Home

Privacy Policy of Aqua Pacific UK Ltd

Effective Date: June 7, 2025

Aqua Pacific UK Ltd (Brands: Aqua One, Pond One, Reptile One, Avi One, Pet One) ("we," "us," or "our") is committed to protecting your privacy and personal information. This Privacy Policy explains how we collect, use, store, and share your personal information, and outlines your legal rights in relation to that information.

We are dedicated to abiding by the requirements of the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, as well as the latest guidance from the Information Commissioner's Office (ICO) in the operation of our business.

Please read this policy carefully as it explains our views and practices regarding your personal information and how it is handled. By accessing or Browse our websites, applying for an extended warranty, entering one of our competitions, or acquiring our products through a third-party website (such as Amazon or eBay), you confirm that you have read, understood, and agree to this Privacy Policy in its entirety. If you do not agree with the practices described in this policy, you should not use our website(s) or provide us with your personal information.

1. Who We Are

Aqua Pacific UK Ltd is the data controller responsible for your personal information.

Our contact details are: Aqua Pacific UK Ltd, Unit 1 Mauretania Road, Nursling Industrial Estate, Southampton SO16 0YS

Registered Office: E3 The Premier Centre, Abbey Park, Romsey SO51 9DG 

Company registration no: 51686645 VAT Registration No: 845035437

2. Information Covered by This Policy

This policy covers all personal information we collect. In this policy, "personal information" means any information relating to an identified or identifiable natural person ('data subject'). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

This may include, but is not limited to:

• Your name

• Sex

• Postal address

• Email address

• Computer IP address

• Phone number (landline and/or mobile)

• Login information (if applicable, e.g., for warranty registration portals)

• Delivery details

• Access requirements

• Information about your employment (including job title, responsibilities, and employer’s details)

• Technical information from the devices you use to access our services (e.g., browser type and version, time zone setting, browser plug-in types and versions, operating systems and platform)

• Information about your visits to our website(s) (e.g., full URL, products viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information such as scrolling, clicks, and mouse-overs, methods used to browse away from the page, and any phone number used to call us).

3. Collection of Personal Information

We collect information about you from various sources as detailed below.

Please note: We act as a Data Controller in the processing of personal information described in this policy. While we may engage third-party service providers who act as data processors on our behalf, we determine the purposes and means of processing your data.

a. Information You Give Us: You may provide us with information about yourself when you:

• Access and browse our websites (including when you register for services, apply for an extended warranty, or fill in forms on our websites).

• Correspond with us by phone, email, post, or other electronic means.

• Participate in surveys, competitions, or promotions.

The information you give us may include:

• Contact details: Name, postal address, email address, landline and/or mobile telephone number.

• Transactional information: Delivery details (if you've purchased our products through a third party and require delivery support), purchase history (when acquiring products through third parties like Amazon/eBay).

• Service-related information: Details required for warranty registration or customer support.

• Employment information: Job title, responsibilities, and employer's details (if applicable to a business relationship).

• Any other personal information you choose to provide.

b. Information We Collect About You Automatically: When you visit our website(s), we may automatically collect certain technical and usage information using cookies and similar technologies. This includes:

• Technical Information: Internet Protocol (IP) address used to connect your computer to the internet, login information (if applicable), browser type and version, time zone setting, browser plug-in types and versions, operating system and platform.

• Usage Information: Full Uniform Resource Locators (URL) clickstream to, through, and from our sites (including date and time), products you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page.

• Communication Information: Any phone number used to call our customer service lines.

c. Information We Receive and Collect from Other Sources: We may receive information about you from:

• Other websites operated by us: For example, if you use a different Aqua Pacific UK Ltd brand website.

• Third-party partners: Such as e-commerce platforms (e.g., Amazon, eBay, where you acquire our products), payment processors (e.g., for phone orders related to support or warranty), and app providers who assist with our services or competitions.

• Publicly available sources: Including publicly available content on social media platforms.

4. Cookies and Similar Technologies

Our websites use cookies to distinguish you from other users. This helps us provide you with a good experience when you browse the websites and also allows us to improve our websites.

