Last updated May 17, 2024
This privacy notice
for ESTAEX LIMITEDESTAEX ) (
'process'
), such as when you:
- Visit our
website
at estaex.co.uk , or any website of ours that links to this privacy notice
- Engage with
us in other related ways, including any sales, marketing, or events
Questions or concerns? Reading this privacy
notice will help you understand your privacy rights and choices. If you do not agree with our
policies and practices, please do not use our Services.
[email protected] .
SUMMARY OF KEY POINTS
This summary provides key points from our privacy notice,
but you can find out more details about any of these topics by clicking the link following
each key point or by using our table of contents below to find the section you
are looking for.
What
personal information do we process? When you visit, use, or navigate our Services, we
may process personal information depending on how you interact with us and the Services, the choices
you make, and the products and features you use. Learn more about personal
information you disclose to us.
Do we
process any sensitive personal information?
Do we
collect any information from third parties?
How do
we process your information? We process your information to provide, improve, and
administer our Services, communicate with you, for security and fraud prevention, and to comply with
law. We may also process your information for other purposes with your consent. We process your
information only when we have a valid legal reason to do so. Learn more about how we process your information.
In
what situations and with which
categories of
How do
we keep your information safe? We have
What
are your rights? Depending on where you are located geographically, the applicable
privacy law may mean you have certain rights regarding your personal information. Learn more
about your privacy
rights.
How do
you exercise your rights? The easiest way to exercise your rights is by estaex.co.uk/me
Want to learn
more about what we do with any information we collect? Review the privacy notice in full.
TABLE OF CONTENTS
1. WHAT
INFORMATION DO WE COLLECT?
Personal information you disclose to
us
In
Short: We collect personal
information that you provide to
us.
We collect
personal information that you voluntarily provide to us when you
Personal Information Provided by You. The
personal information that we collect depends on the context of your interactions with us and the
Services, the choices you make, and the products and features you use. The personal information
we collect may include the following:
-
names
-
phone numbers
-
email addresses
-
mailing addresses
-
job titles
-
usernames
-
passwords
-
contact preferences
-
contact or authentication data
-
billing addresses
-
debit/credit card numbers
Sensitive Information.
-
credit worthiness data
-
student data
-
social security numbers or other government identifiers
-
biometric data
Social
Media Login Data. We may provide you with the option to register with us using your
existing social media account details, like your Facebook, X, or other social media account. If
you choose to register in this way, we will collect certain profile information about you from
the social media provider, as described in the section called
'
All personal
information that you provide to us must be true, complete, and accurate, and you must notify us
of any changes to such personal information.
Information automatically collected
In
Short: Some information —
such as your Internet Protocol (IP) address and/or browser and device
characteristics — is collected automatically when you visit our
Services.
We
automatically collect certain information when you visit, use, or navigate the Services. This
information does not reveal your specific identity (like your name or contact information) but
may include device and usage information, such as your IP address, browser and device
characteristics, operating system, language preferences, referring URLs, device name, country,
location, information about how and when you use our Services, and other technical information.
This information is primarily needed to maintain the security and operation of our Services, and
for our internal analytics and reporting purposes.
Like many
businesses, we also collect information through cookies and similar technologies. estaex.co.uk/cookie_policy
.
The information
we collect includes:
- Log and
Usage Data. Log and usage data is service-related, diagnostic, usage, and
performance information our servers automatically collect when you access or use our
Services and which we record in log files. Depending on how you interact with us, this log
data may include your IP address, device information, browser type, and settings and
information about your activity in the Services (such
as the date/time stamps associated with your usage, pages and files viewed, searches, and
other actions you take such as which features you use), device event information (such as
system activity, error reports (sometimes called
'crash dumps' ), and hardware settings).
- Device
Data. We collect device data such as information about your computer, phone,
tablet, or other device you use to access the Services. Depending on the device used, this
device data may include information such as your IP address (or proxy server), device and
application identification numbers, location, browser type, hardware model, Internet service
provider and/or mobile carrier, operating system, and system configuration information.
- Location Data. We collect location data such as
information about your device's location, which can be either precise or imprecise. How much
information we collect depends on the type and settings of the device you use to access the
Services. For example, we may use GPS and other technologies to collect geolocation data
that tells us your current location (based on your IP address). You can opt out of allowing
us to collect this information either by refusing access to the information or by disabling
your Location setting on your device. However, if you choose to opt out, you may not be able
to use certain aspects of the Services.
2. HOW DO WE
PROCESS YOUR INFORMATION?
In Short: We process
your information to provide, improve, and administer our Services,
communicate with you, for security and fraud prevention, and to comply with
law. We may also process your information for other purposes with your
consent.
We
process your personal information for a variety of reasons, depending on how you interact
with our Services, including:
- To
facilitate account creation and authentication and otherwise manage user
accounts. We may process your information so you can create and log in to your
account, as well as keep your account in working order.
- To deliver and facilitate delivery of services to
the user. We may process your information to provide you with the requested
service.
- To respond to user inquiries/offer support to
users. We may process your information to respond to your inquiries and
solve any potential issues you might have with the requested service.
- To send administrative information to
you. We may process your information to send you details about our
products and services, changes to our terms and policies, and other similar
information.
- To
fulfil and manage your orders. We may process your information to fulfil and manage your orders, payments, returns, and exchanges made through the Services.
- To enable user-to-user
communications. We may process your information if you
choose to use any of our offerings that allow for communication with
another user.
- To
save or protect an
individual's vital
interest.
We may process your
information when
necessary to save or
protect an individual’s
vital interest, such as
to prevent
harm.
3.
WHAT LEGAL BASES DO WE
RELY ON TO PROCESS YOUR
INFORMATION?
In
Short: We
only process your
personal information
when we believe it is
necessary and we have a
valid legal reason (i.e.
legal basis) to
do so under applicable
law, like with your
consent, to comply with
laws, to provide you
with services to enter
into or
fulfil
our contractual
obligations, to protect
your rights, or to
fulfil
our legitimate
business
interests.
The
General Data Protection
Regulation (GDPR) and UK
GDPR require us to explain
the valid legal bases we
rely on in order to process
your personal information.
As such, we may rely on the
following legal bases to
process your personal
information:
- Consent. We
may process your
information if you have
given us permission
(i.e.
- Performance
of a
Contract.
We may process your
personal information
when we believe it is
necessary to
- Legal
Obligations.
We may process your
information where we
believe it is necessary
for compliance with our
legal obligations, such
as to cooperate with a
law enforcement body or
regulatory agency,
exercise or defend our
legal rights, or
disclose your
information as evidence
in litigation in which
we are involved.
- Vital
Interests.
We may process your
information where we
believe it is necessary
to protect your vital
interests or the vital
interests of a third
party, such as
situations involving
potential threats to the
safety of any
person.
In
Short: We
may share
information in
specific situations
described in this
section and/or with
the following
categories of
third
parties.
Vendors,
Consultants, and Other
Third-Party Service
Providers. We
may share your data with
third-party vendors, service
providers, contractors, or
agents (
'third
parties'
) who perform services
for us or on our behalf and
require access to such
information to do that work.
We have contracts in
place with our third
parties, which are designed
to help safeguard your
personal information. This
means that they cannot do
anything with your personal
information unless we have
instructed them to do it.
They will also not share
your personal information
with any
organisation
apart from us. They
also commit to protect the
data they hold on our behalf
and to retain it for the
period we instruct.
The
categories of
third parties we may
share personal information
with are as
follows:
-
Payment Processors
-
Website Hosting Service Providers
-
User Account Registration & Authentication Services
-
Social Networks
-
Data Analytics Services
We
also
may need to share your
personal information in the
following
situations:
- Business Transfers. We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.
In
Short: We
may
use
cookies
and
other
tracking
technologies
to
collect
and
store
your
information.
We
may
use
cookies
and
similar
tracking
technologies
(like
web
beacons
and
pixels)
to
gather
information
when
you
interact
with
our
Services.
Some
online
tracking
technologies
help
us
maintain
the
security
of
our
Services
and
your
account
,
prevent
crashes,
fix
bugs,
save
your
preferences,
and
assist
with
basic
site
functions.
We
also
permit
third
parties
and
service
providers
to
use
online
tracking
technologies
on
our
Services
for
analytics
and
advertising,
including
to
help
manage
and
display
advertisements,
to
tailor
advertisements
to
your
interests,
or
to
send
abandoned
shopping
cart
reminders
(depending
on
your
communication
preferences).
The
third
parties
and
service
providers
use
their
technology
to
provide
advertising
about
products
and
services
tailored
to
your
interests
which
may
appear
either
on
our
Services
or
on
other
websites.
Specific
information
about
how
we
use
such
technologies
and
how
you
can
refuse
certain
cookies
is
set
out
in
our
Cookie
Notice
:
estaex.co.uk/cookie_policy
.
Google
Analytics
We
may
share
your
information
with
Google
Analytics
to track
and
analyse
the use
of the
Services.
The
Google
Analytics
Advertising
Features
that we
may use
include:
Remarketing
with
Google
Analytics
,
Google
Analytics
Demographics
and
Interests
Reporting
and
Google
Display
Network
Impressions
Reporting
.
To opt
out of
being
tracked
by
Google
Analytics
across
the
Services,
visit
https://tools.google.com/dlpage/gaoptout.
You can
opt out
of
Google
Analytics
Advertising
Features
through
Ads
Settings
and Ad
Settings
for
mobile
apps.
Other
opt out
means
include
http://optout.networkadvertising.org/
and
http://www.networkadvertising.org/mobile-choice.
For more
information
on the
privacy
practices
of
Google,
please
visit
the
Google
Privacy
&
Terms
page.
In
Short: If
you
choose
to
register
or
log
in
to
our
Services
using
a
social
media
account,
we
may
have
access
to
certain
information
about
you.
Our
Services
offer
you
the
ability
to
register
and
log
in
using
your
third-party
social
media
account
details
(like
your
Facebook
or X
logins).
Where
you
choose
to
do
this,
we
will
receive
certain
profile
information
about
you
from
your
social
media
provider.
The
profile
information
we
receive
may
vary
depending
on
the
social
media
provider
concerned,
but
will
often
include
your
name,
email
address,
friends
list,
and
profile
picture,
as
well
as
other
information
you
choose
to
make
public
on
such
a
social
media
platform.
We
will
use
the
information
we
receive
only
for
the
purposes
that
are
described
in
this
privacy
notice
or
that
are
otherwise
made
clear
to
you
on
the
relevant
Services.
Please
note
that
we
do
not
control,
and
are
not
responsible
for,
other
uses
of
your
personal
information
by
your
third-party
social
media
provider.
We
recommend
that
you
review
their
privacy
notice
to
understand
how
they
collect,
use,
and
share
your
personal
information,
and
how
you
can
set
your
privacy
preferences
on
their
sites
and
apps.
7.
HOW
LONG
DO
WE
KEEP
YOUR
INFORMATION?
In
Short: We
keep
your
information
for
as
long
as
necessary
to
fulfil
the
purposes
outlined
in
this
privacy
notice
unless
otherwise
required
by
law.
We
will
only
keep
your
personal
information
for
as
long
as
it
is
necessary
for
the
purposes
set
out
in
this
privacy
notice,
unless
a
longer
retention
period
is
required
or
permitted
by
law
(such
as
tax,
accounting,
or
other
legal
requirements).
No
purpose
in
this
notice
will
require
us
keeping
your
personal
information
for
longer
than
the
period
of
time
in
which
users
have
an
account
with
us
.
When
we
have
no
ongoing
legitimate
business
need
to
process
your
personal
information,
we
will
either
delete
or
anonymise
such
information,
or,
if
this
is
not
possible
(for
example,
because
your
personal
information
has
been
stored
in
backup
archives),
then
we
will
securely
store
your
personal
information
and
isolate
it
from
any
further
processing
until
deletion
is
possible.
8.
HOW
DO
WE
KEEP
YOUR
INFORMATION
SAFE?
In
Short: We
aim
to
protect
your
personal
information
through
a
system
of
organisational
and
technical
security
measures.
We
have
implemented
appropriate
and
reasonable
technical
and
organisational
security
measures
designed
to
protect
the
security
of
any
personal
information
we
process.
However,
despite
our
safeguards
and
efforts
to
secure
your
information,
no
electronic
transmission
over
the
Internet
or
information
storage
technology
can
be
guaranteed
to
be
100%
secure,
so
we
cannot
promise
or
guarantee
that
hackers,
cybercriminals,
or
other
unauthorised
third
parties
will
not
be
able
to
defeat
our
security
and
improperly
collect,
access,
steal,
or
modify
your
information.
Although
we
will
do
our
best
to
protect
your
personal
information,
transmission
of
personal
information
to
and
from
our
Services
is
at
your
own
risk.
You
should
only
access
the
Services
within
a
secure
environment.
9.
DO
WE
COLLECT
INFORMATION
FROM
MINORS?
In
Short: We
do
not
knowingly
collect
data
from
or
market
to
children
under
18
years
of
age
.
We
do
not
knowingly
collect,
solicit
data
from,
or
market
to
children
under
18
years
of
age,
nor
do
we
knowingly
sell
such
personal
information.
By
using
the
Services,
you
represent
that
you
are
at
least
18
or
that
you
are
the
parent
or
guardian
of
such
a
minor
and
consent
to
such
minor
dependent’s
use
of
the
Services.
If
we
learn
that
personal
information
from
users
less
than
18
years
of
age
has
been
collected,
we
will
deactivate
the
account
and
take
reasonable
measures
to
promptly
delete
such
data
from
our
records.
If
you
become
aware
of
any
data
we
may
have
collected
from
children
under
age
18,
please
contact
us
at
[email protected]
.
10.
WHAT
ARE
YOUR
PRIVACY
RIGHTS?
In
Short:
In
some
regions,
such
as
the
European
Economic
Area
(EEA),
United
Kingdom
(UK),
and
Switzerland
,
you
have
rights
that
allow
you
greater
access
to
and
control
over
your
personal
information.
You
may
review,
change,
or
terminate
your
account
at
any
time,
depending
on
your
country,
province,
or
state
of
residence.
In
some
regions
(like
the
EEA,
UK,
and
Switzerland
),
you
have
certain
rights
under
applicable
data
protection
laws.
These
may
include
the
right
(i)
to
request
access
and
obtain
a
copy
of
your
personal
information,
(ii)
to
request
rectification
or
erasure;
(iii)
to
restrict
the
processing
of
your
personal
information;
(iv)
if
applicable,
to
data
portability;
and
(v)
not
to
be
subject
to
automated
decision-making.
In
certain
circumstances,
you
may
also
have
the
right
to
object
to
the
processing
of
your
personal
information.
You
can
make
such
a
request
by
contacting
us
by
using
the
contact
details
provided
in
the
section
'
HOW
CAN
YOU
CONTACT
US
ABOUT
THIS
NOTICE?
'
below.
We
will
consider
and
act
upon
any
request
in
accordance
with
applicable
data
protection
laws.
If
you
are
located
in
the
EEA
or
UK
and
you
believe
we
are
unlawfully
processing
your
personal
information,
you
also
have
the
right
to
complain
to
your
Member
State
data
protection
authority
or UK
data
protection
authority.
If
you
are
located
in
Switzerland,
you
may
contact
the
Federal
Data
Protection
and
Information
Commissioner.
Withdrawing
your
consent:
If
we
are
relying
on
your
consent
to
process
your
personal
information,
you
have
the
right
to
withdraw
your
consent
at
any
time.
You
can
withdraw
your
consent
at
any
time
by
contacting
us
by
using
the
contact
details
provided
in
the
section
'
HOW
CAN
YOU
CONTACT
US
ABOUT
THIS
NOTICE?
'
below
or
updating
your
preferences
.
However,
please
note
that
this
will not
affect
the
lawfulness
of the
processing
before
its
withdrawal
nor,
will it
affect
the
processing
of your
personal
information
conducted
in
reliance
on
lawful
processing
grounds
other
than
consent.
Opting
out
of
marketing
and
promotional
communications: You
can
unsubscribe
from our
marketing
and
promotional
communications
at any
time by
clicking
on the
unsubscribe
link in
the
emails
that we
send,
replying
'STOP'
or
'UNSUBSCRIBE'
to the
SMS
messages
that we
send,
or by
contacting
us using
the
details
provided
in the
section
'
HOW
CAN
YOU
CONTACT
US
ABOUT
THIS
NOTICE?
'
below.
You will
then be
removed
from the
marketing
lists.
However,
we may
still
communicate
with you
— for
example,
to send
you
service-related
messages
that are
necessary
for the
administration
and use
of your
account,
to
respond
to
service
requests,
or for
other
non-marketing
purposes.
Account
Information
If
you
would at
any time
like to
review
or
change
the
information
in your
account
or
terminate
your
account,
you can:
-
Log in to your account settings and update your user account.
-
Contact us using the contact information provided.
Upon
your
request
to
terminate
your
account,
we will
deactivate
or
delete
your
account
and
information
from our
active
databases.
However,
we may
retain
some
information
in our
files to
prevent
fraud,
troubleshoot
problems,
assist
with any
investigations,
enforce
our
legal
terms
and/or
comply
with
applicable
legal
requirements.
Cookies
and
similar
technologies:
Most
Web
browsers
are
set
to
accept
cookies
by
default.
If
you
prefer,
you
can
usually
choose
to
set
your
browser
to
remove
cookies
and
to
reject
cookies.
If
you
choose
to
remove
cookies
or
reject
cookies,
this
could
affect
certain
features
or
services
of
our
Services.
For
further
information,
please
see
our
Cookie
Notice:
estaex.co.uk/cookie_policy
.
If
you have
questions
or
comments
about
your
privacy
rights,
you may
email us
at
[email protected]
.
11.
CONTROLS
FOR
DO-NOT-TRACK
FEATURES
Most
web
browsers
and
some
mobile
operating
systems
and
mobile
applications
include
a
Do-Not-Track
(
'DNT'
)
feature
or
setting
you
can
activate
to
signal
your
privacy
preference
not
to
have
data
about
your
online
browsing
activities
monitored
and
collected.
At
this
stage,
no
uniform
technology
standard
for
recognising
and
implementing
DNT
signals
has
been
finalised
. As
such,
we
do
not
currently
respond
to
DNT
browser
signals
or
any
other
mechanism
that
automatically
communicates
your
choice
not
to
be
tracked
online.
If a
standard
for
online
tracking
is
adopted
that
we
must
follow
in
the
future,
we
will
inform
you
about
that
practice
in a
revised
version
of
this
privacy
notice.
12.
DO
WE
MAKE
UPDATES
TO
THIS
NOTICE?
In
Short: Yes,
we
will
update
this
notice
as
necessary
to
stay
compliant
with
relevant
laws.
We
may
update
this
privacy
notice
from
time
to
time.
The
updated
version
will
be
indicated
by
an
updated
'Revised'
date
at
the
top
of
this
privacy
notice.
If
we
make
material
changes
to
this
privacy
notice,
we
may
notify
you
either
by
prominently
posting
a
notice
of
such
changes
or
by
directly
sending
you
a
notification.
We
encourage
you
to
review
this
privacy
notice
frequently
to
be
informed
of
how
we
are
protecting
your
information.
13.
HOW
CAN
YOU
CONTACT
US
ABOUT
THIS
NOTICE?
If
you
have
questions
or
comments
about
this
notice,
you
may
email
us
at
[email protected]
or
contact
us
by
post
at:
14.
HOW
CAN
YOU
REVIEW,
UPDATE,
OR
DELETE
THE
DATA
WE
COLLECT
FROM
YOU?