Privacy Policy | Endless Pleasure UK | Premium Adult Toys & Intimate Essentials

Endless Pleasure Limited
Effective Date: 25/06/2025
Last Updated: 26/06/2025

Introduction
Who We Are
Information We Collect
How We Use Your Information
Legal Basis for Processing
Sensitive Personal Data
Sharing Your Information
Data Retention
Your Rights
Data Security
International Transfers
Cookies and Tracking Technologies
Marketing Communications
Children’s Privacy
Third-Party Links
Changes to This Policy
Contact Information

1. Introduction

At Endless Pleasure Limited, we understand that your privacy is of paramount importance, especially given the intimate and personal nature of the products we offer. We are committed to protecting and respecting your privacy and handling your personal data in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and all other applicable data protection laws.

This Privacy Policy explains how we collect, use, store, and protect your personal information when you visit our website www.endlesspleasure.co.uk, create an account, make purchases, or interact with our services. We want to be completely transparent about our data practices so you can make informed decisions about sharing your information with us.

Given the sensitive nature of our business, we recognise that your purchase history and interactions with our website may reveal intimate details about your private life. We treat this information with the highest level of care and implement additional safeguards to ensure your privacy and confidentiality are maintained at all times.

By using our website or services, you acknowledge that you have read and understood this Privacy Policy and consent to the collection, use, and disclosure of your personal information as described herein. If you do not agree with any aspect of this Privacy Policy, please do not use our website or services.

We keep this Privacy Policy under regular review and will notify you of any significant changes. This version was last updated as per the date above and replaces all previous versions.

2. Who We Are

Data Controller: Endless Pleasure Limited
Registered Office: C/O Shaw & Co, 3 Colegate, Norwich, Norfolk, England, NR3 1BN
Company Registration Number: [To be inserted]
Email: support@endlesspleasure.co.uk
Data Protection Contact: privacy@endlesspleasure.co.uk

Endless Pleasure Limited is the data controller for the personal information we collect and process. This means we determine the purposes and means of processing your personal data and are responsible for ensuring compliance with applicable data protection laws.

As a responsible data controller, we have implemented comprehensive data protection policies and procedures, appointed a Data Protection Officer where required, and ensure all staff receive appropriate training on data protection matters. We are committed to the principles of data protection by design and by default, meaning we consider privacy implications in everything we do.

If you have any questions about how we handle your personal data or wish to exercise any of your rights, please contact us using the details provided in the Contact Information section of this policy.

3. Information We Collect

We collect various types of personal information about you when you interact with our website and services. The information we collect depends on how you use our services and what you choose to share with us.

3.1 Information You Provide Directly

Account Information: When you create an account on our website, we collect your name, email address, date of birth (for age verification), and password. You may also choose to provide additional profile information such as preferences and interests to help us personalise your experience.

Order and Payment Information: When you make a purchase, we collect your billing and delivery addresses, phone number, payment card details (processed securely through our payment providers), and any special delivery instructions you provide.

Communication Information: When you contact our customer service team, participate in surveys, leave reviews, or otherwise communicate with us, we collect the information you provide in those communications, including your name, email address, phone number, and the content of your messages.

Marketing Preferences: We collect information about your marketing preferences, including whether you wish to receive promotional emails, SMS messages, or other marketing communications from us.

3.2 Information We Collect Automatically

Technical Information: When you visit our website, we automatically collect certain technical information, including your IP address, browser type and version, operating system, device type, screen resolution, and the pages you visit on our website.

Usage Information: We collect information about how you use our website, including the products you view, items you add to your basket, search terms you use, and the time and duration of your visits.

Location Information: We may collect general location information based on your IP address to help us provide relevant content and comply with local laws and regulations.

Cookie Information: We use cookies and similar tracking technologies to collect information about your browsing behavior and preferences. Please see our Cookies section for more detailed information.

3.3 Information from Third Parties

Payment Processors: We receive confirmation of successful payments and limited transaction information from our payment processors to fulfill your orders and maintain accurate records.

Delivery Partners: We receive delivery confirmation and tracking information from our delivery partners to keep you informed about your order status.