• What are cookies? Cookies are small text files that are placed on your computer or mobile device when you visit a website. They are widely used to make websites work more efficiently, as well as to provide information to the site owners.

• How we use cookies: We use cookies for various purposes, including:

  • Essential Cookies: Necessary for the website to function correctly (e.g., maintaining your session).

  • Analytical/Performance Cookies: To collect information about how visitors use our website, such as which pages are visited most often, and if they get error messages from web pages. These cookies help us improve how our website works.

  • Functionality Cookies: To remember choices you make (such as your username, language, or the region you are in) and provide enhanced, more personal features.

  • Targeting/Advertising Cookies: These cookies record your visit to our website, the pages you have visited, and the links you have followed. We may use this information to make our website and the advertising displayed on it more relevant to your interests. We may also share this information with third parties for this purpose.

Your Consent for Cookies: We will obtain your consent for the use of non-essential cookies (analytical, functionality, targeting/advertising cookies) when you first visit our website, typically through a cookie banner or pop-up. You will have the option to accept or decline these cookies, and to manage your preferences. You can also manage your cookie preferences through your browser settings.

5. Lawful Bases for Processing Your Personal Information

We will only process your personal information when we have a lawful basis to do so under the UK GDPR. The lawful bases we rely on include:

• Contract: Where the processing is necessary for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into a contract (e.g., processing your details to manage a warranty registration, provide customer support related to a product you acquired, or respond to an inquiry).

• Legitimate Interests: Where the processing is necessary for our legitimate interests or those of a third party, provided your fundamental rights and freedoms do not override those interests. We have conducted a Legitimate Interest Assessment (LIA) to ensure that we can justify our decisions. We review our LIA periodically (at least every twelve months) to ensure it remains valid. Based on our assessment, we deem that the rights and freedoms of the data subject would not be overridden by our processing of personal data for purposes such as:

  • Improving our products and services.

  • Website analytics and understanding user behaviour to enhance website experience.

  • Detecting and preventing fraud or security issues.

  • Sending non-marketing communications related to our products or services (e.g., product updates, safety notices).

  • Direct marketing, where consent is not required (e.g., to existing customers for similar products/services, with a clear opt-out).

• Consent: Where you have given us clear consent for us to process your personal information for a specific purpose (e.g., for sending you marketing communications). You have the right to withdraw your consent at any time, as easily as you gave it.

• Legal Obligation: Where the processing is necessary for compliance with a legal obligation to which we are subject (e.g., for tax purposes, product safety recalls, or responding to law enforcement requests).

• Vital Interests: Where the processing is necessary to protect someone's life (rarely applicable but available).

6. How We Use Your Personal Information

We use the personal information we collect for the following purposes:

• To provide and manage our products and services:

  • Managing extended warranty registrations.

  • Providing customer support and responding to inquiries.

  • Delivering products, services, or information you have requested (e.g., spare parts).

• To improve and personalise your experience:

  • Analysing website usage to enhance functionality and user experience.

  • Personalising content and product recommendations (where applicable and permitted).

• For marketing and promotional activities:

  • Sending you marketing communications (if you have consented or where legitimate interest applies) about our brands (Aqua One, Pond One, Reptile One, Avi One, Pet One), products, services, and promotions.

  • Managing and administering competitions and promotions.

  • Conducting market research and analysis to understand customer preferences.

• For internal business operations:

  • Maintaining our records.

  • Ensuring the security of our websites and systems.

  • Detecting and preventing fraud or other illegal activities.

  • Complying with legal obligations and regulatory requirements.

  • Conducting financial auditing and reporting.

• For recruitment and employment purposes: (If you apply for a job with us, your information will be processed in accordance with a separate internal HR privacy policy).

7. Sharing Your Personal Information

We may share your personal information with third parties in the following circumstances:

• Within Our Organisation: We may share your personal information within Aqua Pacific UK Ltd (across our brands) to enable you to access our services, provide customer support, and conduct the other activities described in this Privacy Policy.

