a limited company), we are not required to obtain your consent in order to send you marketing emails, but you have the right to opt out at any time
- Existing customers - For existing customers who have bought our products or services previously (or entered into negotiations with us about doing so), we may use the information we collect to email you to let you know about our other similar products and services which may be of interest to you. We will give you the option to opt out at the time of the original purchase/negotiation and in every subsequent marketing email we send to you.
- Contacts from acquired businesses – as mentioned above, we may acquire other businesses from time to time and when we do so, we might inherit that company’s marketing list of contacts/customers etc.. We are keen to ensure that existing customers/contacts of the acquired company continue to receive information about our relevant products and services – therefore, in this situation, we will seek the consent of such individuals, to check whether they are happy to continue to receive marketing emails from us, relating to relevant products /services.
- If you provide your consent to us doing so, we would also like to send you information about the products and services offered by other companies in the Group.
Regardless of which scenario above applies, you can let us know at any time if you no longer want to receive marketing emails from us or our group companies – you can opt out, each time that you receive a communication by following the link to unsubscribe. Where we rely on consent in order to send direct marketing emails to you, you can withdraw such consent at any time – where you do so, we (and our other group companies where you indicate) will promptly stop sending marketing emails to you.
DISCLOSING YOUR DATA
We never make your personal details available to companies outside of the Group for marketing purposes and will only disclose your personal details to other companies within the Group if you have agreed to us doing so.
However, we may use other companies to provide services to you on our behalf. These services may include but are not limited to answering your questions about products or services, sending postal mail and e-mails and analysing data. We will only provide those companies with the information they need to deliver the service we have engaged them for and they are prohibited from using that information for any other purpose. We have robust agreements in place with such third parties, which includes legally binding clauses restricting their use of your personal data, so that they can only use it to deliver the services to us.
We may have to disclose your information by law or because a court or the police or other law enforcement agency has asked us for it. In the event that a majority of our shares were bought by another company or we transferred a substantial amount of our assets to another company, we would disclose your personal information to that purchaser, who would likely contact you to enquire whether you were still happy for them to hold your data and/or happy to continue to receive communications from them.
DISCLOSING YOUR DATA
We never make your personal details available to companies outside of the Group for marketing purposes and will only disclose your personal details to other companies within the Group if you have agreed to us doing so.
However, we may use other companies to provide services to you on our behalf. These services may include but are not limited to answering your questions about products or services, sending postal mail and e-mails and analysing data. We will only provide those companies with the information they need to deliver the service we have engaged them for and they are prohibited from using that information for any other purpose. We have robust agreements in place with such third parties, which includes legally binding clauses restricting their use of your personal data, so that they can only use it to deliver the services to us.
We may have to disclose your information by law or because a court or the police or other law enforcement agency has asked us for it. In the event that a majority of our shares were bought by another company or we transferred a substantial amount of our assets to another company, we would disclose your personal information to that purchaser, who would likely contact you to enquire whether you were still happy for them to hold your data and/or happy to continue to receive communications from them.
HOW IS YOUR INFORMATION PROTECTED?
We take protection of your information seriously and have appropriate physical and technological security measures in place to keep it safe. Internally, we restrict access to personal information. Only employees who need the information in order to do their jobs have access to it. We never transfer your data outside of the UK.
OUR COMPLIANCE WITH UK GDPR AND DATA PROTECTION ACT 2018
The Group fully supports the requirements of the Data Protection Act 2018 and UK GDPR and is committed to the protection of personal data belonging to our suppliers, customers and colleagues. We conduct regular audits around the Group to ensure compliance with our policies.
We are aware of our obligations under the UK General Data Protection Regulations (UK GDPR) and DPA 2018 and have adopted a proactive approach to the implementation of this important legislation. This includes having in place policies and procedures to ensure personal data is collected, stored and disposed of in a manner compliant with the requirements of the UK GDPR and DPA 2018.
