We are Delivering as usual (COVID-19)

Privacy Policy


We take your privacy very seriously and treat all your personal data we collect in accordance with this privacy policy. This privacy policy sets out the basis on which any personal data we collect from you, that you provide to us, or that other third parties provide to us, will be processed by us. 

This privacy policy applies to personal data collected when you: - 

  • Visit our websites www.studentessentials.co: 
  • Purchase products from us; 
  • Contact us, for example by email or through submitting a form on our websites; 

Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.  

This privacy policy shall be read in conjunction with our cookies policy and our website Terms and Conditions 

Information About Us 

For the purposes of the applicable UK and EU data protection laws ("Data Protection Law"), the data controller is Konstantinos Baronos (‘we, ‘our’ ‘us’).   

What information do we collect? 

 

Information that you give us 

When you purchase products or make enquiries about our products, or otherwise provide us with your personal data while on our websites or contact us with a query or complaint, you may provide us with information about yourself. 

This may include your name, address (including your billing and delivery address details where appropriate), your email address, contact telephone number, or feedback which you provide to us. 

When you make a purchase, this will be through Shopify Payments or PayPal where you will be required to put your credit/debit card details. We do not store any information regarding your credit/debit card details.  Please visit the Shopify Payments or PayPal Privacy Cookie website for detailed explanation on how they use your credit/debit card information. Please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. 

You are not obliged to provide your personal data to us.  However, if you do not provide your personal data to us, we may not be able to provide products to you and respond to your queries. 

Information that we collect about you 

We may also collect and process records of any correspondence and communications that you have with us and a record of transaction history and details of transactions conducted on our websites is kept by us together with details of the fulfilment of any of your order.    

We monitor, record, store and use email in order to check any instructions given to us, for training purposes, for crime prevention and to improve the quality of our customer service. 

As you move around our websites, subject to appropriate consents being obtained, we will collect information about your visit, such as which pages you visit, how often you visit and what links you click on. 

This will include technical information such as Internet protocol (IP) address used to connect your computer to the internet, browser type and version, operating system and platform and information about your visit such as the full Uniform Resource Locators (URL) clickstream to, through and from our websites (including date and time); products you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page. 

We may also receive information about you if you use any of the other services we provide.  In this case we will have informed you when we collected that personal data that it may be shared internally and combined with personal data collected on the websites for the purposes set out in this policy, including helping us to build a profile of you to get to know you better, and so that we can personalise and enhance your customer experience with us, for example; to ensure that content is relevant for you.   

Information that we receive about you from other sources 

We may receive personal information about you from other sources such as retailers of our products, social media platforms where you make your information publically available, publicly available customer lists lawfully acquired from third party vendors and from third parties who work with us in connection with our websites and services. 

How do we use your personal information? 

Information you give to us. We will use this information: 

  • to carry out our obligations arising from any agreements entered into between you and us and to provide you with the information, products and services that you request from us; 
  • to carry out appropriate and necessary investigations and discharge our legal and regulatory obligations and duties, including to comply with anti-fraud and anti-money laundering requirements;   
  • to ensure that content from the websites is presented in the most effective manner for you and for your computer. 

We may use the personal data we collect about you on an anonymised basis to create statistics and anonymised information which we then share with third parties including ad networks, search engines and analytics providers. 

Please note we will not use any financial or credit card information. All payments are processed through Shopify Payments and PayPal. 

Information we collect about you. We will use this information: 

  • to administer our websites and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes; 
  • to carry out appropriate and necessary investigations and discharge our legal and regulatory obligations and duties, including to comply with anti-fraud and anti-money laundering requirements. 
  • to improve our websites to ensure that content is presented in the most effective manner for you and for your computer; 
  • to enhance our website experience to ensure you receive a personalised and continuously improving customer service; 
  • to allow you to participate in interactive features of our websites, when you choose to do so; 
  • as part of our efforts to keep our websites safe and secure; 
  • for data-matching purposes in respect of your use of our websites / services and your use of certain third party services; 
  • Information we receive from other sources. We will combine this information with information you give to us and information we collect about you.  We will use this information and the combined information for the purposes set out above (depending on the types of information we receive). 

