The Pet HeadquartersCart
View CartYour cart is empty
The Pet HeadquartersYour cart is empty
Premium products for your beloved companions.
The Pet Headquarters is a trading name of CHERYA HOLDINGS LIMITED, a company registered in England and Wales (company no. 17203315). Registered office: 167-169 Great Portland Street, London, W1W 5PF. In this policy, "we", "us", and "our" mean CHERYA HOLDINGS LIMITED. We are the data controller responsible for your personal data and we comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
For any privacy-related question or to exercise your rights, email contact@thepetheadquarters.co.uk. You can also write to us at our registered office above. We aim to respond within 7 working days and always within the 30-day deadline UK GDPR allows.
We collect: contact information (name, email, phone, delivery address) when you place an order or create an account; payment information processed securely through our payment provider (we never see or store your full card number); browsing data including pages visited, products viewed and search queries; device and technical data such as IP address, browser type and operating system; communication data from emails, contact forms or customer service messages.
We use your data to process and fulfil your orders, communicate about your orders and account, improve our website and product range, send marketing communications (only with your consent), comply with our tax and legal obligations, and prevent fraud and abuse.
We process your data on these bases: contractual necessity (to fulfil your order); legitimate interests (improving our services and preventing fraud); consent (for marketing communications and analytics, where you've opted in); legal obligation (tax records, accounting, statutory reporting).
We share the minimum needed with these processors: Stripe (payment processing); our delivery courier(s) for shipping addresses; our email provider for transactional emails; Cloudinary (image hosting, where you upload personalisation images). Each processor is bound by a data processing agreement and only handles your data on our instructions. We never sell your personal data.
Some of our processors (e.g. Stripe, Cloudinary) process data outside the UK and EEA, including in the United States. Where this happens, we rely on the UK government's adequacy decisions or on the UK International Data Transfer Addendum to the EU Standard Contractual Clauses to ensure your data receives equivalent legal protection.
Order records (including invoices and customer details on the order): 7 years from the order date, as required by HMRC for VAT and corporation tax. Account data: until you delete your account, then anonymised within 30 days. Marketing consent and communications: until you withdraw consent, then deleted within 30 days. Contact-form messages: 24 months. Analytics data: aggregated and not tied to your identity beyond 24 hours.
We use appropriate technical and organisational measures to protect your data: HTTPS-only delivery, encrypted database backups, access controls limiting who on our team can see customer data, and a card-data scope of zero (Stripe handles all payment details). We review these regularly and notify you and the ICO within 72 hours of any breach affecting your personal data, as required by UK GDPR.
Under UK GDPR you have the right to: access your personal data; rectify inaccurate data; erase your data ("right to be forgotten"); restrict processing; data portability; object to processing; withdraw consent at any time. To exercise any of these, email contact@thepetheadquarters.co.uk.
If you believe we've handled your data unlawfully, you have the right to complain to the Information Commissioner's Office (ICO). Contact them at https://ico.org.uk/make-a-complaint/ or 0303 123 1113. We'd appreciate the chance to address concerns first if you contact us before going to the ICO.
We do not use automated decision-making, profiling, or algorithmic scoring that produces legal effects or similarly significant effects on you. Any review of high-risk orders is done by a person.
Our website is not directed at children under 13. We do not knowingly collect personal data from children. If you believe a child has provided us with their data, please contact us and we will delete it promptly.
We use as little tracking as possible — see our Cookie Policy for the full details.
We may update this policy as our services evolve. Material changes will be flagged on the website. The "last updated" date at the top always reflects the current version.