Age Verification Services: Where we use third-party age verification services, we may receive confirmation that you meet our age requirements without receiving the underlying identification documents.

Social Media: If you choose to connect your social media accounts or share our content on social platforms, we may receive limited information from those platforms in accordance with your privacy settings and their terms of service.

4. How We Use Your Information

We use your personal information for various purposes related to providing our services, improving your experience, and fulfilling our legal obligations. Below are the main ways we use your information:

4.1 Order Fulfillment and Customer Service

We use your information to process and fulfill your orders, including verifying your age, processing payments, arranging delivery, and providing customer support. This includes communicating with you about your orders, delivery updates, and any issues that may arise.

We also use your information to handle returns, refunds, and exchanges in accordance with our returns policy and your consumer rights. This may involve coordinating with our delivery partners and payment processors to ensure smooth resolution of any issues.

4.2 Account Management

We use your account information to maintain your customer account, allow you to access your order history, manage your preferences, and provide personalised recommendations based on your previous purchases and browsing behavior.

Your account also allows us to save your delivery addresses and payment preferences to make future purchases more convenient, while ensuring all information is stored securely and in compliance with data protection requirements.

4.3 Website Improvement and Personalisation

We analyse usage data to understand how customers interact with our website, identify popular products, and improve our website’s functionality and user experience. This helps us optimise our product catalog, improve navigation, and ensure our website meets customer needs.

We may use your browsing history and purchase data to provide personalised product recommendations and content that we believe will be of interest to you, always respecting your privacy preferences and the sensitive nature of our products.

4.4 Marketing and Communications

With your consent, we use your contact information to send you marketing communications about new products, special offers, and other information we think may interest you. You can opt out of marketing communications at any time using the unsubscribe links in our emails or by contacting our customer service team.

We may also use your information to conduct customer satisfaction surveys and gather feedback about our products and services, helping us improve our offerings and customer experience.

4.5 Legal Compliance and Security

We use your information to comply with legal obligations, including age verification requirements, tax reporting, and responding to lawful requests from authorities. We also use your information to detect and prevent fraud, protect our website from security threats, and ensure the safety and security of our customers and business.

This may include monitoring for suspicious activity, verifying the authenticity of orders, and implementing security measures to protect against unauthorised access to customer accounts and information.

5. Legal Basis for Processing

Under UK GDPR, we must have a lawful basis for processing your personal data. The legal bases we rely on depend on the specific purposes for which we process your information:

5.1 Contract Performance

We process your personal data when it is necessary for the performance of a contract with you or to take steps at your request before entering into a contract. This includes:

Processing your orders and arranging delivery
Managing your customer account
Providing customer support and handling inquiries
Processing payments and refunds
Fulfilling our obligations under consumer protection laws

5.2 Legitimate Interests

We may process your personal data when it is necessary for our legitimate interests or those of a third party, provided your fundamental rights and freedoms do not override those interests. Our legitimate interests include:

Improving our website and services based on usage analytics
Detecting and preventing fraud and security threats
Conducting business analytics to understand customer preferences
Maintaining records for business and legal purposes
Protecting our intellectual property and business assets

We have conducted legitimate interest assessments to ensure that our processing is proportionate and does not unduly impact your privacy rights.

5.3 Legal Compliance

We process your personal data when necessary to comply with legal obligations, including:

Age verification requirements for adult products
Tax reporting and record-keeping obligations
Responding to lawful requests from authorities
Compliance with consumer protection and e-commerce regulations
Meeting data retention requirements under applicable laws

For certain types of processing, particularly marketing communications and non-essential cookies, we rely on your explicit consent. You have the right to withdraw your consent at any time, and we will stop processing your data for those purposes.

When we rely on consent, we ensure it is freely given, specific, informed, and unambiguous. We make it easy for you to withdraw consent through unsubscribe links, account settings, or by contacting our customer service team.

6. Sensitive Personal Data

Due to the nature of our business, we recognise that information about your purchases and interactions with our website may constitute sensitive personal data under UK GDPR, as it may reveal information about your sex life or sexual orientation.

6.1 Special Category Data

The UK GDPR defines sensitive personal data (called “special category data”) as information revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, health data, or data concerning a person’s sex life or sexual orientation.

