Data Processing Agreement (DPA)

How We Process Personal Information

This page explains how We Print Lanyards processes personal information in accordance with UK GDPR and the Data Protection Act 2018.

It outlines our responsibilities as a Data Controller, how we protect personal information and the measures we take to support compliance with applicable data protection legislation.

This page should be read alongside our Privacy Policy, Website Security Commitment and Data Retention Policy.

Our Role

We Print Lanyards acts as a Data Controller when processing personal information relating to our business activities.

As a Data Controller, we determine the purposes for which personal information is collected and how it is processed.

We Print Lanyards does not provide data processing services on behalf of clients and does not act as a Data Processor for customer data.

Personal Information We Process

Depending on how you interact with We Print Lanyards, we may process personal information including:

  • Names
  • Business contact details
  • Delivery and billing information
  • Order information
  • Customer account information
  • Marketing preferences
  • Website usage information
  • Customer enquiries and communications

The information processed depends on the services you use and your interactions with our business.

Why We Process Personal Information

We process personal information in order to:

  • Process and fulfil customer orders
  • Provide customer support
  • Respond to enquiries
  • Manage customer accounts
  • Meet legal and regulatory obligations
  • Improve our products, services and website
  • Send marketing communications where appropriate

Further information about lawful processing can be found within our Privacy Policy.

Security Measures

We apply appropriate technical and organisational measures to help protect personal information.

These include:

  • Microsoft Azure UK cloud infrastructure
  • Secure user access controls
  • HTTPS encryption
  • Continuous security monitoring
  • Vulnerability management
  • Immutable daily backups
  • Cyber Essentials Plus certified security practices

Further information can be found within our Website Security Commitment.

Data Retention

Personal information is retained only for as long as necessary to fulfil the purposes for which it was collected or where required by law.

Retention periods vary depending on the type of information being processed.

Further information can be found within our Data Retention Policy.

International Data Transfers

Based on our current operations, We Print Lanyards does not transfer customer personal information outside the United Kingdom.

Should this position change in the future, appropriate safeguards will be implemented in accordance with UK GDPR.

Information Commissioner's Office Registration

CCL Industries (U.K.) Limited, the trading entity for We Print Lanyards, is registered with the Information Commissioner's Office (ICO).

Registration Reference: ZC074755

This registration demonstrates our commitment to meeting our responsibilities under UK data protection legislation.

Your Rights

Under UK GDPR you have the right to:

  • Request access to your personal information
  • Request correction of inaccurate information
  • Request deletion where applicable
  • Restrict certain processing
  • Object to certain processing
  • Request data portability where applicable

Some requests may be limited where we are legally required to retain certain information. To exercise any of these rights, please contact us at data@weprintlanyards.com.

Further information can be found within our:

Contact Us

If you have any questions regarding how We Print Lanyards processes personal information, please contact us via our Contact Us page. To exercise your rights under UK GDPR, please contact us at data@weprintlanyards.com.

Last Updated: 01 July 2026

Frequently Asked Questions

A Data Processing Agreement explains how an organisation processes and protects personal information while complying with UK data protection legislation.

We Print Lanyards acts as a Data Controller when processing personal information relating to its own business activities. We do not provide data processing services on behalf of clients.

Depending on your interaction with us, we may process names, business contact details, delivery information, order information, customer account information, marketing preferences and customer enquiries.

We process personal information to provide our products and services, fulfil customer orders, provide customer support, meet legal obligations and manage our business operations.

No. Based on our current operations, customer personal information is not transferred outside the United Kingdom.

We use secure Microsoft Azure UK cloud infrastructure, HTTPS encryption, Cyber Essentials Plus certified security practices, continuous monitoring and other technical and organisational security measures.

Retention periods vary depending on the type of information being processed. Full details are available within our Data Retention Policy.

Further information can be found within our: