THE HIP STORE 22 LTD Back to Home

Privacy Policy

Last updated: 29 October 2025

Introduction

THE HIP STORE 22 LTD ("we", "us", "our", or "the Company") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you visit our website, use our services, or interact with us in any capacity.

We understand that your privacy is important to you and that you care about how your personal data is used. We respect and value the privacy of everyone who visits our website and will only collect and use personal data in ways that are described here, and in a way that is consistent with our obligations and your rights under the law.

Please read this Privacy Policy carefully and ensure that you understand it. Your acceptance of this Privacy Policy is deemed to occur upon your first use of our website. If you do not accept and agree with this Privacy Policy, you must stop using our website immediately.

1. Data Controller and Contact Information

THE HIP STORE 22 LTD
9 The Avenue, Wembley, England, HA9 9PD
Company number: 16395814
Email: hello@hip22.co.uk
Phone: 07749 658353

We are the data controller responsible for your personal data. This means we determine the purposes for which, and the manner in which, your personal data is processed. We have a responsibility to you and your personal data and will only collect and use it in accordance with data protection laws.

2. Information We Collect

2.1 Information You Provide to Us

We may collect and process the following personal data about you:

  • Contact Information: When you fill out a contact form, subscribe to our newsletter, or communicate with us, we collect your name, email address, phone number, company name, job title, and any other information you choose to provide.
  • Enquiry Details: The subject matter of your enquiry, message content, preferences regarding our services, and any specific requirements you communicate to us.
  • Professional Information: Details about your business, industry sector, company size, and information relevant to providing our computing service management solutions.
  • Communication Records: Records of correspondence if you contact us, including emails, phone call logs, and meeting notes where applicable.
  • Feedback and Reviews: Any feedback, testimonials, or reviews you provide about our services.

2.2 Information We Collect Automatically

When you visit our website, we may automatically collect certain information about your device and how you interact with our website:

  • Technical Information: IP address, browser type and version, operating system, device type, screen resolution, time zone setting, browser plug-in types and versions, and other technology on the devices you use to access our website.
  • Usage Data: Information about your visit, including the full Uniform Resource Locators (URL), clickstream to, through and from our website (including date and time), pages you viewed, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page, and any phone number used to call our customer service number.
  • Location Data: General geographic location based on your IP address (city/country level, not precise location).
  • Referral Information: Information about how you arrived at our website, including search terms used and referring websites.

2.3 Information from Third Parties

We may receive information about you from third parties, including:

  • Business partners and sub-contractors in technical, payment and delivery services.
  • Analytics providers and search information providers.
  • Professional advisors including lawyers, bankers, auditors and insurers who provide consultancy, banking, legal, insurance and accounting services.
  • Publicly available sources such as Companies House, professional networking sites, and business directories.

3. How We Use Your Information

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

3.1 To Provide Our Services

  • Processing and responding to your enquiries and service requests.
  • Providing information about our computing service management, SRE, and cloud operations solutions.
  • Delivering contracted services and managing our relationship with you.
  • Administering and managing service accounts and projects.
  • Communicating with you about service updates, changes, and important notices.
  • Providing technical support and customer service.

3.2 To Improve Our Website and Services

  • Understanding how visitors use our website to improve user experience.
  • Analyzing website performance and identifying technical issues.
  • Testing new features and optimizing existing functionality.
  • Conducting research and analysis to improve our service offerings.
  • Developing new products and services based on user needs and feedback.

3.3 For Marketing and Business Development

  • Sending you marketing communications about services that may interest you (with your consent where required).
  • Conducting market research and surveys.
  • Building customer profiles to better understand our client base.
  • Identifying potential business opportunities and partnerships.
  • Measuring the effectiveness of our marketing campaigns.

3.4 For Legal and Compliance Purposes

  • Complying with legal obligations, court orders, and regulatory requirements.
  • Establishing, exercising, or defending legal claims.
  • Preventing and detecting fraud, security breaches, and other illegal activities.
  • Protecting the rights, property, and safety of our company, customers, and others.
  • Maintaining records required by law or professional standards.

4. Legal Basis for Processing

Under the UK General Data Protection Regulation (UK GDPR), we must have a lawful basis for processing your personal data. We rely on the following legal bases:

  • Consent: Where you have given us clear consent for us to process your personal data for a specific purpose (e.g., marketing communications, analytics cookies).
  • Contract: Where processing is necessary for the performance of a contract with you or to take steps at your request before entering into a contract.
  • Legal Obligation: Where we need to process your data to comply with a legal or regulatory obligation.
  • Legitimate Interests: Where processing is necessary for our legitimate interests or those of a third party, provided your interests and fundamental rights do not override those interests. Our legitimate interests include operating and improving our business, providing security, preventing fraud, and marketing our services to existing customers.

5. How We Share Your Information

We may share your personal data with the following categories of recipients:

5.1 Service Providers

We engage third-party companies and individuals to facilitate our services, including:

  • Website hosting and cloud infrastructure providers.
  • Email service providers and communications platforms.
  • Analytics and search engine providers to help improve our website.
  • Customer relationship management (CRM) systems.
  • Payment processors and financial institutions.
  • IT support and security service providers.

5.2 Professional Advisers

We may share data with lawyers, accountants, auditors, insurers, and other professional advisers who provide consultancy, legal, insurance, banking, and accounting services.

5.3 Business Transfers

If we are involved in a merger, acquisition, asset sale, or other business transaction, your personal data may be transferred as part of that transaction. We will notify you via email and/or prominent notice on our website of any change in ownership or use of your personal data.

5.4 Legal Requirements

We may disclose your personal data where required by law, court order, or governmental authority, or where disclosure is necessary to:

  • Comply with legal processes and obligations.
  • Enforce our terms and conditions.
  • Protect the rights, property, or safety of our company, customers, or the public.
  • Prevent or investigate possible wrongdoing in connection with our services.