• Service Providers: We use other companies, agents, or contractors ("Service Providers") to perform services on our behalf or to assist us with the provision of services to you. These include:

  • Delivery companies for product shipment (e.g., for warranty parts or direct customer support needs).

  • Marketing agencies for competitions, advertising, and communications.

  • Event management companies (including logistics, health and safety, and audio-visual services).

  • IT service providers, including hosting and infrastructure providers.

  • Payment processors (e.g., for phone orders related to spare parts or service fees, not direct product sales).

  • Data cleansing and processing services.

  • Customer relationship management (CRM) software providers.

  • Email service providers. These Service Providers are contractually bound only to use personal information to perform these services for us and are required to implement appropriate security measures.

• Business Transfers: In the event that we sell or buy any business or assets, we may disclose your personal data to the prospective seller or buyer of such business or assets. If Aqua Pacific UK Ltd or substantially all of its assets are acquired by a third party, personal data held about its customers will be one of the transferred assets.

• Legal and Regulatory Requirements: We may disclose your personal information to third parties if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, court order, or in order to enforce our terms and conditions or other agreements, or to protect the rights, property, or safety of Aqua Pacific UK Ltd, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.

• With Your Consent: We may share your personal information with other third parties when you have given us your explicit consent to do so.

8. International Transfers of Personal Information

The personal data that we collect from you may be transferred to, and stored at, a destination outside the UK and European Economic Area (EEA), specifically our head office in Sydney, Australia. It may also be processed by staff operating outside the UK/EEA who work for us or for one of our Service Providers. Such staff may be engaged in, among other things, the provision of services to you or the processing of your payment details.

When transferring your personal data outside the UK/EEA, we ensure a similar degree of protection is afforded to it by implementing at least one of the following safeguards:

• Adequacy Decisions: We will transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission or the UK government. Australia has been recognised as providing an adequate level of protection for transfers from the EU to Australia. For UK transfers, we ensure appropriate safeguards are in place.

• Standard Contractual Clauses (SCCs) and International Data Transfer Agreement (IDTA): We may use specific contracts approved for use in the UK and EEA which give personal data the same protection it has in the UK/EEA. These are often referred to as Standard Contractual Clauses (SCCs) for EU transfers and the International Data Transfer Agreement (IDTA) or the Addendum to the EU SCCs for UK transfers. We will ensure appropriate contractual measures are in place with the receiving party.

• Binding Corporate Rules (BCRs): If applicable, for intra-group transfers, we may rely on Binding Corporate Rules.

We will take all steps that are mandatory or reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and applicable data protection laws.

9. Security of Personal Information

We implement appropriate administrative, technical, and physical measures to safeguard your personal information against loss, theft, and unauthorised uses, access, or modifications. This includes, but is not limited to:

• Encryption: Using encryption for data in transit and at rest where appropriate.

• Access Controls: Restricting access to personal information to authorised personnel on a need-to-know basis.

• Regular Security Assessments: Conducting regular security audits and vulnerability assessments.

• Independent Third-Party IT Contractor: Engaging an independent third-party IT contractor to ensure robust security practices.

• Password Protection: Certain areas of our websites may be password protected. Where we have given you (or where you have chosen) a password, you are responsible for keeping this password confidential. We ask you not to share your password(s) with anyone.

• Employee Training: Training our employees on data protection and security best practices.

10. Payments

No direct payments can be made via our websites for product purchases. If you wish to make a credit card payment for a service (e.g., spare parts not covered by warranty) it will be processed over the phone. All such payments are processed in a secure environment using software provided by reputable third-party payment processors. We do not store your full credit card details between transactions.

11. Data Retention

We will retain your personal information for no longer than is necessary for the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

For example:

• Customer service data: Retained for a period required for warranty, product support, and legal/tax obligations (e.g., 6-7 years for financial records).

• Marketing consent records: Retained until you withdraw consent or for a reasonable period after inactivity.

• Website usage data: Retained for analytical purposes for a limited period, typically anonymised where possible.

• Warranty registration data: Retained for the duration of the product's warranty period and a reasonable period thereafter for support and compliance.