Your purchase history of sexual wellness products may fall into the category of data concerning your sex life or sexual orientation. We treat this information with the highest level of care and implement additional safeguards to protect your privacy.

6.2 Legal Basis for Processing Sensitive Data

When we process sensitive personal data, we rely on the following legal bases under Article 9 of UK GDPR:

Explicit Consent: For marketing communications and personalised recommendations based on your purchase history, we obtain your explicit consent. You can withdraw this consent at any time.

Substantial Public Interest: For age verification and compliance with laws regulating the sale of adult products, we may process sensitive data under the substantial public interest basis, specifically for the prevention or detection of unlawful acts and regulatory requirements.

Vital Interests: In rare circumstances, we may process sensitive data to protect your vital interests or those of another person, such as in medical emergencies or safety situations.

6.3 Additional Safeguards

For sensitive personal data, we implement additional technical and organisational measures, including:

Enhanced encryption and security controls
Restricted access on a need-to-know basis
Additional staff training on handling sensitive data
Regular security audits and assessments
Anonymisation and pseudonymisation where possible
Secure deletion procedures when data is no longer needed

6.4 Minimisation and Purpose Limitation

We only process sensitive personal data when necessary for specific, legitimate purposes and limit processing to what is proportionate and necessary. We do not use sensitive data for automated decision-making or profiling that could significantly affect you without appropriate safeguards.

We understand the sensitive nature of your information and limit sharing to essential business purposes and trusted partners who help us provide our services. We never sell your personal data to third parties for their own marketing purposes.

7.1 Service Providers

We share your information with carefully selected service providers who help us operate our business and provide our services:

Payment Processors: We share payment information with secure payment processors (such as Stripe, PayPal) to process transactions. These providers are PCI DSS compliant and handle payment data according to strict security standards.

Delivery Partners: We share delivery information (name, address, phone number) with our delivery partners to fulfill your orders. We ensure all delivery partners understand the sensitive nature of our products and maintain appropriate confidentiality.

Technology Providers: We share limited information with technology service providers who help us maintain our website, provide customer support systems, and ensure our IT infrastructure operates securely.

Age Verification Services: Where required, we may share limited information with age verification service providers to confirm you meet legal age requirements for purchasing our products.

7.2 Legal Requirements

We may disclose your information when required by law or when we believe disclosure is necessary to:

Comply with legal obligations or court orders
Respond to lawful requests from government authorities
Protect our rights, property, or safety, or that of our customers or others
Investigate potential fraud or security breaches
Enforce our terms and conditions or other agreements

7.3 Business Transfers

In the event of a merger, acquisition, or sale of all or part of our business, your personal information may be transferred to the new owner. We will notify you of any such transfer and ensure the new owner maintains the same level of protection for your personal data.

7.4 Data Processing Agreements

All third parties who process personal data on our behalf are bound by strict data processing agreements that require them to:

Process data only for specified purposes and according to our instructions
Implement appropriate technical and organisational security measures
Maintain confidentiality and not use data for their own purposes
Delete or return data when the service relationship ends
Notify us immediately of any data breaches or security incidents

8. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, comply with legal obligations, and protect our legitimate interests.

8.1 Retention Periods

Account Information: We retain your account information for as long as your account remains active. If you do not use your account for 24 months, we may contact you to confirm whether you wish to keep it active.

Order Information: We retain order and transaction information for 7 years after the date of purchase to comply with tax and accounting requirements and to handle any warranty or customer service issues that may arise.

Marketing Information: We retain marketing preferences and communication history until you withdraw consent or request deletion, or for 3 years after your last interaction with us.

Website Analytics: We retain anonymised website usage data for up to 2 years to help us improve our services and understand customer behavior patterns.

Customer Service Records: We retain customer service communications for 3 years to ensure quality service and resolve any ongoing issues.

