This Privacy Policy explains how Equii-Est Ltd (“we”, “us”, “our”) collects, uses, stores, and shares personal data when you visit our website, create an account, place and order, contact us, or otherwise interact with us.
“Personal data” means any information that can identify you directly or indirectly.
Who we are (Data Controller)
Data Controller: Equii-Est Ltd
Email: info@equiiest.co.uk
Telephone: 07823 587560
Postal Address: Battlesbridge Horse and Country, The Mills, Chelmsford Road, Wickford, Essex, SS11 8TR
If you have question about this policy or want to exercise your rights, contact us using the details above.
What data we collect
We may collect and process the following categories of personal data:
A. Identify and account data
– Name
– Email address
– Account login details (e.g., username and password in encrypted/hashed form)
B.Contact and delivery data (postage data
– Billing and delivery address
– Telephone number
– Email address
C. Payment and transaction data
– Payment status, purchase history, refunds, and order details
– Payment card details are typically processed by our payment provider and are not stored by us (confirm this).
– If you pay by bank transfer, we may process bank account details needed to administer that payment/refund.
D. Communications data
– Messages you send us (e.g., via forms, email, telephone)
– Your preferences ( e.g., marketing opt-in/out)
E. Technical and usage data (log data)
– IP address
– Browser type and version
– Operating system
– Referrer URL
– Pages visited, time spent, clicks, and related analytics
– Dates/times of access and server requests
F. User-generated content (where applicable)
– Comments and related metadata if you leave comments on the website
– Any images or files you upload (e.g., via forms or account areas)
How we collect your data
We collect data when you:
– Register for an account
– Place an order, request a quotation, or submit a request/enquiry form
– Contact us by email/phone or submit feedback/surveys
– Use our website, which may automatically collect technical data via cookies and similar technologies
– Leave comments (where enabled)
How we use your data (purposes)
We use your personal data to:
1. Provide services and fulfil orders
– Create and manage your account
– Process orders, payments, deliveries, returns, and refunds
– Provide customer support and respond to enquiries
2. Operate, protect, and improve the website
– Monitor performance, troubleshoot, and prevent fraud/abuse
– Analyse website usage and improve content and functionality
3. Send service messages
– Order confirmations, delivery updates, account notices, and important operational communications
4. Marketing (where permitted)
– Send newsletters or promotional offers where you have opted in (or where permitted under applicable law)
– You can opt out at any time (see Section 10)
5. Comply with legal obligations and enforce rights
– Accounting, tax, record-keeping, responding to lawful requests
– Managing disputes or claims
Lawful bases for processing (UK GDPR)
We process personal data under one or more of the following lawful bases:
– Contract: To perform a contract with you (e.g., to fulfil orders, manage your account).
– Legitimate interest: To run and improve our business, maintain security, prevent fraud, and understand website usage (balanced against your rights).
– legal obligation: to comply with legal and regulatory requirements (e.g., tax/accounting).
– Consent: For certain marketing communications and some cookies/analytics (where required). You can withdraw consent at any time.
Cookies and similar technologies
We use cookies and similar technologies to make the website work, improve performance, and (where enabled) understand user behaviour.
Cookies we may use include:
– Strictly necessary cookies: required for site functionality (e.g., cart, checkout, security).
– Functionality cookies: remember preferences and login settings.
– Analytics cookies: help us understand website usage and improve the site.
– Marketing cookies (if used): support advertising/remarketing (only where implemented and appropriately configured).
You can control cookies through your browser settings. Disabling some cookies may affect website functionality.
For more general cookie information, see third-party guidance such as allaboutcookies.org.
Analytics, embedded content, and third-party services
Google Analytics (if enabled)
We may use Google Analytics to analyse website usage. This can involve cookies and processing technical identifiers (including IP address). Where configured, we may use IP anonymisation or equivalent settings.
You can opt out of Google Analytics via Google’s browser add-on.
International transfers: Some providers may process data outside the UK. Where required, we use appropriate safeguards (see Section 9).
Google services (if used)
We may use services such as:
– Google Fonts (to display content consistently)
– Google Maps (to display locations)
– Google reCAPTCHA (to reduce spam and abuse)
These services may receive technical data such as IP address and device/browser information.
