Who we are
expanseElectronics® Ltd is the data controller for personal data collected through our website and online store. Our company details are at the bottom of this page. The contact for any privacy-related question or request is [email protected].
What data we collect, and why
| Data | Why | Lawful basis |
|---|---|---|
| Name, email, billing & shipping address — when you place an order | To process and ship your order, send order confirmations, and handle returns or warranty issues | Performance of a contract |
| Email, password (stored as a PBKDF2-SHA256 hash with a per-user salt — never in plain text), the IP address of your last login, and active session records — when you create an account or log in | To let you log in to your account, view your order history without using a magic link, and manage saved addresses / payment methods. The IP audit-trail is for account-security investigations. | Performance of a contract plus our legitimate interest in account security |
| Saved shipping addresses you choose to store | To pre-fill the shipping section of checkout next time. Visible only to you and us; never shared. | Consent (you actively save each address; deletable at any time) |
| A reference to your Stripe Customer record (and indirectly, the saved card "fingerprints" — brand and last 4 digits — that Stripe holds for you) | To show "•••• 4242" pickers in your account and at checkout. We never see or store the full card number. The card itself lives with Stripe; we only store a `cus_…` ID linking you to Stripe. | Performance of a contract plus legitimate interest in reducing checkout friction |
| Payment details — card number, expiry, CVC | To take payment. We never see or store your card details; they go directly to Stripe. | Performance of a contract |
| Name, email, optional subject, message body, and your IP address — when you use the contact form | To respond to your enquiry. Stored in our Cloudflare D1 database and forwarded to our support inbox via Resend. The IP is retained alongside the submission for abuse prevention only. | Legitimate interests (responding to a question you sent us) |
| Email address and a reference to your in-progress order — when you start entering your email at checkout but don't complete the purchase | To send up to five cart-recovery reminder emails over 7 days. Later emails include single-use 10%, 15%, and 20% discount codes. See "Cart-recovery emails" below. | Legitimate interests (UK GDPR Art. 6(1)(f)) and the "soft opt-in" rule for negotiated sales under PECR Reg 22(3). One-click unsubscribe in every message. |
| Email address, source page, and confirmation timestamp — when you subscribe to our newsletter at /newsletter/ | To send our roughly-monthly newsletter. Double opt-in: you must click the link in the confirmation email before anything else is sent. | Consent (clicking the confirmation link). One-click unsubscribe in every email. |
| Saved item references — when you add a product to your wishlist while signed in | To show your wishlist on your account page. Includes the Stripe price ID, a product name/URL/image snapshot, and the timestamp. Not used for marketing. | Performance of a contract |
| Email, optional display name, rating, optional order ID, review title and body, and your IP — when you submit a product review | To moderate and publish customer reviews on the product page. Your email is not shown publicly; only the display name you choose appears. The "verified buyer" badge appears if your order ID matches. The IP is for abuse prevention only. | Consent. Rejected submissions are deleted on request. |
| Email address and a product reference — when you sign up for "Email me when back in stock" | To notify you in one email when that product becomes available again. The row is deleted the moment that notification is sent. | Consent (clicking the notify button is an explicit opt-in for that single message) |
| Email address and a product slug — when you sign up to be notified at launch of an upcoming product on the homepage | To email you once when that product is available to buy. We do not enrol you in any other marketing list and the launch email is the only email you'll receive on this basis. | Consent. Unsubscribe link is included in our confirmation email. |
| A reference to your Stripe subscription, and a store-credit / rewards ledger keyed to your account — when you become a monthly supporter at /support/ | To run your support subscription, apply your 5% supporter discount and £1.50/month store credit at checkout, and issue milestone reward codes. We store the Stripe subscription reference, your credit balance movements, and which rewards have been issued — not card details. | Performance of a contract |
| Full name, email, institution, institution type, optional course, and use case — when you submit an educational discount request | To verify your eligibility and issue you a single-use discount code if approved. Stored in our Cloudflare D1 database; reviewed manually by us. | Consent. Data retained as long as your discount is active so we don't approve the same request twice. |
| Anonymous, aggregated page-view data — when you visit any page on the site | To understand which pages people read so we can improve the site | Legitimate interests (no cookies, no fingerprinting, no PII) |
| IP address, request URL, timestamp, user agent — automatically logged by our web server | Security, abuse prevention, debugging | Legitimate interests |
Who else sees your data
We use a small number of third-party processors to run the website and store. Each only receives the data it needs:
Stripe (payment processor)
Card payments are taken by Stripe. The card number, expiry, and CVC are entered into a Stripe-hosted form embedded on our checkout page (Stripe Elements) — they go directly to Stripe's servers and are never seen or stored by us. Stripe also handles Apple Pay, Google Pay, and Link sessions where you choose those. Stripe shares with us the billing email, the shipping address you provided, and the result of the transaction so we can match the payment to your order. Stripe sets its own cookies during checkout to keep the payment session and detect fraud — these are strictly necessary and exempt from consent. For UK and EU customers, the Stripe entity is Stripe Payments Europe Limited (Ireland).
