Chat with us, powered by LiveChat
Call our team on 020 4631 3555

Privacy Policy

Find out how we store and use your data.

ITinStock Privacy Policy

ITinStock Ltd

This privacy policy sets out how ITinStock uses and protects any information that you give ITinStock when you use this website. By using our website, you acknowledge the practices described in this policy.

ITinStock is committed to ensuring that your privacy is protected. Should we ask you to provide certain information by which you can be identified when using this website, then you can be assured that it will only be used in accordance with this privacy statement.

ITinStock may change this policy from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes.

 

1. About Us

ITinStock Ltd is a UK-based enterprise IT refurbishment and stockist who also provides IT Asset Disposition (ITAD) services. We sell new, used, and refurbished IT hardware and office equipment including servers, networking equipment, storage devices and related accessories.

ITinStock Ltd is the Data Controller for the purposes of the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

 

2. What Data We Collect

We may collect and process the following categories of personal data about you:

 

2.1 Data You Provide Directly

  • Name and contact details (email address, phone number, postal address)
  • Billing and delivery addresses 
  • Payment information (processed securely via Shopify Payments and third-party processors, as we do not store full card details)   
  • Account login credentials (username and encrypted password)
  • Communications you send us (enquiries, support requests, feedback) 
  • Company name and job title (for business customers).

 

2.2 Data Collected Automatically

  • IP address and approximate geolocation
  • Browser type, version, and operating system
  • Pages visited, time spent on pages, and clickstream data
  • Referring URLs and search terms used to find our website
  • Device identifiers and session identifiers
  • Cookie data and similar tracking technologies (see Section 8).

 

2.3 Data from Third Parties

  • Payment verification and fraud prevention data from payment processors
  • Delivery tracking information from courier partners (DHL Express, FedEx)
  • Analytics data from Google Analytics or similar services.

 

3. How We Use Your Personal Data

We use your personal data for the following purposes, relying on the lawful bases indicated:

Purpose and retention

Processing and fulfilling orders, including payment, invoicing, and delivery - 7 year retention (legal requirement)

Creating and managing your online account - Data kept for duration of account + 2 years

Communicating about your order or enquiry - 3 year retention from last contact

Sending marketing emails and product updates (with your consent) - Data kept until you unsubscribe

Improving our website, products, and services - Aggregated/anonymised

Fraud prevention and security - 7 year retention

Complying with legal and regulatory obligations - Kept as required by law

Customer support and after-sales service - 3 year retention from resolution

 

4. Sharing Your Personal Data

We do not sell your personal data. We may share your data with the following categories of recipients where necessary:

 

4.1 Service Providers and Processors

  • Shopify Inc. — our eCommerce platform provider (data processing agreements in place)
  • Payment processors (e.g. Shopify Payments, Stripe, PayPal) — for secure payment handling
  • Delivery and logistics partners (DHL Express, FedEx) — for order fulfilment and tracking
  • Email marketing platforms — for transactional and marketing communications (with your consent)
  • IT and hosting service providers — for website operation and security
  • Analytics providers (e.g. Google Analytics) — for website performance monitoring.

 

4.2 Legal and Regulatory Disclosure

We may disclose your data to law enforcement agencies, regulatory authorities, or courts where we are legally required to do so, or where necessary to protect our legal rights or the rights of others.

 

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your personal data may be transferred to the relevant third party. We will notify you of any such change.

 

5. International Data Transfers

  • Some of our service providers (including Shopify and delivery partners) may process data outside the UK or European Economic Area (EEA). Where this occurs, we ensure appropriate safeguards are in place, such as:
  • UK International Data Transfer Agreements (IDTAs) or EU Standard Contractual Clauses (SCCs)
  • Adequacy decisions recognised by the UK Information Commissioner's Office (ICO)
  • Binding Corporate Rules or other approved transfer mechanisms
  • You can obtain further details about the safeguards used for international transfers by contacting us at tradesales@itinstock.com.

