Privacy Policy

E2X Limited: Privacy Policy

We ask that you read this privacy policy carefully as it contains important information on who we are, how and why we collect, store, use and share personal information, your rights in relation to your personal information and on how to contact us and supervisory authorities in the event you have a complaint.

Who we are

E2X Limited (“E2X”, “we”, “our”) are one of the thought leaders in eCommerce and retail that celebrates ‘headless commerce’. For more information see https://www.e2x.com/who-we-are.

E2X collects, uses and is responsible for certain personal information about you. When we do so we are regulated under the General Data Protection Regulation which applies across the European Union (including in the United Kingdom) and we are responsible as ‘controller’ of that personal information for the purposes of those laws.

The personal information we collect and use

We collect personal information about you when you access our website and/or contact us.

We collect this personal information from you either directly, such as when you contact us or indirectly, such as your browsing activity while on our website (see ‘Cookies’ below).

The personal information we collect about you depends on the particular activities you carry out on our website. Such information includes:

  • your name, address and contact details provided by you on our contact form
  • details of any feedback you give us by phone, email, post or via social media
  • information about the services we provide to you

We use this personal information to:

  • customise our website and its content to your particular preferences
  • notify you of any changes to our website or services that may affect you
  • improve our services
  • provide you with any feedback you request.

Our website is not intended for use by children and we do not knowingly collect or use personal information relating to children.

Who we share your personal information with

We will not share your data with any third-party companies to fulfil the purposes listed above. Some of our systems are cloud based and may be based outside the European Economic Area — for further information including on how we safeguard your personal data when this occurs, see ‘Transfer of your information out of the EEA’.

We will share personal information with law enforcement or other authorities if required by applicable law.

We will not sell your personal information to any third party.

How long your personal information will be kept

We will hold your contact details provided to contact you via email, telephone or text in for 3 years (unless you notify us that you wish to stop receiving any communications from us) or longer if we have commercial agreements in place or on-going commercial discussions. Please send any such requests to our Security Team using the contact details provided in the ‘How to Contact Us’ section of this Privacy Policy below.

Reasons we can collect and use your personal information

We rely on the legitimate interest ground as the lawful basis on which we collect and use your personal data. Our legitimate interest is to provide you with information relating to E2X products and the ecommerce industry. E2X have weighed this against your fundamental rights as an individual and are content that this is a proportionate use of your personal data.

You have the right to unsubscribe from any contact by selecting and unsubscribe option which is included in all communications.

Consequences of our use of your personal information

We may contact you in accordance with your preferences, by either phone or email, with any news and marketing regarding all services or products offered by E2X.

Transfer of your information out of the EEA

We may transfer your personal information to the following which are located outside the European Economic Area (EEA):

  • United States of America

Such countries do not have the same data protection laws as the United Kingdom and EEA. Whilst the European Commission has not given a formal decision that the USA provide an adequate level of data protection similar to those which apply in the United Kingdom and EEA, any transfer of your personal information will be subject to appropriate safeguards (as permitted under Article 46(5), of the General Data Protection Regulation that are designed to help safeguard your privacy rights and give you remedies in the unlikely event of a misuse of your personal information.

If you would like further information, please contact our Security Team as detailed in the ‘Contact Us’ section. We will not otherwise transfer your personal data outside of the EEA or to any organisation (or subordinate bodies) governed by public international law or which is set up under any agreement between two or more countries.

Your rights

Under the General Data Protection Regulation you have a number of important rights free of charge. In summary, those include rights to:

  • fair processing of information and transparency over how we use your use personal information

  • access to your personal information and to certain other supplementary information that this privacy policy is already designed to address

  • require us to correct any mistakes in your information which we hold

  • require the erasure of personal information concerning you in certain situations

  • receive the personal information concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party in certain situations

  • object at any time to processing of personal information concerning you for direct marketing

  • object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you

  • object in certain other situations to our continued processing of your personal information

  • otherwise restrict our processing of your personal information in certain circumstances

For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals rights under the General Data Protection Regulation.

If you would like to exercise any of those rights, please:

  • email or write to our Security Team;

  • let us have enough information to identify you; and

  • let us know the information to which your request relates.

If you would like to unsubscribe from any email newsletter you can also click on the ‘unsubscribe’ button at the bottom of the email newsletter. It may take up to 14 days for this to take place.

Keeping your personal information secure

We have appropriate security measures in place to prevent personal information from being accidentally lost or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

If you want detailed information from Get Safe Online on how to protect your information and your computers and devices against fraud, identity theft, viruses and many other online problems, please visit www.getsafeonline.org. Get Safe Online is supported by HM Government and leading businesses.

How to complain

We hope that our Security Team can resolve any query or concern you raise about our use of your information.

If however, this has not been the case, the General Data Protection Regulation also gives you right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live or where any alleged infringement of data protection laws occurred. The supervisory authority in the UK is the Information Commissioner who may be contacted at https://ico.org.uk/make-a-complaint/ or telephone: 0303 123 1113.

Changes to this privacy policy

This privacy policy was published on 26 March 2019.

We may change this privacy policy from time to time, when we do we will ensure you are aware of such changes when using our website.

How to contact us

Please contact our Security Team if you have any questions about this cookie policy or the information we hold about you. To do this, please send an email to security@e2x.co.uk or write to 1 London Bridge London SE1 9BG.