privacy policy.

1. who we are

diam systems ltd ("we", "us", "our") is a company registered in the united kingdom. we are the data controller for personal data collected through our website and services.

2. what data we collect

we may collect the following personal data:

• contact information: name, email address, phone number (when you make a purchase or contact us)
• shipping information: postal address (for physical product orders)
• payment data: processed securely by stripe and gumroad — we never store card details
• usage data: pages visited, browser type, device information, IP address (via cookies and analytics)
• newsletter: email address if you subscribe to updates

3. how we use your data

• to fulfil and deliver orders
• to process payments securely
• to communicate with you about your orders or inquiries
• to send marketing emails (only with your consent, and you can unsubscribe anytime)
• to improve our website and services
• to comply with legal obligations

4. legal basis for processing

we process your data under the following legal bases:

• contract: necessary to fulfil orders and provide services
• consent: for marketing communications and non-essential cookies
• legitimate interest: to improve our services and prevent fraud
• legal obligation: to comply with tax, accounting, and regulatory requirements

5. data sharing

we share personal data only with:

• stripe: payment processing
• gumroad: software product sales and delivery
• printify: apparel order fulfilment and shipping
• royal mail / carriers: physical delivery of goods

we do not sell your personal data to third parties.

6. data retention

we retain personal data for as long as necessary to fulfil the purposes outlined in this policy, or as required by law. order data is retained for 6 years for tax and accounting purposes. you may request deletion of your data at any time.

7. your rights (GDPR)

under uk GDPR, you have the right to:

• access your personal data
• rectify inaccurate data
• request erasure ("right to be forgotten")
• restrict processing
• data portability
• object to processing
• withdraw consent at any time

to exercise these rights, email privacy@diamsystems.co.uk.

8. cookies

we use cookies to improve your experience. see our cookie policy for full details.

9. security

we implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction.

10. children

our services are not directed at individuals under 16. we do not knowingly collect personal data from children.

11. changes to this policy

we may update this policy from time to time. changes will be posted on this page with an updated date.

12. contact

for privacy-related inquiries: privacy@diamsystems.co.uk