GDPR policy

Limitless is 100% GDPR compliant: 

  • All of our customer data is held on secure servers and access to customer data is carefully controlled. 

  • We have defined a ‘right to be forgotten’ process, but as yet have had no need to use it – our defined period of data retention is 12 months to fully support to ordering and returns duration.

  • We do keep past histories of our transactions, as our Returns policies effectively allow a historic customer to return an item which has fallen short of standard, even many years into the future, albeit any customer who exercises their ‘right to be forgotten’ option will be anonymised in our database.