top of page
EpicBoilers

Epic Boilers Privacy Policy

A LEGAL DISCLAIMER

IMPORTANT NOTICE: This Privacy Policy document is a template provided solely for the purpose of informing you of common data protection principles.

This template is NOT legal advice. It has not been prepared by a solicitor and cannot account for all specific legal, operational, or regulatory requirements of Epic Boilers under Scottish and UK data protection law (including GDPR).

You MUST obtain independent legal advice from a qualified professional specializing in data protection before publishing this policy on your website or relying on it for handling customer data. Epic Boilers is not liable for any consequences arising from the use of this unverified template.

PRIVACY POLICY - THE BASICS 

Epic Boilers (a trading name of Epic Services Group), based in Whitburn, Bathgate, Scotland.

Last Updated: 21/11/2025

 

1. Introduction and Purpose

 

Epic Boilers is committed to protecting the privacy and security of your personal data. This Privacy Policy describes how we collect, use, and process the personal information you provide to us when you use our website, request a quote, or book our plumbing and heating services (including boiler servicing, installation, and repair).

This policy is designed to give you information on how Epic Boilers collects and processes your personal data through your use of this website, including any data you may provide when you sign up for a newsletter or purchase a service.

Epic Boilers is the Data Controller responsible for your personal data.

 

1.1. Contact Details

 

If you have any questions about this Privacy Policy or our data handling practices, please contact us:

  • Epic Boilers

  • Address: 7 Wood Drive, Whitburn, Bathgate, Scotland, EH47 0ND.

  • Email: gcmirica@gmail.com

  • Phone: 07596044322

 

1.2. Supervisory Authority

 

You have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO, so please contact us in the first instance.

 

2. Information We Collect

 

We may collect, use, store, and transfer different kinds of personal data about you:

  • Identity Data: First name, last name, title.

  • Contact Data: Billing address, service address, email address, and telephone numbers.

  • Financial Data: Payment card details (processed securely by third-party processors, not stored by us), and bank account details for refunds or BACS payments.

  • Technical Data: Internet protocol (IP) address, browser type and version, time zone setting, operating system, and platform used to access our website.

  • Usage Data: Information about how you use our website and services (e.g., pages visited, time spent on the site).

  • Marketing and Communications Data: Your preferences in receiving marketing from us and your communication preferences.

We do not collect any Special Categories of Personal Data about you (this includes details about your race, religion, health, etc.).

 

3. How We Collect Your Data

 

We use different methods to collect data from and about you, including:

  • Direct Interactions: You provide us with your Identity, Contact, and Financial Data by filling in forms (e.g., "Get a Quote," "Contact Us"), booking a service, or communicating with us by phone, email, or text.

  • Automated Technologies: As you interact with our website, we automatically collect Technical and Usage Data using cookies and similar technologies.

  • Third Parties: We may receive personal data about you from third parties such as technical and payment data from payment processors (Wix, Stripe, PayPal) and analytics providers (Google Analytics).

 

4. How We Use Your Data and Our Lawful Basis

 

We will only use your personal data when the law allows us to, based on a lawful basis under the GDPR.

The most common reasons for using your data are:

  • Performance of a Contract: To fulfil the contract we have with you (e.g., to install a boiler).

  • Legal Obligation: To comply with a legal or regulatory requirement (e.g., Gas Safe reporting).

  • Legitimate Interests: When necessary for our business interests, provided your fundamental rights do not override them (e.g., improving our services or preventing fraud).

  • Consent: When you have given your clear consent for a specific purpose.

 

Purposes for which we will use your personal data:

 

  1. To Register You as a New Customer: Based on Performance of a Contract.

  2. To Provide Services and Deliver Goods: Based on Performance of a Contract. This covers all booked services.

  3. To Manage Payments and Fees: Based on Performance of a Contract and Legitimate Interests (to recover debts).

  4. To Manage Our Relationship with You (e.g., sending service reminders): Based on Legal Obligation and Legitimate Interests.

  5. To Administer and Protect Our Business and Website: Based on Legitimate Interests (for security, maintenance, and fraud prevention).

  6. To Send Marketing Communications: Based on Consent (where legally required) or Legitimate Interests (for existing customers).

 

5. Sharing Your Personal Data

 

We may share your personal data with the following parties:

  • Service Providers: Third-party IT support, website hosting, and payment processors who provide services to us.

  • Manufacturers: To register your new boiler for warranty purposes with the manufacturer.

  • Gas Safe Register: We share data necessary for legally required notifications related to gas work.

  • Professional Advisers: Lawyers, bankers, auditors, and insurers.

  • Tax Authorities: HM Revenue & Customs (HMRC) and other UK regulators.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law.

 

6. International Transfers

 

We do not routinely transfer your personal data outside the UK or European Economic Area (EEA). If a transfer is necessary, we ensure that the data is protected by relying on approved contracts or transferring only to countries deemed to have an adequate level of data protection.

 

7. Data Security

 

We have implemented appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorised way. We limit access to your personal data to those employees and third parties who have a business need to know and who are subject to a duty of confidentiality.

 

8. Data Retention

 

We retain your personal data only for as long as necessary to fulfil the purposes we collected it for, including satisfying legal, accounting, or reporting requirements. As a general guideline, records related to boiler services and installations are kept for a minimum of six years to comply with legal obligations.

 

9. Your Legal Rights (GDPR)

 

Under data protection law, you have rights regarding your personal data, including the right to:

  • Access the data we hold about you.

  • Request correction of inaccurate data.

  • Request erasure of your data.

  • Object to processing (e.g., direct marketing).

  • Request restriction of processing.

  • Request data portability.

If you wish to exercise any of these rights, please contact us using the details in Section 1.

bottom of page