8.2 Secure Deletion

When personal data is no longer needed, we securely delete or anonymise it using industry-standard methods. This includes:

Secure overwriting of digital storage media
Physical destruction of paper records
Anonymisation of data used for statistical purposes
Removal of personal identifiers from archived records

8.3 Legal Hold

In some circumstances, we may need to retain data longer than our standard retention periods, such as when:

Legal proceedings are pending or anticipated
Regulatory investigations are ongoing
We need to preserve evidence for potential legal claims
Specific legal obligations require longer retention

9. Your Rights

Under UK GDPR and the Data Protection Act 2018, you have several important rights regarding your personal data. We are committed to facilitating the exercise of these rights and will respond to requests within one month of receipt.

9.1 Right of Access

You have the right to request a copy of the personal data we hold about you. This includes information about:

What personal data we process
Why we process it
Who we share it with
How long we retain it
Your rights regarding the data

To request access to your data, please contact us using the details in the Contact Information section. We may need to verify your identity before providing access to your personal data.

9.2 Right to Rectification

You have the right to request correction of inaccurate or incomplete personal data. You can update much of your information directly through your account settings, or you can contact us to request corrections.

We will make corrections promptly and notify any third parties with whom we have shared the data of the changes, unless this proves impossible or involves disproportionate effort.

9.3 Right to Erasure (Right to be Forgotten)

You have the right to request deletion of your personal data in certain circumstances, including:

The data is no longer necessary for the original purpose
You withdraw consent and there is no other legal basis for processing
The data has been unlawfully processed
Deletion is required for compliance with legal obligations

Please note that we may not be able to delete all data immediately if we have legal obligations to retain certain information, such as transaction records for tax purposes.

9.4 Right to Restrict Processing

You have the right to request that we restrict processing of your personal data in certain circumstances, such as:

When you contest the accuracy of the data
When processing is unlawful but you prefer restriction to deletion
When we no longer need the data but you need it for legal claims
When you have objected to processing and we are verifying whether our legitimate interests override yours

9.5 Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit that data to another controller where technically feasible.

This right applies when processing is based on consent or contract performance and is carried out by automated means.

9.6 Right to Object

You have the right to object to processing of your personal data in certain circumstances:

Processing based on legitimate interests (including profiling)
Direct marketing (including profiling for marketing purposes)
Processing for scientific, historical, or statistical purposes

For direct marketing, we will stop processing immediately upon receiving your objection. For other types of processing, we will stop unless we can demonstrate compelling legitimate grounds that override your interests, rights, and freedoms.

You have rights regarding automated decision-making and profiling that produces legal effects or significantly affects you. Currently, we do not engage in automated decision- making that would trigger these rights, but we will inform you if this changes.

Where we rely on your consent for processing, you have the right to withdraw that consent at any time. Withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal.

9.9 Right to Complain

You have the right to lodge a complaint with the Information Commissioner’s Office (ICO) if you believe we have not handled your personal data in accordance with data protection law. You can contact the ICO at:

Information Commissioner’s Office
Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF Telephone: 0303 123 1113
Website: www.ico.org.uk

10. Data Security

We take the security of your personal data extremely seriously and have implemented comprehensive technical and organisational measures to protect your information against unauthorised access, alteration, disclosure, or destruction.

10.1 Technical Safeguards

Encryption: All sensitive data is encrypted both in transit and at rest using industry- standard encryption protocols (AES-256 for data at rest, TLS 1.3 for data in transit).

Access Controls: We implement strict access controls ensuring that only authorised personnel can access personal data on a need-to-know basis. All access is logged and monitored.

Network Security: Our systems are protected by firewalls, intrusion detection systems, and regular security monitoring to prevent unauthorised access and detect potential threats.

Secure Development: We follow secure coding practices and conduct regular security testing of our website and systems to identify and address potential vulnerabilities.

Data Backup: We maintain secure, encrypted backups of essential data to ensure business continuity while maintaining the same security standards as our primary systems.

10.2 Organisational Measures

Staff Training: All employees receive comprehensive training on data protection principles, security procedures, and the sensitive nature of our business.

Background Checks: We conduct appropriate background checks on employees who have access to personal data.

Confidentiality Agreements: All staff and contractors are bound by strict confidentiality agreements regarding customer information.

Incident Response: We have established procedures for detecting, investigating, and responding to data security incidents, including notification requirements under UK GDPR.