Cloudflare (Workers, D1 database, CDN)
The storefront's order-handling backend runs on Cloudflare Workers, with records stored in Cloudflare D1 (a SQL database). Static pages are also served through Cloudflare's CDN. Specifically, D1 holds: each order's customer email, shipping address, line items, payment reference, and shipping/tracking status; user accounts (email + password hash); active session records; saved shipping addresses; contact-form submissions; cart-recovery records (retained at most 14 days); back-in-stock notification subscribers; the launch-notification interest list; educational-discount requests; and service health check results driving our public status page. Cloudflare may process your IP address to deliver pages and protect against abuse. Cloudflare's UK-relevant entity is Cloudflare, Inc. (US), with EU operations covered by Standard Contractual Clauses.
Resend (transactional email)
When you place an order or its status changes (shipped, delivered, refunded), we send you an email through Resend. Resend processes your email address and the body of the message on our behalf so we can deliver order confirmations and tracking links reliably. Resend's UK-relevant entity is Resend, Inc. (US), covered by Standard Contractual Clauses.
Shippo (shipping rates, label purchase, tracking)
To quote you a live shipping price at checkout, buy the postage label after you order, and show you the tracking timeline on your order page, we use Shippo. At checkout, your shipping address is sent to Shippo so they can return live rates from the non-Royal-Mail carriers we have linked (DPD, Parcelforce, UPS, FedEx, DHL). When we buy a label through Shippo, the same address plus the parcel dimensions are sent to the carrier. We also query Shippo for tracking events on shipped orders. We do not send your email, payment details, or product details to Shippo — only the shipping information needed to quote, label, and track. Shippo's UK-relevant entity is Shippo, Inc. (US), covered by Standard Contractual Clauses.
ShipStation (Royal Mail rates & labels)
Royal Mail rates and labels are handled through ShipStation (ShipEngine). When we quote a Royal Mail rate or buy a Royal Mail label for your order, your name, shipping address, email, and the parcel dimensions are sent to ShipStation and on to Royal Mail to produce the label and tracking number. We do not send payment or product details. Royal Mail tracking after dispatch is shown via Royal Mail's own tracking link. ShipStation's UK-relevant entity is Auctane LLC / ShipEngine LLC (US), covered by Standard Contractual Clauses.
Plausible Analytics
Page-view analytics are provided by Plausible (an EU-based service, Estonia). Plausible was chosen specifically because it does not use cookies, does not store any personal data, does not fingerprint visitors, and does not share data with third parties. The only data sent is the page URL, the referrer (if any), the visitor's country (geolocated from IP), and basic device/browser type — all aggregated and anonymous. The visitor's IP is hashed and not retained.
Web hosting
Our static website is hosted on DigitalOcean infrastructure (UK / EU). The web server logs each request (IP, timestamp, URL, status code, user agent) for security and debugging. Logs are rotated automatically.
Cookies and local storage
This site does not set any tracking, advertising, or social-media cookies. Plausible Analytics is cookieless. The only client-side storage we use is:
- Browser localStorage — to keep your shopping cart between page loads, and (on the admin pages only) to remember your admin token. Both are functional storage, not used for tracking.
- Stripe cookies — set by Stripe Elements during checkout for payment session continuity and fraud detection. These are strictly necessary for payment.
Because we do not set any non-essential cookies or use any non-essential storage for tracking purposes, no consent banner is required under PECR / UK GDPR.