 

6. Your Rights Under UK GDPR

As a data subject under UK GDPR, you have the following rights. You can exercise them at any time by contacting us using the details in Section 10:

Right of Access - Request a copy of the personal data we hold about you (Subject Access Request).

Right to Rectification - Ask us to correct inaccurate or incomplete data.

Right to Erasure - Request deletion of your data where there is no legitimate reason for us to keep it.

Right to Restrict Processing - Ask us to suspend processing of your data in certain circumstances.

Right to Data Portability - Receive your data in a structured, machine-readable format and transfer it to another controller.

Right to Object - Object to processing based on legitimate interests or for direct marketing purposes.

Right to Withdraw Consent - Withdraw consent at any time where processing is based on consent (e.g. marketing emails).

Rights re. Automated Decisions - Not be subject to solely automated decisions that significantly affect you.

We will respond to all legitimate requests within one calendar month. In some cases (e.g. complex or multiple requests), we may extend this by a further two months, but will notify you accordingly.

 

7. Data Security

We take the security of your personal data seriously and implement appropriate technical and organisational measures to protect it against unauthorised access, disclosure, alteration, or destruction. These measures include:

  • SSL/TLS encryption for all data transmitted between your browser and our website
  • Shopify's PCI DSS-compliant infrastructure for payment processing
  • Restricted access to personal data on a need-to-know basis
  • Regular security reviews and staff training
  • Secure disposal of data when retention periods expire.

Please be aware that no method of transmission over the internet is completely secure. While we strive to protect your data, we cannot guarantee its absolute security. If you believe your data has been compromised, please contact us immediately at hello@itinstock.com.

 

8. Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies to enhance your browsing experience, analyse site traffic, and support marketing activities. The types of cookies we use include:

 

8.1 Essential Cookies

These are necessary for the website to function correctly, including shopping cart functionality, user authentication, and security. These cookies cannot be disabled.

 

8.2 Analytics Cookies

We use analytics tools (such as Google Analytics) to understand how visitors interact with our website. This data is aggregated and anonymised where possible. These cookies are only placed with your consent.

 

8.3 Marketing and Preference Cookies

These cookies remember your preferences and may be used to show you relevant advertising. They are only set with your consent.

 

8.4 Managing Cookies

When you first visit our website, you will be shown a cookie consent banner allowing you to accept or decline non essential cookies. You can also manage or withdraw your cookie consent at any time via the cookie settings link in our website footer, or by adjusting your browser settings. Note that disabling certain cookies may affect website functionality.

 

9. Marketing Communications

We may send you marketing emails about our products, promotions, and services where you have given us your explicit consent to do so.

  • You can opt out of marketing communications at any time by:
  • Clicking the 'Unsubscribe' link in any marketing email
  • Contacting us directly at info@itinstock.com
  • Updating your preferences in your account settings.

Please note that opting out of marketing communications will not affect transactional emails relating to your orders or account.

 

10. Children's Privacy

Our website and services are not directed at children under the age of 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data without appropriate consent, please contact us immediately and we will take steps to delete that information.

 

11. Third-Party Websites and Links

Our website may contain links to third-party websites (for example, LinkedIn or courier tracking portals). This
Privacy Policy applies only to our website. We are not responsible for the privacy practices of third-party websites and encourage you to read their privacy policies before providing any personal data.

 

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in law, our business practices, or our use of technology. The 'Last Updated' date at the top of this document will be revised accordingly.

For significant changes, we will notify you by email (if you have an account) or by a prominent notice on our
website. We encourage you to review this policy periodically.

 

13. Contact Us

If you have any questions, concerns, or requests relating to this Privacy Policy or the way we handle your personal data, please contact us:

Data Controller: ITinStock Ltd

Email: info@itinstock.com

Telephone (UK): 020 4631 3555

Telephone (International): +44 (0)20 4631 3555

Website: www.itinstock.com

We will endeavour to respond to all queries within 5 working days.

 

This Privacy Policy was prepared for ITinStock Ltd for use on its UK Shopify eCommerce website.

It is designed to comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

We recommend periodic legal review to ensure ongoing compliance.