Privacy Policy
Essential Information and Our Identity
Hyllux's Controller Contact Details
Hyllux is the controller of any personal data that is collected through our website and the provision of our products and services to you. We are responsible for the personal data that we collect about you.
If you have any questions regarding our use of your personal data or relating to this Privacy Policy, including any requests to exercise your legal rights, please contact us using the details below:
- By emailing: customer@hyllux.com
- By post: Hyllux Limited, 115 East Acton Lane, W3 7HB, London, United Kingdom
Filing a Complaint
If you have any concerns about how we've handled your personal data, you're entitled to lodge a complaint with the Information Commissioner’s Office (ICO), the UK's authority for data protection issues (www.ico.org.uk). Nonetheless, we value the opportunity to address your concerns directly. Therefore, we kindly ask you to reach out to us first using the contact details provided above, allowing us the chance to resolve any issues you may have.
Changes to our Privacy Policy
We are committed to regularly updating this Privacy Policy and informing you of any significant changes in how we process your personal data. This Privacy Policy may be revised periodically to mirror changes in our practices or due to operational, legal, or regulatory reasons.
Whenever we amend our Privacy Policy, we will update this page with the implementation date of the revised policy, ensuring you are kept informed about the types of information we collect and their usage. Any updated Privacy Policy will become effective immediately and will be applicable solely to data gathered following the enactment of the new policy. We recommend that you review this page prior to making any purchases to stay informed about any modifications.
The latest update to this Privacy Policy was on 29 January 2024. You can access historical versions by reaching out to us using the contact information provided above.
Maintaining Current Information with Us About You
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.
Third party links
Our website features links to external third-party websites, plug-ins, and applications. Please be aware that once you exit our website or are redirected to a third-party's site, our control over their privacy practices ceases. We do not bear responsibility for how these third-party sites manage, collect, use, or disseminate your personal data. We strongly advise you to review the privacy policies of any third-party sites you choose to visit.
The Types of Personal Data We Gather
Definition and Scope of Personal Information
Personal information refers to any details that can be used to identify an individual. This encompasses data such as your name, address, phone number, and card payment information. It excludes any data where the identity has been anonymized.
The types of personal information we collect, use, store, and transfer about you include:
- Identity Information: This includes first and last names.
- Contact Information: This covers delivery and billing addresses, email addresses, and phone numbers.
- Financial Information: We only hold partial details of your payment cards.
- Transaction Information: This entails records of payments to and from you and other details of products and services you've bought from or through us.
- Technical Information: This includes your Internet Protocol (IP) address, login information, browser type and version, time zone settings and location, types of browser plug-ins and their versions, your operating system and platform, and other technology on the devices you use to access our website.
- Profile Information: This consists of your username and password, your purchase history, interests, preferences, feedback, and responses to surveys.
- Usage Information: This details how you interact with our website, products, and services.
- Marketing and Communications Information: This includes your preferences regarding receiving marketing materials from us and our third parties, as well as your communication preferences.
We also gather, use, and share Aggregated Data, such as statistical or demographic information, for various purposes. Although Aggregated Data may be derived from your personal data, it is not classified as personal data under the law, since it does not directly or indirectly disclose your identity. For instance, we might aggregate your Usage Data to determine the percentage of users utilising a specific feature on our website. However, if Aggregated Data is combined with your personal data in a way that could identify you directly or indirectly, we consider the combined data as personal data and treat it according to this Privacy Policy.
We do not collect any Special Categories of Personal Data about you. This category includes data about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, health, and genetic and biometric data. We also do not collect information regarding criminal convictions and offences.
Should you provide any Special Categories of Personal Data when using our website or communicating with us through any means, it is your responsibility to ensure you are comfortable with us using that personal data in line with this Privacy Policy. Please be aware that this type of personal data is more sensitive and is subject to greater protection under data protection laws. Therefore, it is advisable to refrain from sharing such data if possible.
Our website is not designed for individuals under the age of 16, and we do not intentionally collect data pertaining to children.
How we collect your personal data
We gather your personal data at various points during your interaction with us, and our use of this data varies based on the information collected. The ways in which we collect information about you include:
- Direct Engagements: Your personal data is collected directly from you when you provide us with your Identity, Contact, Financial, Transaction, Profile, and Marketing Communications Data. This happens when you:
- Register for an account on our site;
- Provide information via our website forms;
- Utilise our website's live chat feature;
- Make a purchase of a product or service;
- Process a return or request a refund;
- Participate in events we organise or sponsor;
- Opt-in for marketing materials or updates by subscribing to our services;
- Take part in a contest, promotional event, or survey;
- Share feedback or file a complaint;
- Reach out to us through various means such as phone, email, or postal mail for any inquiries.