We do not sell, rent, or trade your personal data to third parties for their marketing purposes.

6. International Data Transfers

Your personal data may be transferred to, and processed in, countries other than the United Kingdom. These countries may have data protection laws that are different from the laws of the UK.

Where we transfer personal data outside the UK or European Economic Area (EEA), we ensure appropriate safeguards are in place, including:

  • Using Standard Contractual Clauses approved by the UK Information Commissioner's Office (ICO).
  • Ensuring the recipient is in a country recognized as providing adequate data protection.
  • Implementing binding corporate rules or other approved mechanisms.
  • Obtaining your explicit consent for the transfer where appropriate.

7. Data Security

We implement appropriate technical and organizational security measures to protect your personal data against unauthorized or unlawful processing, accidental loss, destruction, or damage. These measures include:

  • Encryption: Using SSL/TLS encryption for data transmission and encryption at rest for stored data.
  • Access Controls: Limiting access to personal data to authorized personnel who need it for their work, using role-based access controls and strong authentication.
  • Security Monitoring: Regular monitoring for security threats, vulnerabilities, and unauthorized access attempts.
  • Secure Infrastructure: Hosting data with reputable providers who maintain high security standards and certifications.
  • Regular Updates: Keeping systems and software up to date with security patches.
  • Staff Training: Training our employees on data protection and security best practices.
  • Incident Response: Maintaining procedures to respond to and report data breaches in accordance with legal requirements.

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal data, we cannot guarantee its absolute security.

8. Data Retention

We will only retain your personal data for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period, we consider:

  • The amount, nature, and sensitivity of the personal data.
  • The potential risk of harm from unauthorized use or disclosure.
  • The purposes for which we process your personal data and whether we can achieve those purposes through other means.
  • Applicable legal, regulatory, tax, accounting, or other requirements.

Typical retention periods include:

  • Enquiry Data: 2 years from last contact (unless we enter into a business relationship).
  • Customer Data: Duration of the business relationship plus 6 years for legal and tax purposes.
  • Marketing Data: Until you unsubscribe or withdraw consent, plus a reasonable period to process the request.
  • Website Analytics: 26 months from the date of collection.
  • Financial Records: 6 years as required by UK tax law.

When personal data is no longer needed, we will securely delete or anonymize it.

9. Your Rights

Under data protection law, you have a number of important rights regarding your personal data. These rights include:

9.1 Right of Access

You have the right to obtain confirmation as to whether we are processing your personal data and, if so, to request a copy of that data. This is commonly known as a "data subject access request."

9.2 Right to Rectification

You have the right to have inaccurate personal data corrected and to have incomplete personal data completed.

9.3 Right to Erasure ("Right to be Forgotten")

You have the right to request deletion of your personal data in certain circumstances, such as where:

  • The data is no longer necessary for the purposes for which it was collected.
  • You withdraw consent and there is no other legal ground for processing.
  • You object to processing and there are no overriding legitimate grounds.
  • The data has been unlawfully processed.
  • The data must be erased to comply with a legal obligation.

9.4 Right to Restriction of Processing

You have the right to request restriction of processing of your personal data in certain circumstances, including where you contest the accuracy of the data or object to processing.

9.5 Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit that data to another controller where technically feasible.

9.6 Right to Object

You have the right to object to processing based on legitimate interests or for direct marketing purposes at any time.

9.7 Right to Withdraw Consent

Where we rely on consent as the legal basis for processing, you have the right to withdraw that consent at any time. This will not affect the lawfulness of processing based on consent before its withdrawal.

9.8 Right to Lodge a Complaint

You have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues:

Information Commissioner's Office
Wycliffe House, Water Lane
Wilmslow, Cheshire, SK9 5AF
Tel: 0303 123 1113
Website: www.ico.org.uk

10. Cookies and Similar Technologies

Our website uses cookies and similar technologies to distinguish you from other users and to provide you with a good experience. For detailed information about the cookies we use and the purposes for which we use them, please see our Cookie Policy.

11. Third-Party Links

Our website may contain links to third-party websites, plug-ins, and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy practices. When you leave our website, we encourage you to read the privacy policy of every website you visit.

12. Children's Privacy

Our website and services are not intended for children under 16 years of age. We do not knowingly collect personal data from children under 16. If you are under 16, please do not provide any information on this website or through our services. If we learn we have collected or received personal data from a child under 16 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 16, please contact us.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by:

  • Posting the new Privacy Policy on this page with a new "Last Updated" date.
  • Sending you an email notification if you have provided us with your email address.
  • Displaying a prominent notice on our website.

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. Your continued use of our website after any changes indicates your acceptance of the updated Privacy Policy.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, or if you wish to exercise any of your rights, please contact us:

THE HIP STORE 22 LTD
9 The Avenue, Wembley, England, HA9 9PD
Company number: 16395814
Email: hello@hip22.co.uk
Phone: 07749 658353

We will respond to your request within one month of receipt. In complex cases, we may extend this period by a further two months, in which case we will inform you of the extension and explain the reasons for the delay.

15. Definitions

For the purposes of this Privacy Policy:

  • "Personal Data" means any information relating to an identified or identifiable natural person.
  • "Processing" means any operation performed on personal data, including collection, recording, storage, retrieval, use, disclosure, and deletion.
  • "Data Controller" means the entity that determines the purposes and means of processing personal data.
  • "Data Processor" means an entity that processes personal data on behalf of the data controller.
  • "Cookies" means small text files placed on your device to collect standard internet log information and visitor behavior information.

This Privacy Policy was last updated on 29 October 2025 and is effective as of that date.