Using your information in accordance with Data Protection Law 

Data Protection Law requires that we meet certain conditions before we are allowed to use your data in the manner described in this privacy policy.  We take our responsibilities under data protection laws extremely seriously, including meeting these conditions.  To use your personal data, we will rely on the following conditions, depending on the activities we are carrying out: 

  • Compliance with legal obligations: As an entity established under the laws of England and Wales, we are obliged to comply with UK laws and guidance provided by UK regulatory bodies. In particular, we will need to process your personal information to verify your identity. 
  • Necessary for the entry into / performance of a contract: When you enter into a transaction with us, a contract between you and us will have been entered into. In order for us to fulfil our obligations under such contract (e.g. to allow you to purchase products from us), we will need to collect and process your personal information. Failure to provide the requisite personal information or objecting to this type of processing / exercising your deletion rights will unfortunately mean we cannot provide our goods / services to you. 
  • Legitimate interests:  To use your personal data for any other purpose described in this privacy policy, we will rely on a condition known as "legitimate interests".  It is in our legitimate interests to collect your personal data as it provides us with the information that we need to provide our services to you more effectively. Effectively, this requires us to carry out a balancing test of our interests in using your personal data (for example, in order to provide you with the information, products and services that you request from us), against the interests you have as a citizen and the rights you have under data protection laws (for example, to not have your data sold to third party marketing companies without your knowledge, or not store your personal data in insecure or unstable countries or regions), which is set out below. 

Legitimate interest 

We have a legitimate interest in processing your information as: 

  • You benefit from the provision of products and services; 
  • We will both benefit from the ability to enforce or apply rights under any contract between us; 
  • we would be unable to provide our products and services without processing your information. 

Necessity 

We consider that it is reasonable for us to process your personal data for the purposes of our legitimate interests outlined above as we process your personal data only so far as is necessary to achieve the purpose outlined in this privacy policy. 

Impact of processing 

We consider that it is reasonable for us to process your personal data for the purposes of our legitimate interests outlined above as the processing of your personal data does not unreasonably intrude on your privacy. 

 

How long we keep your information for 

When your data is no longer required for the purposes listed above, we will delete it within the periods set out below: 

  • Cookies are refreshed in accordance with our cookies policy; 

Any other information will typically be deleted within 1 year from date of our last positive interaction with you to enable us to deal with any issues or concerns you may have about how we processed your order or otherwise, and also to allow us to bring or defend legal proceedings. This data is archived where you are inactive for a period of 12 months. In some circumstances, some of your data will be deleted in much shorter timescales, where possible. 

Third-party service providers may, without limitation, be appointed by us to provide us with technical support, to process your transactions and to maintain your accounts or to run promotions or marketing campaigns, and we will disclose your personal data to them to enable them to provide these services, as further detailed below. In addition, credit card details are sent directly to our secure payment processors Shopify Payments and PayPal who process payments on our behalf. For more information on how they handle your information please visit their Terms and Conditions. 

We will disclose your information to: 

  • business partners, suppliers and sub-contractors for the performance of any contract we enter into with them or you; e.g. service providers who operate elements of our website service and process personal data on our behalf. These may include businesses who provide technology services such as hosting for our servers and email distribution, and business partners who provide delivery fulfilment services. We may also disclose your personal data to our supply and delivery partners for the purpose of processing and fulfilling your order. Where such disclosures are made, this will be under contractual arrangements with us and carried out in accordance with the requirements of the Act. 
  • third party suppliers and service providers to the extent they assist our group with its legal / regulatory obligations e.g. providers of services in respect of anti-money laundering, fraud, verification etc.; 
  • analytics and search engine providers that assist us in the improvement and optimisation of our websites and other selected third parties; and 
  • law enforcement agencies, or other appropriate third parties, where we consider your behaviour to be unlawful, offensive, inappropriate or objectionable in one of our stores or on our websites. 

 

We share your Personal Information with third parties to help us use your Personal Information. For example, we use Shopify to power our online store--you can read more about how Shopify uses your Personal Information here:  https://www.shopify.com/legal/privacy.  We also use Google Analytics to help us understand how our customers use the Site--you can read more about how Google uses your Personal Information here:  https://www.google.com/intl/en/policies/privacy/.  You can also opt-out of Google Analytics here:  https://tools.google.com/dlpage/gaoptout 

 

We will disclose your personal information to third parties: 

  • in the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets; 
  • to protect the rights, property or safety of us, our customers, or others. This includes exchanging information with other companies and organisations (including without limitation, other third parties, your employer, educational institution, email or internet provider, your parents (if you are under the age of 18) and law enforcement agencies) for the purposes of staff and customer safety, crime prevention, fraud protection and credit risk reduction; and 
  • if we are under a duty to disclose or share your personal data in order to comply with any legal obligation or regulatory requirements or in order to enforce or apply our terms and contidions and other agreements, or otherwise for the prevention or detection of fraud or crime. 