Automated Collection and Interactions - When you use our website, we automatically gather Usage Data regarding your website interactions and Technical Data about your devices, equipment, browsing activities, and patterns. We employ the following technologies to assist in the collection of this personal data:
Technology Overview
What They Are and Their Functions
| Cookies | These small data files are downloaded to your device (e.g., computer) when you visit a website. They enable the website to recognize your device and store information about your preferences and past activities. For more details on cookies, please refer to our cookie notice. |
| Log Files | Log files monitor activities on our site, collecting data such as your IP address, browser type, Internet Service Provider, referring/exit pages, and date/time stamps. |
| Web Beacons | These are electronic files that gather information about your website browsing behavior. |
| Tags and Pixels | These are digital tools used for tracking and understanding interactions on our site. |
Data from Third Parties
We also receive information about you from third-party sources, including:
- Analytics Service Providers – Google Analytics, for instance, helps us collect personal data by analyzing Technical and Usage Data related to your interaction with our website.
- Other Vendors – We may receive personal data about you when you purchase our products or services through a third-party platform. We only collect and retain the necessary personal data to fulfill your order from such third-party platforms.
Consequences of Not Providing Personal Data
If we are required by law, or under the terms of a contract with you, to collect personal data and you do not provide it, we may not be able to perform the contract (e.g., to deliver the products or services you have requested). In such cases, we might have to cancel your order or the service requested, but we will notify you if this occurs.
Use of Your Personal Data
Collection and Use of Your Personal Data at Various Stages
Legal Basis for Processing
We adhere to data protection laws which mandate that we can only process your personal data if we have a legitimate legal basis for doing so, as outlined in these laws. We ensure that our use of your personal data is lawful in the following scenarios:
- When it's necessary to fulfill a contract we have with you;
- When we are obliged to comply with a legal or regulatory requirement;
- When it aligns with our legitimate interests (or those of a third party), provided that these interests do not infringe upon your own rights and freedoms; or
- With your explicit consent, particularly in relation to sending you marketing communications via email. You are entitled to withdraw this consent at any time by reaching out to us using the contact information provided earlier.
Intended Uses of Your Personal Data
Below outlines the various ways we intend to use your personal data, along with the corresponding lawful bases we depend on for each purpose. Where relevant, we've also indicated our legitimate interests.
Be aware that we might process your personal data based on multiple lawful grounds, depending on the particular purpose for its use. Should you require more information about the precise legal basis we rely on for processing your personal information, especially in cases where multiple grounds are indicated in the table, please feel free to contact us.
| Purpose/Activity | Type of Data | Legal Basis for Processing, Including Basis of Legitimate Interest |
|---|---|---|
| Account Creation – When you set up an account on our website, we utilise your personal data to establish and manage your account with us. | (a) Identity; (b) Contact; (c) Profile; (d) Marketing and Communications. |
Based on the performance of a contract with you. |
| Account Management – We use your personal data for administering your account and managing our relationship with you. This includes addressing your inquiries or requests through email, phone, post, or live chat. | (a) Identity; (b) Contact; (c) Profile; (d) Marketing and Communications. |
(a) Performance of a contract with you; (b) Necessary for our legitimate interests (to maintain accurate records and to foster our relationship with you for business growth). |
| Purchases – Your personal data is used for processing transactions when you buy our products or services, including handling payments, fees, and collecting debts. | (a) Identity; (b) Contact; (c) Financial; (d) Transaction. |
(a) Performance of a contract with you; (b) Compliance with legal obligations; (c) Necessary for our legitimate interests (to reclaim debts owed to us). |
| Delivery of Products – Essential for Shipping Your Order and Possible Data Transfer to Third Parties | (a) Identity; (b) Contact; (c) Shipping information |
(a) Performance of a contract with you; (b) Compliance with legal obligations; (c) Required for the Purpose of Shipping Your Order |
| Returns/Refunds/Product Recalls – We process your personal data for handling returns, managing refunds, and conducting product recalls when necessary. | (a) Identity; (b) Contact; (c) Financial; (d) Transaction. |
(a) Performance of a contract with you; (b) Compliance with legal obligations; (c) Necessary for our legitimate interests (to update records and enhance customer relationships for business development). |
| Feedback – We collect your personal data to send surveys and feedback forms for insights about our products and services. | (a) Identity; (b) Contact; (c) Profile; (d) Usage; (e) Marketing and Communications. |
Necessary for our legitimate interests (to analyze how customers use our products/services for development and business enhancement). |
| Research and Analysis – We process your personal data for assessing our product and service performance, which includes sharing information with third parties for ad measurement. | (a) Identity; (b) Contact; (c) Financial; (d) Transaction; (e) Profile; (f) Technical; (g) Usage. |
Necessary for our legitimate interests (to enhance services, identify customer segments, maintain website relevance, business development, and marketing strategy formulation). |
| Business Administration and Protection – This includes troubleshooting, data analysis, testing, system maintenance, support, reporting, and hosting of data. | (a) Identity; (b) Contact; (c) Profile; (d) Technical; (e) Usage. |
(a) Necessary for our legitimate interests (for business operation, IT and administrative services, network security, fraud prevention, and in case of business restructuring); (b) Compliance with legal obligations. |
| Business Promotion – We use your personal data to suggest products or services that might interest you. | (a) Identity; (b) Contact; (c) Marketing and Communications; (d) Profile; (e) Aggregated Data. |
(a) Consent; (b) Necessary for our legitimate interests (to understand customer preferences and inform marketing strategy for business growth). |
Modification of Data Use Purpose
We typically use your personal data only for the purposes for which we collected it. However, if we deem it necessary to use it for another purpose, and that purpose is compatible with the original intent, we will do so. For an explanation on how processing for the new purpose is compatible with the original one, please do not hesitate to contact us at the provided contact details.