Upon the expiration of the retention period, your personal information will be securely deleted or anonymised.

12. Third-Party Websites and Apps

Our websites may contain links to and from third-party websites, and we may provide you with details of apps provided by third parties. Please note that if you follow a link to any of these websites or download an app, these websites and apps will have their own terms of use and privacy policies. We do not accept any responsibility or liability for these policies. We strongly encourage you to review the privacy statements and terms of any third-party websites or apps before you submit any personal data to them.

13. Your Rights

Under the UK GDPR, you have the following rights with respect to the personal information we hold about you:

• The Right to Be Informed: You have the right to receive clear, transparent, and easily understandable information about how we use your personal information and your rights. This is provided in this Privacy Policy.

• The Right of Access (Subject Access Request): You have the right to request a copy of the personal information we hold about you. We will endeavour to make our file of your information available to you within one month of receiving your request. Occasionally, we may not be able to give you access to all the personal information we hold about you (e.g., if it would unreasonably affect someone else's privacy or if giving you access poses a serious threat to someone's life, health, or safety). We will inform you if this is the case. You also have the right to be informed of the third parties to whom we transfer your personal data.

• The Right to Rectification: You have the right to request that we correct any information you believe is inaccurate or incomplete. If you have an account with us, you can email us at sales@aquapacific.co.uk to update or correct your personal information. We will action this as soon as possible.

• The Right to Erasure (Right to Be Forgotten): In certain circumstances, you have the right to request that we delete your personal information from our records. This right is not absolute and only applies in certain situations (e.g., if the data is no longer necessary for the purpose for which it was collected, or if you withdraw consent and there is no other legal basis for processing).

• The Right to Restrict Processing: You have the right to ask us to restrict the processing of your personal information in certain circumstances (e.g., if you contest the accuracy of the data, or if you object to the processing and we are verifying our legitimate grounds).

• The Right to Object to Processing: You have the right to object to us processing your personal information where that processing is based on our legitimate interests (including profiling for direct marketing purposes). We will stop processing your data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms, or for the establishment, exercise, or defence of legal claims.

  • Direct Marketing: You have the right to object to any processing for direct marketing purposes, including profiling for direct marketing. We will only send you marketing communications if you have previously agreed to this (unless a legitimate interest exemption applies, in which case we will always provide an easy opt-out). If you change your mind, you can easily unsubscribe from our marketing communications at any time by following the instructions included in those communications or by contacting us directly.

• The Right to Data Portability: Where we hold personal information about you with your consent or for the performance of a contract with you, you have the right to ask us to provide you with the personal information we hold about you in a structured, commonly used, and machine-readable format. Where technically feasible, you also have the right to request that we transmit that data directly to another organisation.

• Rights in Relation to Automated Decision-Making and Profiling: You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you, unless it is necessary for entering into, or performance of, a contract between you and us, is authorised by law, or is based on your explicit consent. We currently do not engage in automated decision-making that would produce such effects on you.

14. Making a Complaint

If you have concerns about our handling of your personal information, please contact us in the first instance so we can try to resolve it. You have the right to lodge a complaint with the data protection authorities if you believe that we have not complied with applicable data protection laws.

The UK's data protection authority is the Information Commissioner's Office (ICO). You can find more information about making a complaint to the ICO on their website: www.ico.org.uk.

To make a complaint to us, please email sales@aquapacific.co.uk with the subject line "Data Protection Issue."

15. Changes to Our Privacy Policy

We reserve the right to amend this Privacy Policy at our sole discretion, without prior notice to you, to reflect changes in our practices, legal requirements, or regulatory guidance. Any changes will be posted on this page with an updated "Effective Date." Your continued use of our services or our websites following the posting of changes to these terms means that you consent to those changes. We encourage you to review this Privacy Policy periodically.

16. Contact Us

If you have any questions about this Privacy Policy, or if you would like to exercise any of your rights regarding your personal information, please contact our Data Protection Officer (DPO) by emailing sales@aquapacific.co.uk and using the subject line "Data Protection Officer."