Privacy policy

PRIVACY POLICY

Ergonest

Last Updated: April 11, 2026

This Privacy Policy describes how Ergonest ("we", "us", or "our") collects, uses, and discloses your personal information when you visit or make a purchase from our website https://ergonest.co.uk (the "Site") or otherwise interact with our Services.

This Privacy Policy complies with the UK General Data Protection Regulation (UK GDPR), the EU General Data Protection Regulation (GDPR), and the Data Protection Act 2018. We are committed to protecting your privacy and ensuring your personal data is handled in accordance with applicable data protection laws.

1. Data Controller

For the purposes of UK GDPR and GDPR, the data controller is:

Ergonest
50 Boyds Walk, Manchester SK16 4BG, United Kingdom
Email: contact@ergonest.co.uk
Phone: +44 3330 901840

2. Legal Bases for Processing

Under UK GDPR and GDPR, we process your personal information based on the following legal bases:

  • Contract Performance: Processing necessary to fulfil our contract with you (e.g., processing orders, providing customer support)
  • Legitimate Interests: Processing necessary for our legitimate business interests (e.g., fraud prevention, marketing, improving our Services), provided such interests are not overridden by your rights
  • Legal Obligation: Processing necessary to comply with legal requirements (e.g., tax obligations, responding to lawful requests)
  • Consent: Processing based on your explicit consent (e.g., marketing communications, cookies), which you may withdraw at any time

3. What Personal Information We Collect

The types of personal information we collect depend on how you interact with our Site and Services. When we use "personal information", we refer to information that identifies, relates to, describes or can be associated with you.

3.1 Information Collected Directly from You

Information you provide when using our Services may include:

  • Contact Details: Name, address, phone number, email address
  • Order Information: Billing address, shipping address, payment confirmation, order history
  • Account Information: Username, password, security questions, preferences
  • Shopping Behaviour: Items viewed, cart contents, wish lists
  • Customer Support: Information in your communications with us, including messages, emails, and support tickets

3.2 Information Collected Automatically

We automatically collect certain information about your interaction with our Services ("Usage Data") using cookies, pixels, and similar technologies:

  • Device Information: Browser type, operating system, device identifiers
  • Network Information: IP address, network connection details
  • Interaction Data: Pages visited, links clicked, time spent on pages, referring websites

3.3 Information from Third Parties

We may obtain information about you from third parties:

  • Service Providers: Companies supporting our Site and Services, such as Shopify, analytics providers, and customer support tools
  • Payment Processors: Information necessary to process payments (bank account, credit/debit card details, billing address)

4. How We Use Your Personal Information

We use your personal information for the following purposes:

  • Order Fulfilment: Processing payments, fulfilling orders, arranging shipping, managing returns and exchanges, sending order confirmations and updates
  • Account Management: Creating and maintaining your account, enabling product reviews, managing preferences
  • Customer Support: Responding to enquiries, resolving issues, improving service quality
  • Marketing Communications: Sending promotional emails, newsletters, and product recommendations (with your consent or where permitted by law)
  • Personalisation: Tailoring content, recommendations, and advertising based on your preferences and behaviour
  • Fraud Prevention: Detecting and preventing fraudulent, illegal, or malicious activity
  • Analytics: Understanding how visitors use our Site, improving functionality, and optimising user experience
  • Legal Compliance: Complying with legal obligations, enforcing terms of service, and protecting our rights and those of others

5. Cookies and Tracking Technologies

We use cookies, pixels, web beacons, and similar tracking technologies ("Cookies") to collect Usage Data and improve your experience on our Site.

5.1 Types of Cookies We Use

  • Essential Cookies: Necessary for the Site to function properly (e.g., shopping cart, checkout, security)
  • Performance Cookies: Help us understand how visitors use our Site and identify areas for improvement
  • Functionality Cookies: Remember your preferences and settings
  • Advertising Cookies: Deliver relevant advertisements based on your interests and measure campaign effectiveness

5.2 Cookie Consent

When you first visit our Site, we will present you with a cookie consent banner that allows you to:

  • Accept all cookies
  • Reject non-essential cookies
  • Customise your cookie preferences by category

Essential cookies are always active as they are necessary for the Site to function. For all other cookies, we will only set them with your consent. You can change your cookie preferences at any time through your browser settings or by using our cookie preference tool available on our Site.

5.3 Managing Cookies

Most browsers automatically accept cookies by default. You can modify your browser settings to decline cookies if you prefer. However, this may prevent you from taking full advantage of our Site and some features may not function properly. Blocking cookies does not completely prevent how we share information with third parties such as advertising partners.

For specific information about cookies used by our Shopify platform, please see https://www.shopify.com/legal/cookies

6. How We Disclose Personal Information

We may disclose your personal information to third parties in the following circumstances:

  • Service Providers: IT management, payment processing, data analytics, customer support, cloud storage, order fulfilment, and shipping companies
  • Business Partners: Including Shopify and marketing partners, who will use your information in accordance with their own privacy policies
  • With Your Consent: When you direct or authorise us to share information (e.g., social media integrations)
  • Corporate Affiliates: Within our corporate group for legitimate business purposes
  • Business Transactions: In connection with mergers, acquisitions, or bankruptcy proceedings
  • Legal Requirements: To comply with legal obligations, respond to lawful requests, enforce our terms, and protect our rights and those of others

We do not sell your personal information to third parties for monetary consideration. We do not use or disclose sensitive personal information for purposes of inferring characteristics about you.