Regular Audits: We conduct regular internal audits and engage third-party security experts to assess our security measures and identify areas for improvement.

10.3 Payment Security

PCI DSS Compliance: We comply with Payment Card Industry Data Security Standards (PCI DSS) for handling payment card information.

Tokenisation: We use tokenisation to replace sensitive payment data with non-sensitive tokens, reducing the risk of data exposure.

Third-Party Processors: We work only with PCI DSS compliant payment processors who maintain the highest security standards.

No Storage: We do not store complete payment card details on our systems; this information is securely handled by our payment processors.

10.4 Data Breach Response

In the unlikely event of a data breach, we have procedures in place to:

Contain and assess the breach within 24 hours
- Notify the ICO within 72 hours if required by law
- Notify affected individuals without undue delay if there is a high risk to their rights and freedoms
- Investigate the cause and implement measures to prevent recurrence
- Maintain detailed records of all data breaches and our response

11. International Transfers

We primarily process your personal data within the United Kingdom. However, some of our service providers may be located outside the UK, which may involve transferring your personal data to countries with different data protection standards.

11.1 Adequacy Decisions

Where possible, we transfer data only to countries that have been deemed by the UK government to provide adequate protection for personal data (adequacy decisions).

11.2 Appropriate Safeguards

When transferring data to countries without adequacy decisions, we implement appropriate safeguards to ensure your data remains protected:

Standard Contractual Clauses: We use UK-approved standard contractual clauses that require recipients to protect your data to UK standards.

Binding Corporate Rules: Where applicable, we rely on binding corporate rules approved by UK authorities.

Certification Schemes: We may use providers certified under approved certification schemes that demonstrate adequate data protection.

11.3 Specific Transfers

Currently, we may transfer limited data to the following regions:

United States: For payment processing and some technology services, using standard contractual clauses and additional safeguards.

European Union: For certain technology services, relying on adequacy decisions where applicable.

We regularly review our international transfers to ensure they continue to meet UK data protection requirements and provide adequate protection for your personal data.

12. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your browsing experience, analyse website usage, and provide personalised content. This section explains what cookies we use and how you can control them.

12.1 What Are Cookies

Cookies are small text files stored on your device when you visit our website. They help us remember your preferences, understand how you use our website, and provide a more personalised experience.

12.2 Types of Cookies We Use

Essential Cookies: These cookies are necessary for our website to function properly and cannot be disabled. They include cookies that enable you to log into your account, maintain your shopping basket, and complete purchases.

Performance Cookies: These cookies collect anonymous information about how visitors use our website, helping us improve functionality and user experience. We use Google Analytics and similar services for this purpose.

Functionality Cookies: These cookies remember your preferences and choices to provide a more personalised experience, such as your preferred language or region.

Marketing Cookies: With your consent, we use marketing cookies to show you relevant advertisements and measure the effectiveness of our marketing campaigns. These may be set by us or third-party advertising partners.

12.3 Third-Party Cookies

Some cookies on our website are set by third-party services:

Google Analytics: For website analytics and performance monitoring Payment Processors: For secure payment processing Social Media Platforms: If you choose to share content on social media Advertising Networks: For targeted advertising (with your consent)

12.4 Managing Cookies

You can control cookies through your browser settings:

Browser Controls: Most browsers allow you to view, delete, and block cookies. Please note that disabling essential cookies may affect website functionality.

Opt-Out Tools: You can opt out of Google Analytics using their opt-out browser add-on.

Cookie Preferences: You can manage your cookie preferences through our cookie consent banner or by contacting us.

Do Not Track: We respect Do Not Track signals where technically feasible.

13. Marketing Communications

We may send you marketing communications about our products, services, and special offers, but only with your explicit consent and in accordance with your preferences.

13.1 Types of Marketing

Email Marketing: Product recommendations, special offers, new product announcements, and educational content about sexual wellness.

SMS Marketing: Time-sensitive offers and delivery notifications (with separate consent).

Postal Marketing: Catalogs and promotional materials (with separate consent).

Personalised Recommendations: Product suggestions based on your browsing and purchase history.