HOW WE LEGALLY JUSTIFY USING YOUR PERSONAL INFORMATION
Under the UK GDPR and DPA 2018, we are required to identify a lawful basis for each use of personal data – our lawful bases are summarised as follows:
Use | Lawful basis under the UK GDPR |
Direct marketing emails | Corporate subscribers - If the email address you have provided to us is a corporate email address, we rely on legitimate interests under the UK GDPR, specifically our interest in informing people about our products and services which we think they may be interested in purchasing.
If the email address is a personal one, then we will only send you marketing emails where we have first obtained your prior written consent to doing so (unless you are an existing customer, in which case we do not rely on your consent, but give you the option to opt out at any time). |
Sharing your details with other companies within our Group for marketing purposes | We will request your written consent. |
To manage the relationship / account you have with us | Corporate subscribers - If the email address you have provided to us is a corporate email address, we rely on legitimate interests under the UK GDPR, specifically our interest in informing people about our products and services which we think they may be interested in purchasing.
If the email address is a personal one, then we will only send you marketing emails where we have first obtained your prior written consent to doing so (unless you are an existing customer, in which case we do not rely on your consent, but give you the option to opt out at any time). |
To deliver products/services which you have purchased from us | Corporate subscribers - If the email address you have provided to us is a corporate email address, we rely on legitimate interests under the UK GDPR, specifically our interest in informing people about our products and services which we think they may be interested in purchasing.
If the email address is a personal one, then we will only send you marketing emails where we have first obtained your prior written consent to doing so (unless you are an existing customer, in which case we do not rely on your consent, but give you the option to opt out at any time). |
RETENTION PERIODS
We only retain your information for 7 years in order to respond to your query, provide you with the information you require or to send you updates on our products and services for as long as you indicate that you are happy for us to do so. We are required to keep some records for a longer period of time to meet our legal obligations.
CONTACT US
If you have any questions relating to this policy or the use by us of personal data please write to the Group Data Protection Manager at our registered address or via dataprotection@lordsbm.co.uk, quoting Security and Privacy Enquiry.
YOUR RIGHTS
If you have any questions in relation to our use of your personal data, you should first contact us using the contact details above. Under certain conditions, you may have the right to require us to:
(a) provide you with further details on the use we make of your personal data and/or transfer a copy of your personal data to another data controller;
(b) provide you with an electronic copy of personal data that we hold;
(c) update any inaccuracies in the personal data we hold, restrict processing of your personal data;
(d) delete any personal data that we no longer have a lawful ground to use;
(e) object to our use of your personal data which is based on the 'legitimate interests' legal ground. If our use of your personal data based only on this legal ground is causing you undue harm, then we must cease using your personal data for that purpose.
You also have the right to object to receiving direct marketing communications from us and where any use of your personal data is based on consent (including direct marketing), to withdraw that consent at any time. This is an absolute right – if you exercise it, we will promptly cease sending any further marketing information to you.
Your exercise of most of these rights is subject to certain conditions and exemptions, for example to safeguard the public interest in investigating crimes, or protecting legal privilege. If you exercise any of these rights we will check your entitlement and respond in most cases within a month.
If you are not satisfied with our use of your personal data or our response to you, you can complain to the contact listed above. You also have the right to complain to the Information Commissioner’s Office (ICO) at any time.
COOKIES
Cookies are small files that a website places on your hard disk to enable additional features of the website to work. Use of cookies is an industry standard and many websites use them and most internet browsers automatically accept cookies.
Website operators are required to provide clear information in relation to the cookies operating on their site and to also obtain the user’s consent before setting a cookie on their computer or handheld device.
Further information is set out on our cookies page in relation to the cookies which operate on this website.
Our cookies do not contain any personally identifying information, but they do enable us to provide a more user-friendly experience. We do not use cookies to gather personal information such as a person's name or e-mail address. However, to track usage on our website, we may use cookies to identify repeat visitors to the website and to determine the path visitors take on our site. Any information gathered using cookies is compiled on an aggregate and anonymous basis.