The ChronoKings Privacy Policy

Effective date: 11 March 2026
Version: 1.0

1. Who We Are

The ChronoKings brand is the trading name of THE LUXURY EXCHANGE GROUP LTD.

Controller: THE LUXURY EXCHANGE GROUP LTD trading as The ChronoKings
Registered office: Bartle House, Oxford Court, Manchester, United Kingdom, M2 3WQ
Company number: 16650862
Email: admin@thechronokings.com
Contact method: Via the website contact form

This policy explains how we collect, use, store, share, and protect personal data when you use our website, buy from us, sell to us, or otherwise contact us.

2. Scope

This policy applies to data collected through:

  1. The ChronoKings website and related digital services.
  2. Email, live chat, website contact form, WhatsApp chat, and social media communication with us.
  3. Purchase, sale, valuation, consignment, part-exchange, and aftersales processes.

3. What Personal Data We Collect

We may collect:

  1. Identity data: name, title, date of birth, ID document data where needed.
  2. Contact data: email and billing/delivery addresses.
  3. Transaction data: items viewed, ordered, sold, offered, returned, and refunded.
  4. Payment data: payment method details, transaction references, and bank details where relevant.
  5. Verification and compliance data: KYC/AML checks, sanctions screening outcomes, fraud indicators.
  6. Communications data: messages, call notes, complaint records, and support interactions.
  7. Technical data: IP address, browser type, device identifiers, cookies, and site usage logs.
  8. Marketing data: subscription preferences, campaign interactions, consent records.

We do not intentionally collect special category data unless it is strictly required for legal claims, fraud prevention, or compliance and we have a lawful basis to do so.

4. How We Collect Data

  1. Directly from you when you create an account, place an order, request a quote, or contact us.
  2. Automatically via strictly necessary technical cookies and basic security logs when you use our site.
  3. From third parties, including payment providers, fraud prevention providers, delivery partners, and law enforcement where lawful.

5. Lawful Bases for Processing

Under UK GDPR and the Data Protection Act 2018, we rely on:

  1. Contract: to perform or prepare a contract with you.
  2. Legal obligation: AML, sanctions, tax, accounting, consumer rights, and law-enforcement obligations.
  3. Legitimate interests: operating and securing our business, fraud prevention, service improvement, customer service, and legal claims handling.
  4. Consent: where required, including direct marketing communications.

6. How We Use Your Data

We use personal data to:

  1. Process purchases, sales, returns, and aftersales services.
  2. Verify identity and prevent fraud, money laundering, sanctions breaches, and abuse.
  3. Arrange delivery, insurance, tracking, and operational notifications.
  4. Manage customer accounts, records, and transaction histories.
  5. Handle complaints, disputes, and legal claims.
  6. Improve our services, website performance, and security.
  7. Send marketing where lawful and in line with your preferences.

7. Fraud Prevention and Compliance Monitoring

To protect users and the business, we may:

  1. Screen transactions for fraud indicators.
  2. Verify identity and source-of-funds where required.
  3. Check details against lost/stolen and compliance databases.
  4. Share relevant information with financial institutions, payment processors, insurers, and authorities where legally required.

Where we suspect unlawful activity, we may retain and disclose data as necessary for establishing, exercising, or defending legal claims, or to comply with legal obligations.

8. Who We Share Data With

We may share data with:

  1. Payment processors and banking partners (including Money X as our payment provider where applicable).
  2. Courier, logistics, and insurance providers.
  3. Fraud prevention, identity verification, and compliance providers.
  4. Professional advisers, auditors, and insurers.
  5. IT, hosting, and CRM vendors acting as processors.
  6. Regulators, law enforcement, tax authorities, and courts where legally required.
  7. Buyers/sellers where needed to complete a transaction.

We require processors to use data only on our instructions and to implement appropriate security measures.

Payment method note: For customer checkout transactions, we currently accept bank transfer payments only via our payment route.

9. International Data Transfers

Where data is transferred outside the UK, we implement appropriate safeguards, such as:

  1. UK International Data Transfer Agreement (IDTA) or Addendum.
  2. UK-recognized adequacy regulations.
  3. Contractual and technical measures appropriate to risk.

10. Data Retention

We keep personal data only as long as necessary for stated purposes and legal obligations.

Typical retention periods:

  1. Core transaction and accounting records: up to 6 years after end of relevant tax/accounting period (or longer where required).
  2. Contract and dispute records: up to 6 years after contract end, and longer where litigation risk exists.
  3. AML/KYC records: as required by applicable law and risk controls.
  4. Marketing suppression lists: retained as needed to honor opt-out requests.
  5. Website logs and security records: retained in line with security and incident-response needs.

When no longer needed, data is securely deleted or irreversibly anonymized.

11. Strictly Necessary Cookies

We currently use only strictly necessary cookies and similar technical storage for:

  1. Essential site functionality.
  2. Security and fraud-prevention controls.
  3. Basic session management (for example, checkout or account state where applicable).

Because these are strictly necessary, consent is not required for their use under PECR. You can still control cookies through your browser settings, but disabling necessary cookies may impact website functionality.

If we introduce non-essential cookies (such as analytics, advertising, or personalization cookies), we will update this policy and implement an appropriate consent mechanism before using them.

12. Marketing and Communications

We may send marketing by email, SMS, or social channels where lawful. You can opt out at any time by:

  1. Clicking unsubscribe in marketing messages.
  2. Contacting us at admin@thechronokings.com or via our website contact form.

We may still send service messages required for transactions and account administration.

13. Your Rights

Subject to legal conditions, you may have rights to:

  1. Access your personal data.
  2. Rectify inaccurate data.
  3. Erase data in certain circumstances.
  4. Restrict processing in certain circumstances.
  5. Object to processing based on legitimate interests.
  6. Data portability for data you provided.
  7. Withdraw consent where processing is based on consent.

To exercise rights, contact admin@thechronokings.com or use our website contact form. We may request identity verification before actioning requests.

14. Security

We implement technical and organizational measures designed to protect personal data, including encryption in transit, access controls, secure hosting practices, and role-based data access.

No system is completely risk-free, but we continuously improve safeguards based on risk and technology changes.

15. Third-Party Links

Our site may link to external websites. We are not responsible for the privacy practices of third-party sites. Please review their privacy notices.

16. Children

Our services are not directed at children under 18. We do not knowingly collect personal data from children.

17. Changes to This Policy

We may update this policy from time to time. The latest version will be posted on our website with the effective date.

18. Contact and Complaints

For privacy queries or rights requests:
Email: admin@thechronokings.com
Website contact: Use the contact form on our website
Address: Bartle House, Oxford Court, Manchester, United Kingdom, M2 3WQ

If you are unhappy with how we handle your data, you may complain to the UK Information Commissioner’s Office (ICO): https://ico.org.uk/

For non-data complaints about products or services, please contact us first at admin@thechronokings.com. As an N.A.J. member (NAJ-73735), customers may have access to independent dispute resolution through N.A.J. Resolve where applicable and subject to scheme eligibility rules.