We obtain explicit consent before sending marketing communications and make it easy for you to:

Choose which types of communications you want to receive
Update your preferences at any time
Unsubscribe from all marketing communications
Opt back in if you change your mind

13.3 Unsubscribing

You can unsubscribe from marketing communications at any time by:

Clicking the unsubscribe link in any marketing email
Logging into your account and updating your preferences
Replying “STOP” to SMS messages
Contacting our customer service team

We will process unsubscribe requests immediately and confirm when you have been removed from our marketing lists.

13.4 Legitimate Interest Marketing

In limited circumstances, we may send you marketing communications based on legitimate interests, such as:

Information about products similar to those you have purchased
Important updates about products you have bought
Customer satisfaction surveys

You always have the right to opt out of these communications.

14. Children’s Privacy

Our website and services are intended exclusively for adults aged 18 and over. We do not knowingly collect personal information from children under 18 years of age.

14.1 Age Verification

We implement age verification measures to prevent access by minors, including:

Age declaration requirements
Account verification processes
Monitoring for suspicious activity that might indicate underage access

14.2 Parental Responsibility

Parents and guardians are responsible for monitoring their children’s internet usage and preventing access to adult content. We recommend using parental control software and maintaining open communication about internet safety.

14.3 Reporting Underage Access

If we become aware that we have collected personal information from someone under 18, we will:

Delete the information immediately
Terminate any associated accounts
Implement additional measures to prevent future underage access
Report the incident to relevant authorities if required

If you believe a child has provided us with personal information, please contact us immediately so we can take appropriate action.

15. Third-Party Links

Our website may contain links to third-party websites, services, or applications that are not operated by us. This Privacy Policy does not apply to these third-party services, and we are not responsible for their privacy practices.

15.1 External Links

When you click on links to other websites, you will be subject to their privacy policies and terms of service. We encourage you to read the privacy policies of any third-party websites you visit.

Our website may include social media features and widgets. These features may collect information about your visit and may set cookies to enable proper functionality. Your interactions with these features are governed by the privacy policies of the respective social media companies.

15.3 Advertising Partners

We may work with third-party advertising partners who may collect information about your visits to our website and other sites to provide targeted advertisements. These partners have their own privacy policies governing their data collection and use practices.

16. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes and obtain your consent where required by law.

16.1 Notification of Changes

When we make changes to this Privacy Policy, we will:

Post the updated policy on our website
Update the “Last Updated” date at the top of this document
Send email notifications for significant changes (if you have consented to receive emails)
Provide prominent notice on our website for material changes

16.2 Your Continued Use

Your continued use of our website and services after we post changes constitutes your acceptance of the updated Privacy Policy. If you do not agree with the changes, please stop using our services and contact us to discuss your options.

16.3 Previous Versions

We maintain records of previous versions of this Privacy Policy for reference purposes. If you would like to review a previous version, please contact us.

17. Contact Information

If you have any questions about this Privacy Policy, wish to exercise your rights, or need to contact us about data protection matters, please use the following information:

Data Protection Contact: privacy@endlesspleasure.co.uk
General Inquiries: support@endlesspleasure.co.uk
Postal Address: Endless Pleasure Limited, C/O Shaw & Co, 3 Colegate, Norwich, Norfolk, England, NR3 1BN
Website: www.endlesspleasure.co.uk

17.1 Response Times

We aim to respond to all privacy-related inquiries within:

Data subject requests: 1 month (may be extended by 2 months for complex requests)
General privacy questions: 5 working days
Data breach reports: 24 hours for initial response

17.2 Identity Verification

For security purposes, we may need to verify your identity before responding to requests about your personal data. We will only request information necessary for verification and will handle it securely.

17.3 Complaints

If you are not satisfied with our response to your privacy concerns, you have the right to

lodge a complaint with the Information Commissioner’s Office (ICO):

Information Commissioner’s Office

Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF Telephone: 0303 123 1113

Website: www.ico.org.uk Email: casework@ico.org.uk

This Privacy Policy is designed to be comprehensive and transparent about our data practices. We are committed to protecting your privacy and handling your personal information with the care and respect it deserves. If you have any questions or concerns, please do not hesitate to contact us.

Table of Contents