Cart-recovery emails
If you start typing your email at our checkout but don't complete the purchase, we save your email address alongside a reference to the in-progress order ("payment intent" in Stripe's terminology) so we can remind you the order is still waiting. The reminder emails are sent automatically by our Cloudflare Worker, in up to five stages:
- A gentle nudge roughly 1 hour later.
- A second "your cart is still here" reminder about 24 hours after that.
- At 72 hours, an email with a single-use 10% discount code, valid for 7 days.
- At 5 days, the same with a 15% code.
- At 7 days, a final email with a 20% code — no further messages after this.
That's the entire sequence — we don't enrol you in any general marketing list. Every cart-recovery email contains a one-click unsubscribe link that immediately stops any further reminders for your email address. We rely on the soft opt-in for negotiated sales (PECR Reg 22(3)) since your email was collected in the course of a transaction for our own similar products; you can object at any time using the unsubscribe link or by emailing us. Completing the order, asking to unsubscribe, or 14 days passing all cause the cart-recovery record to be deleted automatically.
Your account, and how to delete it
You can use the store without creating an account — the magic-link option ("Email me my orders") works without storing anything except a transient email reference. If you do create an account, your data sits in our Cloudflare D1 database and is only visible to you when you log in, and to us when we need to operate the service.
You can delete your account at any time by emailing [email protected] from the address attached to it. Within a week we will:
- delete your account record (email, password hash, sessions);
- delete any saved shipping addresses;
- detach all saved cards from your Stripe Customer (the card itself remains with Stripe under their retention policy);
- scrub your name and address out of any cart-recovery / launch-notification / back-in-stock rows.
The one thing we keep is your order records — name, address, items, payment reference — because HMRC requires UK businesses to retain these for 7 years. After 7 years from the date of the last order, those records are deleted too.
How long we keep your data
- Order records: 7 years from the date of the order (HMRC requirement).
- Account records: kept until you ask us to delete them. Inactive sessions older than 30 days are pruned automatically.
- Cart-recovery records: at most 14 days. Deleted sooner if you complete the order, unsubscribe, or we successfully send the final reminder.
- Contact-form submissions: 7 years.
- Back-in-stock notification subscribers: deleted the moment we send you the "now in stock" email.
- Launch-notification list: kept until the product launches, then archived. You can unsubscribe at any time.
- Educational discount requests: kept while the issued discount code is still usable, then archived.
- Web server logs: rotated automatically after a short period (typically 14 days).
- Plausible Analytics: aggregated, anonymous statistics retained by the analytics service for as long as we use the service.
Where data is held by a third-party processor (Stripe, Cloudflare, Resend, Plausible), retention is also subject to that processor's own retention policy.
International transfers
Some of our processors are based outside the United Kingdom — Stripe (Ireland, EU), Plausible (Estonia, EU), Cloudflare (United States), and Resend (United States). Transfers to EU countries are covered by the UK's adequacy decision for the EU. Transfers to the United States are covered by the UK's data bridge for the EU–US Data Privacy Framework, where the recipient is certified, or by Standard Contractual Clauses (SCCs).
Your rights
Under UK GDPR you have the right to:
- Access the personal data we hold about you
- Rectify data that is inaccurate or incomplete
- Erase data we hold (subject to our legal obligation to keep order records for 7 years)
- Restrict our processing of your data
- Object to processing based on legitimate interests
- Portability — receive your data in a machine-readable format
- Withdraw consent at any time, where we rely on consent
To exercise any of these rights, email [email protected]. We will respond within one calendar month.
Complaints
If you are unhappy with how we have handled your personal data, you can complain to the UK's data protection regulator, the Information Commissioner's Office (ICO):
- Online: ico.org.uk/make-a-complaint
- Phone: 0303 123 1113
- Post: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
We'd appreciate the opportunity to address any concerns directly first if you haven't already raised the issue with us.
Changes to this policy
We may update this policy from time to time. Material changes are flagged in the "last updated" date at the top of this page. We'll only ever change the policy in a forward direction; existing data continues to be handled under the policy that was in force when it was collected.
expanseElectronics® Ltd
Registered Company No. 14579610 — Registered in England and Wales
Registered office: International House, 66 Lavender Hill, London, SW11 5RQ, United Kingdom
Privacy contact: [email protected]