GDPR Compliance

1. Our Commitment to Data Protection

Druino is committed to protecting personal data and respecting the privacy rights of individuals. We process personal data lawfully, fairly, and transparently in accordance with the principles of the UK GDPR. This page provides a summary of our GDPR compliance measures and should be read together with our Privacy Policy.

2. Data Controller Information

For the purposes of the UK GDPR, Druino acts as the data controller for personal data processed through druino.co.uk.

Contact details: Email: support@druino.co.uk Phone: +44 20 8040 4209 Address: 71–75 Shelton Street, London, England, WC2H 9JQ, United Kingdom

3. Lawful Bases for Processing

We only process personal data when a lawful basis applies, including:

Contractual necessity – processing orders and delivering products
Legal obligation – compliance with tax and accounting laws
Legitimate interests – fraud prevention, security, service improvement
Consent – marketing communications and non-essential cookies

4. Categories of Personal Data

We may process the following categories of personal data:

Identity and contact information
Billing and transaction details
Order and account history
Technical data (IP address, browser, device)
Customer support communications

5. Your Data Protection Rights

Under the UK GDPR, you have the right to:

Access your personal data
Correct inaccurate or incomplete data
Request deletion of your data (where applicable)
Restrict or object to processing
Data portability
Withdraw consent at any time

6. Data Retention

Personal data is retained only for as long as necessary to fulfil the purposes for which it was collected, including legal, accounting, and reporting obligations.

7. Data Security Measures

We implement appropriate technical and organisational measures to protect personal data, including secure hosting, encryption, access controls, and use of PCI-DSS compliant payment providers.

8. International Data Transfers

Where personal data is transferred outside the United Kingdom, we ensure appropriate safeguards are in place, such as adequacy regulations or contractual protections.

9. Third-Party Processors

We may engage trusted third-party service providers (such as payment processors, hosting providers, and analytics tools) to operate our services. All processors are required to comply with UK GDPR.

10. Microsoft Authorized Reseller Compliance

Genuine Microsoft Products

All software license keys sold by Druino are genuine Microsoft products obtained through authorized and legitimate distribution channels and governed by Microsoft’s official licensing terms.

Authorized Reseller & Distribution Compliance

Druino operates as an independent software reseller and complies with Microsoft’s licensing, distribution, and resale requirements applicable to authorized channels.

Security & Privacy

We apply enterprise-grade security controls and process personal data in compliance with the UK GDPR and the Data Protection Act 2018.

Global Compliance

Our operations meet regulatory requirements across multiple jurisdictions, enabling us to serve international customers while respecting applicable consumer protection and data privacy laws.

Microsoft Partnership Commitment: Druino operates independently and is not owned, operated, or endorsed by Microsoft Corporation. All Microsoft software, trademarks, and intellectual property remain the property of Microsoft. Transactions are conducted in accordance with Microsoft’s licensing terms, partner policies, and brand usage guidelines.

11. Complaints

If you believe your data protection rights have been violated, please contact us first. You also have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO). ICO website: https://ico.org.uk

This GDPR Compliance Statement forms part of our Privacy Policy and Terms of Service. Druino • 71–75 Shelton Street, London, England, WC2H 9JQ • United Kingdom