In assessing your request for products or services, we may use your personal data for the purposes of the prevention and detection of fraud. One of the purposes for which we may disclose your address and postcode details is to check against the IMRG Security Alert or any other Fraud Prevention Scheme. At all times where we disclose your personal data it will remain secure. 

Where we store your personal data 

Our company is hosted on the Shopify platform. Shopify provides us with the online platform that allows us to sell our products and services to you. Your data may be stored through Shopify’s data storage, databases and the general Shopify applications. They store your data on secure servers behind a firewall. We will take all steps reasonably necessary to ensure that your personal data is treated securely and in accordance with this privacy policy and Data Protection Law. 

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your personal data transmitted to us; any transmission is at your own risk. Once we have received your personal data, we will use strict procedures and security features to try to prevent unauthorised access. 

Protecting Your Information 

Our websites use up-to-date industry procedures to protect your personal information. We also protect the security of your data during transmission using Secure Sockets Layer (SSL) encryption software. We may vary this in the future if we feel you will benefit from greater security whilst using our websites. 

All direct payment gateways offered by Shopify Payments and PayPal and used by our company adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers. 

Cookies 

Our websites use cookies, as almost all websites do, to help provide you with the best experience we can. For more information please see our cookies policy. 

Third Party Services 

We may from time to time make available through our websites certain services provided by third parties. To gain access to these services, you must register with these third parties and deal with them direct. Please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites. 

Your rights 

You have a number of rights under data protection law in relation to the way we process your personal data, although these are not absolute and in some instances we may be unable to accept your request, in which case we will respond to you to explain why.  These are set out below.  You may contact us using the details on our websites to exercise any of these rights, and we will respond to any request received from you within one month from the date of the request. 

Please address any questions, comments and requests regarding our data processing practices to us in this way in the first instance. 

1. You have the right to request access to your personal data 

You have the right to request confirmation that your personal data is being processed, access to your personal data (through us providing a copy) and other information about how we process your personal data. 

2.  You have the right to ask us to rectify your personal data 

You have the right to request that we rectify your personal data if it is not accurate or not complete. 

3.  You have the right to ask us to erase your personal data 

You have the right to ask us to erase or delete your personal data where there is no reason for us to continue to process your personal data.  This right would apply if we no longer need to use your personal data to provide products or services to you, where you withdraw your consent for us to market to you, or where you object to the way we process your personal data (see right 6 below). 

4.  You have the right to ask us to restrict or block the processing of your personal data 

You have the right to ask us to restrict or block the processing of your personal data that we hold about you.  This right applies where you believe the personal data is not accurate, you would rather we block the processing of your personal data rather than erase your personal data, where we don need to use your personal data for the purpose we collected it for but you may require it to establish, exercise or defend legal claims. 

5.  You have the right to port your personal data 

You have the right to obtain and reuse your personal data from us to reuse for your own purposes across different services.  This allows you to move personal data easily to another organisation, or to request us to do this for you. 

6.  You have the right to object to our processing of your personal data 

You have the right to object to our processing of your personal data on the basis of our legitimate business interests, unless we are able to demonstrate that, on balance, our legitimate interests override your rights or we need to continue processing your personal data for the establishment, exercise or defence of legal claims. 

7.  You have the right not to be subject to automated decisions 

You have the right to object to any automated decision making, including profiling, where the decision has a legal or significant impact on you. 

8.  You have the right to withdraw your consent 

You have the right to withdraw your consent where we are relying on it to use your personal data. 

 

If you have any concerns regarding our processing of your personal data, or are not satisfied with our handling of any request by you in relation to your rights, you also have the right to make a complaint to the Information Commissioner's Office.  Their address is: 

 

First Contact Team 
Information Commissioner's Office 
Wycliffe House 
Water Lane 
Wilmslow 
SK9 5AF 

 

Updating Your Information 

If you believe your details are incorrect you can amend your details by contacting us at info@studentessentials.co. 

Changes To Our Privacy Policy 

Any changes we may make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by email. 

This policy was last reviewed and updated: November 2018 

Contact 

If you have any questions, comments or requests regarding this Privacy Policy, we will be happy to answer them. Please contact us. 

Please remember to include your name, address and postcode along with any correspondence reference you may have.