7. International Data Transfers

Your personal information may be transferred to, stored, and processed in countries outside the United Kingdom and European Economic Area (EEA), including the United States, where our service providers and partners operate.

When we transfer your personal information outside the UK or EEA, we ensure appropriate safeguards are in place to protect your data, including:

  • Standard Contractual Clauses: Using European Commission-approved Standard Contractual Clauses or UK equivalent contracts issued by the UK Information Commissioner's Office
  • Adequacy Decisions: Transferring data to countries that have been determined by the European Commission or UK Government to provide adequate data protection

8. Data Retention

We retain your personal information for as long as necessary to fulfil the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. Retention periods depend on factors such as:

  • Whether we need the information to maintain your account or provide Services
  • Legal, tax, or accounting requirements (typically 6-7 years for financial records)
  • The need to resolve disputes or enforce contracts
  • Legitimate business purposes such as fraud prevention and security

When your personal information is no longer needed, we will securely delete or anonymise it.

9. Your Rights Under UK GDPR and GDPR

Under UK GDPR and GDPR, you have the following rights regarding your personal information. These rights are not absolute and may be subject to certain conditions and exceptions:

9.1 Right of Access

You have the right to request access to the personal information we hold about you, including details about how we use and share it. This is commonly known as a "subject access request".

9.2 Right to Rectification

You have the right to request that we correct inaccurate or incomplete personal information we hold about you.

9.3 Right to Erasure (Right to be Forgotten)

You have the right to request that we delete your personal information in certain circumstances, such as when it is no longer necessary for the purposes for which it was collected, or if you withdraw your consent where that is the legal basis for processing.

9.4 Right to Data Portability

You have the right to receive a copy of your personal information in a structured, commonly used, and machine-readable format, and to request that we transfer it to another data controller where technically feasible.

9.5 Right to Restriction of Processing

You have the right to request that we restrict the processing of your personal information in certain circumstances, such as when you contest the accuracy of the data or object to processing.

9.6 Right to Object

You have the right to object to our processing of your personal information where we rely on legitimate interests as the legal basis. You also have an absolute right to object to processing for direct marketing purposes.

9.7 Right to Withdraw Consent

Where we process your personal information based on your consent, you have the right to withdraw that consent at any time. This will not affect the lawfulness of processing based on consent before its withdrawal.

9.8 Automated Decision-Making

You have the right not to be subject to decisions based solely on automated processing, including profiling, which produces legal effects or similarly significantly affects you. We do not currently engage in automated decision-making of this nature.

9.9 How to Exercise Your Rights

To exercise any of these rights, please contact us using the details provided in Section 13. We will respond to your request within one month, though this may be extended by two further months where necessary, taking into account the complexity of your request.

We may need to verify your identity before processing your request. We will not discriminate against you for exercising your rights. You may also authorise an agent to make requests on your behalf, but we will require proof of authorisation.

9.10 Managing Marketing Communications

You may opt out of receiving promotional emails at any time by clicking the "unsubscribe" link in our emails or by contacting us. Please note that we may still send you non-promotional communications such as order confirmations and account notifications.

10. Security of Your Information

We implement appropriate technical and organisational security measures to protect your personal information against unauthorised access, alteration, disclosure, or destruction. However, no security measures are perfect or impenetrable, and we cannot guarantee absolute security. We recommend that you do not use unsecure channels to communicate sensitive or confidential information to us.

11. Children's Privacy

Our Services are not intended for use by children under the age of 16, and we do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately, and we will delete such information. We do not knowingly sell or share personal information of individuals under 16 years of age.

12. Third-Party Websites and Links

Our Site may contain links to third-party websites not operated by us. We are not responsible for the privacy practices or content of these third-party sites. We recommend reviewing their privacy policies before providing any personal information. Our inclusion of links does not imply endorsement of third-party websites or their operators.

13. Contact Information

If you have questions about this Privacy Policy or wish to exercise your rights, please contact us:

Ergonest
128 City Road, EC1V 2NX, London, United Kingdom
Email: contact@ergonest.co.uk
Phone: +44 3330 901840
Business Hours: Monday-Friday 9:00 AM - 5:00 PM (London time), Closed weekends and public holidays

14. Complaints and Supervisory Authority

If you have complaints about how we process your personal information, please contact us first using the details in Section 13. We will investigate and respond to your complaint.

If you are not satisfied with our response, you have the right to lodge a complaint with the relevant supervisory authority:

For UK residents:
Information Commissioner's Office (ICO)
Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF
Website: https://ico.org.uk
Helpline: 0303 123 1113

For EEA residents: You may contact your local data protection authority.

15. User-Generated Content

Our Services may enable you to post product reviews and other user-generated content. Any information you choose to submit to public areas will be publicly accessible. We do not control who accesses this information and cannot ensure it will be kept secure. We are not responsible for the privacy, security, accuracy, use, or misuse of information you make publicly available.

16. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes to our practices, Services, or legal requirements. We will post the revised Privacy Policy on our Site and update the "Last Updated" date at the top of this document. We will take any additional steps required by applicable law, such as obtaining your consent if the changes materially affect how we process your personal information. We encourage you to review this Privacy Policy periodically.