In the event that we need to use your personal data for a purpose that is unrelated to the original one, we will inform you, explaining the legal justification for this new usage.
Please be aware that, in certain circumstances and in accordance with legal requirements, we may process your personal data without your knowledge or consent, consistent with the rules outlined above.
Marketing
We offer you options regarding the use of your personal data, especially concerning the receipt of marketing materials. To keep you informed about our latest promotions, we require your explicit opt-in consent for receiving marketing communications. When you navigate our website or make a purchase, you will find the opportunity to give this opt-in consent.
If you choose to receive marketing materials from us, we will use your Identity, Contact, Technical, Usage, Profile, and Aggregated Data to tailor information about products, services, and offers that might interest you.
You have the freedom to opt out of direct marketing at any time. This can be done through your account settings, by selecting the 'unsubscribe' option in any of our emails, or by reaching out to us at the contact details provided. It's important to note that opting out of marketing messages does not apply to personal data supplied to us as a result of purchasing a product or service, warranty registrations, or other essential communications related to services or products you have obtained from us.
Encountering Our Advertisements on External Websites
To ensure our website is easily discoverable and to keep you informed about our latest activities, we participate in online advertising campaigns. If you prefer not to see targeted advertisements from us, you have the option to opt out through the following platforms:
- For Facebook: Adjust your ad preferences at https://www.facebook.com/settings/?tab=ads
- For Google: Modify your ad settings at https://www.google.com/settings/ads/anonymous
- For Bing: Change your personalized ad settings at https://advertise.bingads.microsoft.com/en-us/resources/policies/personalized-ads
Sharing of Personal Data
Your personal data is treated as confidential and is safeguarded in line with data protection laws. We assure you that we do not sell your personal data to any third parties. However, it may be necessary for us to share your information with third-party service providers who play a crucial role in delivering our services or products. These providers include, but are not limited to, companies offering IT maintenance, professional advice, payment processing, website and file hosting, and system administration services.
The third-party services we use adhere to the same principles as we do. They will only use, collect, and disclose your personal data as needed to provide you with our services or products. We mandate that these third parties uphold the security of your personal data and comply with data protection laws. We strictly prohibit them from using your personal data for their own purposes and limit their processing to specified functions, under our directives.
We conduct thorough checks on any third parties processing your personal data on our behalf, ensuring they have suitable data protection measures in place. We also regularly monitor these parties (and their approved subcontractors) to guarantee the ongoing security of your personal data.
Below, we've listed some key service providers (though not all) that we engage to deliver our services and products. We encourage you to review their Privacy Policies to better understand how they process your personal data. Many of these providers also use third-party services, which facilitates our collaboration in providing you with an exceptional shopping experience.
Primary Service Providers
Online Store Hosting
- Shopify: Our online store is hosted by Shopify Inc. They provide an e-commerce platform enabling us to offer our products and services to you. For more information, it is advisable to review Shopify’s Terms of Service and Privacy Statement.
Payment Processing
- Shopify: When you opt for a direct payment gateway for your purchase, Shopify manages your credit card and transaction data. This information is retained only long enough to complete the transaction. For additional details, please refer to the Terms and Privacy Statement mentioned above.
