Data Protection Policy

Last updated 03 January 2024


Manage Your eCommerce (’we’, ’us’, ’our’) takes data protection seriously. This policy sets out how we seek to protect personal data and ensure all data processing complies with applicable data protection laws.

Who We Are

Our trading name isManage Your eCommerce– that is what our eCommerce platforms, products and website are known by and the name our customers know us by. Our Manage Your eCommerce platforms are owned and operated by Evident BD Limited. 

Evident BD Ltd Limited is based in the UK, our registered office is at 620 London Road, Grays, RM20 3HX, United Kingdom and our company registration number in the UK is 13017375.

We are bound by applicable data protection laws in the EU, UK, and USA for the handling and collection of your data. 

We are registered as a data controller with the UK Information Commissioner’s Office (ICO) under the registration number ZB546717.

Data Protection Officer

Our Data Protection Officer oversees compliance with this policy. Contact them at:

Email:[email protected]

Personal Data We Process

We process personal data provided to us by customers and visitors who use our services. This includes identity, contact, transactional and communications data.

As a processor, we also process data on behalf of our customers. This includes orders, accounts and other ecommerce data belonging to their customers.

Protecting Personal Data

We utilise appropriate technical and organisational controls to protect data, including:

  • Encryption of data at rest and in transit
  • Access controls and authentication
  • Employee data security training
  • Data minimization strategies
  • PCI DSS compliance for payment data

Retention Periods

We retain personal data as long as required to provide our services or meet legal obligations. Retention periods vary based on the type of data.

Data Subject Rights

Data subjects have certain rights over their personal data. These include rights of access, rectification, erasure, restriction of processing, data portability and objections to processing. Contact our Data Protection Officer to make requests.

Legal Basis for Data Processing

Our legal bases for processing personal data include consent, contractual necessity and our legitimate business interests. We only process special category data with explicit consent.

Disclosure to Third Parties

We disclose data to third parties only as necessary to provide our services, comply with legal obligations or obtain professional advice. Third parties must agree to process data according to our instructions and data protection laws.

Complaints and Questions

Please contact our Data Protection Officer with any queries or complaints about our data processing practices. You also have a right to lodge a complaint with your local supervisory authority.

International Data Transfers

We utilise Standard Contractual Clauses and other valid transfer mechanisms when transferring personal data internationally outside the UK/EEA, to ensure adequate data protection controls.

Record Keeping

We maintain internal records of data processing activities for demonstration of compliance with regulations. Records include processing purposes, data sharing and retention policies.

Data Protection by Design

We employ a Data Protection by Design approach when developing products and services, assessing data privacy risks early and designing features to prevent or mitigate potential impacts.

Data Protection Impact Assessments

We conduct assessments of high-risk data processing to identify and address privacy risks. Assessments evaluate necessity and proportionality, risks to rights and freedoms and measures to mitigate risks.

Breach Notification

We follow all applicable data breach notification laws. In the event of a qualifying data breach affecting EU or UK data subjects, we will notify supervisory authorities within 72 hours and affected data subjects without undue delay.

Cookie Usage

We use strictly necessary and functional cookies to deliver our online services. Analytics cookies help us understand interactions with our website. All cookies require the user’s consent before placement. Our Cookie Policy contains more details.

Direct Marketing

As permitted by law, we may contact individuals by email and other channels with updates about our products and services that may interest them. Every marketing message contains instructions on opting out from future communications.

Protecting Special Categories of Personal Data

We implement additional security protections when processing any special categories of personal data, such as health, biometric or religious data. These enhanced measures ensure compliance with legal obligations for sensitive data.

Data Minimization

We collect only the minimum amount of personal data necessary to deliver our services. Data collection is adequate, relevant and limited to fulfil stated purposes.

Joint Controller Arrangements

In situations where we jointly determine means and purposes of processing with another controller, we define our respective responsibilities for complying with data protection obligations through formal arrangements.

Supplier Oversight

We conduct information security assessments on third-party suppliers that may process personal data in order to continually evaluate whether their security controls are in line with legal requirements and our policies.

Status of UK Data Post Brexit

We recognize that the personal data of UK data subjects will continue receiving the UK GDPR standards of data protection, as provided by the Data Protection, Privacy and Electronic Communications Regulations. Our policy is to continue applying EU GDPR principles to UK data.

Direct Marketing Consent Withdrawal

Data subjects retain the right to withdraw consent for direct marketing communications at any time. Withdrawing consent for marketing will not affect your ability to use our core services. Users can withdraw consent by clicking unsubscribe links or contacting us directly.

More Information

Hopefully, this has made things clearer for you. As mentioned earlier, if there is anything you are unsure about regarding the policies or terms stated here, please don’t hesitate to contact us at [email protected]