Content Delivery Networks (CDNs) (if used)
We may use CDNs to speed up delivery of site assets. This can involve your browser requesting content from third-party servers, which may receive your IP address.
Comments and Gravatar (only if comments are enabled)
If visitors leave comments, we may collect the data shown in the comments form, plus IP address and browser user agent string for spam detection.
If Gravatar is enabled, an anonymised hash of your email address may be sent to Gravatar to check if you use it, and your profile image may become publicly visible alongside approved comments.
(If you do not use comments or Gravatar, remove this subsection.)
Who we share your data with
We may share personal data with:
A. Service providers (processors)
– Payment processors
– Delivery and logistics providers
– Hosting/cloud providers
– IT support and security providers
– Email and marketing platforms (only where you have opted in/where lawful)
They are permitted to process data only to provide services to us and must protect it appropriately.
B. Professional advisers
We may share information with professional advisers (e.g., accountants, insurers, legal advisers) where reasonably necessary.
C. Legal and regulatory bodies
We may disclose data where required to comply with legal obligations, enforce our terms, protect rights, prevent fraud, and respond to lawful requests.
D. business transfers
If we sell, merge, or restructure our business, personal data may be shared with relevant third parties (e.g., prospective buyers) subject to confidentiality and appropriate safeguards.
We do not sell personal data.
International data transfers
Some third-party providers may process personal data outside the UK. Where this occurs, we use appropriate safeguards as required by UK GDPR (for example, UK International Data Transfer Agreement (IDTA) and/or UK Addendum to EU SCCs, plus risk assessments where appropriate).
(If you only use UK-based providers, say so and simplify this section.)
Marketing preferences
We may send marketing communications if:
– you have opted in; or
– we have another lawful basis that applies under UK law (conform your approach).
You can opt out at any time by:
– using the unsubscribe link in emails (if available), or
– emailing us at info@equii-est.co.uk
If you opt out, we may still send non-marketing service messages (e.g., order updates).
Data retention
We keep personal data only as long as necessary for the purposes described in this policy, including legal, accounting, and reporting requirements.
Typical retention considerations:
– Orders/transactions: kept for statutory tax/accounting periods.
– Enquiries: retained as long as needed to handle your request and for a reasonable follow-up period, unless you ask us to stop (where applicable).
– Security logs: kept for a short period unless needed for investigating incidents.
– Comments (if enabled): comments and metadata may be retained indefinitely to facilitate moderation and spam prevention.
You can request deletion where applicable (see Section 13).
How we protect your data
We use appropriate technical and organisational measures to protect personal data, which may include:
– HTTPS encryption on transactional pages (and ideally across the whole site)
– Access controls and account security measures
– Secure storage and handling procedures for paper records (if any)
– Vendor security reviews for key service providers (where appropriate)
No method of transmission or storage is completely secure; however, we take reasonable steps to reduce risk.
Your data protection rights (UK GDPR)
You have the right to:
– Access your personal data
– Rectification (correct inaccurate or incomplete data)
– Erasure (request deletion, in certain circumstances)
– Restriction (limit processing, in certain circumstance)
– Object to processing (especially where based on legitimate interests or for direct marketing)
– Data portability (receive certain data in a machine-readable format)
We generally respond within one month.
Some rights are subject to exceptions, for example, where we must keep data to comply with legal obligations or establish/defend legal claims.
To exercise your rights, contact info@equii-est.co.uk.
Complaints
If you are unhappy with how we handle your personal data, please contact us first so we can try to resolve the issue.
You also have the right to complain to the Information Commissioner’s Office (ICO) (UK regulator for data protection).
Third-party links
Our website may contain links to third-party sites. We are not responsible for their privacy practices. Please review their privacy policies before providing personal data.
Uploaded media notice (if uploads are enabled)
If you upload images, avoid including embedded location data (EXIF GPS). Other users may be able to download images and extract embedded metadata.
Changes to this policy
We may update this Privacy Policy from time to time. The latest version will always be posted on this page with an updated “Last updated” date. Your continued use of the website after updates means you accept the revised policy.