- Klarna: If you select Klarna’s payment options, we share some of your information with Klarna to determine your eligibility for their payment services and to customise these options for you. You can learn more by reading Klarna’s Privacy Policy.
Logistics and Shipping
- DHL, Parcelforce, Royal Mail, UPS, FedEx, and Evri: These are our chosen logistics providers for delivering scooters and other items you purchase. We share necessary parts of your order information with them to facilitate the delivery process. For a deeper understanding of how they handle your data, we suggest reviewing their respective Privacy Policies.
Transfer of data outside of the UK General Data Protection Regulation (UK GDPR) & The European Economic Area (EEA)
Data Transfer Disclosure:
We may need to transfer your personal data outside of the UK General Data Protection Regulation (UK GDPR) and The European Economic Area (EEA), such as China. We do this in order to provide you with the services and products you require.
In the event that personal data is transferred to countries outside of the UK & EEA, those countries may not offer an equivalent level of protection for personal data compared to the laws in the UK or EEA. If we disclose your personal data to a third party located outside the UK & EEA, we will only do so after taking steps to ensure that appropriate safeguards are implemented. This will ensure that your personal data receives a level of protection similar to that required by data protection laws in the UK or EEA.
Where we transfer your personal data out of the UK or EEA, we will ensure that it receives a similar degree of protection by implementing at least one of the following safeguards:
- We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission.
- We will use specific contracts approved by the European Commission which give personal data the same protection it has in Europe; or
- Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal information shared between Europe and the US.
Please don't hesitate to contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.
Data Security
We have implemented robust security measures to prevent the accidental loss, unauthorised access, use, alteration, or disclosure of your personal data. Access to your personal data is restricted to employees, agents, contractors, and authorised third parties who require it for legitimate business purposes. These individuals are bound by confidentiality obligations and will process your personal data strictly in accordance with our instructions.
We have established protocols to address any suspected breaches of personal data security. In the event of a breach that requires legal notification, we will promptly inform you and the relevant regulatory authorities. Your data security is a top priority for us.
Retention
We will retain your personal data for a duration that is reasonably necessary to accomplish the purposes for which it was collected. This includes fulfilling any legal, regulatory, tax, accounting, or reporting obligations. To determine the appropriate retention period, we consider factors such as the volume, nature, and sensitivity of the data, the potential risks associated with unauthorised access or disclosure, the purposes of data processing, alternative means to achieve those purposes, and relevant legal requirements.
Typically, we will retain your personal data for the duration of your account with us and for an additional 5 years after the closure of your account or from the date of your last order, if you do not have an account. However, in cases where we are obligated by law to retain personal data for a longer period or where extended retention is necessary for legal claims, ongoing inquiries, or addressing complaints, we may retain the data for a longer duration. Your data's retention period may vary accordingly.
Your Rights
You have several rights regarding your personal data, subject to certain legal conditions. These rights include:
- The right to be informed about how we use your personal data, as detailed in this Privacy Policy.
- The right to access the personal data we hold about you.
- The right to request corrections to your personal data if you believe it is incorrect, incomplete, or inaccurate.
- The right to request the erasure of your personal data in specific circumstances.
- The right to request restrictions on the processing of your personal data in certain situations.
- The right to request the transfer of specific elements of your personal data to you or another service provider in a commonly used electronic format.
- The right to object to our processing of your personal data.
- The right not to be subject to automated decisions and to request human intervention.
- The right to withdraw consent if we rely on your consent for processing your personal data, such as for our marketing materials.
To exercise any of these rights, please contact us using the provided contact details.
No Fee Usually Required
You generally do not have to pay a fee to access your personal data or exercise any of the rights mentioned. However, if your request is clearly unfounded, repetitive, or excessive, we may charge a reasonable fee or refuse to comply with your request in such cases.
Information We May Need From You
To confirm your identity and ensure your right to access your personal data (or exercise any other rights), we may need to request specific information from you. This is a security measure to prevent unauthorised disclosure of personal data. We may also contact you for additional information to expedite our response.
Time Limit to Respond
We make every effort to respond to all legitimate requests within one month. If your request is particularly complex or if you have submitted multiple requests, it may take us longer to respond. In such cases, we will notify you and keep you informed of the progress.
Cookies
We use cookies on our website. You can configure your browser to block all or some cookies, or to receive alerts when websites attempt to set or access cookies. However, if you disable or reject cookies, please be aware that certain parts of our website may become inaccessible or may not function properly.
For detailed information about the cookies we use, kindly refer to our Cookies Notice.
Google Enhanced Conversions
We use this technology on our website to send hashed first-party personal data to Google, which helps support our ad measurement. To find out more about Enhanced Conversions, click here.