Last Updated: 07.07.2025
1. Introduction
This Privacy Policy explains how Eshoppy Ltd (“we”, “us”, or “our”) collects, uses, stores, and protects your personal data when you visit our website eshoppy.uk or purchase goods through our platform. As a UK-based business, we are committed to processing your personal information in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. By accessing or using our website, you acknowledge and accept the practices described in this policy.
2. Who We Are
Eshoppy Ltd is a company registered in the United Kingdom with its registered office at 124-128 City Road, EC1V 2NX, London. We are the data controller responsible for the processing of your personal data under this policy. You may contact us for any privacy-related enquiries via email at support@eshoppy.uk
3. What Data We Collect
We collect personal data that you voluntarily provide when you place an order, create an account, or contact our support team. This includes your name, billing and shipping addresses, phone number, email address, and payment details (processed securely through third-party providers). If you choose to create an account, we also collect your login credentials. Additionally, we automatically collect technical data such as your IP address, browser type, device type, operating system, and pages visited using cookies and similar technologies. We also collect transaction-related data such as the products you purchase, your order history, and delivery preferences.
4. How We Use Your Data
We use your personal data to fulfil your orders, process payments, arrange delivery, provide customer support, and manage your account. We also use your data to improve the functionality and performance of our website, to send service-related communications such as order confirmations and shipping updates, and, where permitted, to send marketing communications. Your data may also be processed to comply with legal obligations, such as financial and tax reporting, and to prevent fraudulent activity or misuse of our services.
5. Legal Basis for Processing
We rely on several lawful bases under UK GDPR to process your data. These include the performance of a contract, where we need to process your information to fulfil your order; legal obligations, where we are required to retain certain information for compliance purposes; your consent, where you have opted into marketing communications or the use of non-essential cookies; and our legitimate interests, where processing is necessary for purposes such as improving our services, maintaining security, or managing customer relationships, and where these interests are not overridden by your data protection rights.
6. Sharing Your Data
We share your personal data only when necessary and with trusted third parties. This includes payment processors who process your payment securely, delivery partners like Royal Mail or DPD who handle the logistics of shipping your goods, and IT service providers who support the operation and hosting of our website. We may also share your data with professional advisors, regulatory authorities, or government bodies if required by law. We do not sell or rent your personal data to third parties under any circumstances.
7. International Data Transfers
Some of our service providers may be located or store data outside of the United Kingdom, including in the European Economic Area (EEA). When transferring personal data internationally, we ensure appropriate safeguards are in place, such as the use of the UK Addendum to the EU Standard Contractual Clauses or other legally recognized mechanisms to ensure your data is protected in accordance with UK data protection laws.
8. Data Retention
We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, including for legal, accounting, and reporting requirements. Typically, we retain order and transaction data for up to six years to comply with tax and legal obligations. Account data is retained for as long as your account is active or until you request deletion. Marketing data is retained until you unsubscribe or withdraw your consent. Information collected through cookies is retained according to the specific expiry settings of each cookie, which can be managed through your browser settings or our cookie preference tool.
9. Your Data Protection Rights
You have a number of rights under UK GDPR regarding your personal data. These include the right to access the data we hold about you, the right to have inaccurate data corrected, the right to request deletion of your data where appropriate, the right to restrict how we process your data, the right to object to processing based on legitimate interest or direct marketing, and the right to request data portability. If we rely on your consent to process your data, you have the right to withdraw that consent at any time. To exercise any of these rights, you can contact us at support@eshoppy.uk. You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO) at www.ico.org.uk if you believe that your rights have been violated.
10. Cookies and Tracking Technologies
We use cookies and similar technologies on our website to enhance user experience, support site functionality, and collect usage data for analytics and marketing purposes. Essential cookies are required for the website to function properly and are always active. Non-essential cookies, including those used for analytics and advertising, require your consent. When you visit our site, a cookie banner allows you to manage your preferences. You can also control cookie settings via your web browser. For more detailed information, please refer to our separate Cookie Policy.
11. Data Security
We implement a range of technical and organisational security measures to protect your personal data from loss, misuse, unauthorised access, disclosure, or alteration. This includes the use of SSL encryption, secure server infrastructure, access control policies, and regular security monitoring. While we take all reasonable precautions, no data transmission over the internet can be guaranteed to be 100% secure, and we encourage users to take steps to protect their own data, such as using strong passwords and regularly updating software.
12. Third-Party Links
Our website may contain links to third-party websites or services. These external sites are not governed by this Privacy Policy, and we are not responsible for the privacy practices or content of such sites. We encourage you to read the privacy policies of any third-party websites you visit.
13. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, legal obligations, or service offerings. When we make significant changes, we will notify you via our website or by email if appropriate. The most current version of the policy will always be available on our website, and we encourage users to review it periodically.
14. Contact Us
If you have any questions, concerns, or requests related to this Privacy Policy or the way your personal data is handled, please contact us at support@eshoppy.uk.