Privacy policy
Privacy Policy
Last updated: 12 June 2026
This Privacy Policy describes how nestoro.co.uk (the "Site", "Nestoro", "we", "us", or "our") collects, uses, and discloses your Personal Information when you visit or make a purchase from the Site.
Nestoro is a trading name of Nestoro Limited.
Collecting Personal Information
When you visit the Site, we collect certain information about your device, your interaction with the Site, and information necessary to process your purchases. We may also collect additional information if you contact us for customer support.
In this Privacy Policy, "Personal Information" refers to any information that can uniquely identify an individual.
Device information
Examples of Personal Information collected:
Version of web browser, IP address, time zone, cookie information, pages or products viewed, search terms, and how you interact with the Site.
Purpose of collection:
To load the Site accurately for you and to perform analytics on Site usage in order to improve and optimise our website.
Source of collection:
Collected automatically when you access our Site using cookies, log files, web beacons, tags, or pixels.
Disclosure for a business purpose:
Shared with our processor Shopify.
Order information
Examples of Personal Information collected:
Name, billing address, shipping address, payment information (including credit and debit card numbers), email address, and phone number.
Purpose of collection:
To fulfil our contract with you, process payments, arrange shipping, provide order confirmations and invoices, communicate with you, screen orders for potential risk or fraud, and where permitted, provide information or marketing relating to our products or services.
Source of collection:
Collected directly from you.
Disclosure for a business purpose:
Shared with our service providers including Shopify, Amazon, PayPal, and Royal Mail.
Customer support information
Examples of Personal Information collected:
Name, billing address, shipping address, payment information, email address, and phone number.
Purpose of collection:
To provide customer support and resolve queries.
Source of collection:
Collected directly from you.
Minors
The Site is not intended for individuals under the age of 18. We do not knowingly collect Personal Information from children.
If you are a parent or guardian and believe your child has provided us with Personal Information, please contact us using the details below to request deletion.
Sharing Personal Information
We share your Personal Information with service providers to help us deliver our services and fulfil our contracts with you. For example:
- We use Shopify to power our online store. You can read more about how Shopify uses your Personal Information here: https://www.shopify.com/legal/privacy
- We may share Personal Information to comply with legal obligations, respond to lawful requests, or protect our legal rights.
Behavioural Advertising
We use your Personal Information to provide targeted advertisements or marketing communications that we believe may be of interest to you.
For example:
- We use Google Analytics to understand how customers use the Site.
Google's privacy policy: https://policies.google.com/privacy
Opt-out: https://tools.google.com/dlpage/gaoptout - We may share information about your use of the Site and your purchases with advertising partners, sometimes via cookies or similar technologies, subject to your consent.
Learn more about targeted advertising: http://www.networkadvertising.org/understanding-online-advertising/how-does-it-work
You can opt out of targeted advertising via:
- Facebook: https://www.facebook.com/settings/?tab=ads
- Google: https://www.google.com/settings/ads/anonymous
- Bing: https://advertise.bingads.microsoft.com/en-us/resources/policies/personalized-ads
You can also use the Digital Advertising Alliance opt-out portal: http://optout.aboutads.info/
SMS Marketing Service
We value your privacy in relation to our SMS marketing service.
We use this information to send order updates (including abandoned checkout reminders), marketing offers, transactional messages, and review requests.
Opt-in data and SMS consent are not shared with third parties, except messaging providers required to operate the service.
Our Site uses cookies to track items added to your cart, including abandoned checkouts, to determine when to send reminder messages via SMS.
Using Personal Information
We use your Personal Information to:
- Offer products for sale
- Process payments
- Ship and fulfil orders
- Communicate with you
- Keep you informed about products, services, and offers (where permitted)
Lawful basis (UK GDPR)
If you are a resident of the United Kingdom or European Economic Area (UK or EEA), we process your Personal Information under the following lawful bases:
- Your consent
- Performance of a contract
- Compliance with legal obligations
- Protection of vital interests
- Public interest tasks
- Legitimate interests that do not override your rights and freedoms
Retention
We retain your Personal Information for as long as necessary to fulfil the purposes for which it was collected, including any legal, accounting, or reporting obligations, unless and until you request its erasure.
For more information, see Your rights below.
Automatic decision-making
If you are a UK or EEA resident, you have the right to object to processing based solely on automated decision-making where it has a legal or significant effect.
We do not engage in fully automated decision-making with legal or significant effects.
Shopify uses limited automated fraud-prevention measures, including:
- Temporary IP deny-lists
- Temporary card deny-lists
These measures do not have a legal or significant effect on you.
Your rights (UK GDPR)
If you are a resident of the United Kingdom or European Economic Area (UK or EEA), you have the right to:
- Access your Personal Information
- Request correction or deletion
- Port your data to another service
- Object to or restrict certain processing
- Withdraw consent at any time where processing is based on consent
To exercise these rights, contact us using the details below.
International data transfers
Your data is initially processed in Ireland and may be transferred to Canada and the United States.
- Canada holds an adequacy decision under UK GDPR, meaning it is recognised as providing an adequate level of data protection.
- United States transfers are covered by appropriate safeguards, including Standard Contractual Clauses used by our processors. Shopify's approach to international data transfers is detailed here: https://help.shopify.com/en/manual/your-account/privacy/GDPR
Cookies
A cookie is a small data file placed on your device when you visit our Site. Cookies help improve your browsing experience and provide insight into how our Site is used.
We use functional, performance, analytics, advertising, and social media cookies.
Cookies necessary for store functionality
| Name | Function |
|---|---|
| _ab | Admin access |
| _secure_session_id | Store navigation |
| cart | Shopping cart |
| cart_sig | Checkout |
| cart_ts | Checkout |
| checkout_token | Checkout |
| secret | Checkout |
| secure_customer_sig | Customer login |
| storefront_digest | Customer login |
| _shopify_u | Account updates |
Reporting & analytics cookies
| Name | Function |
|---|---|
| _tracking_consent | Tracking preferences |
| _landing_page | Landing page tracking |
| _orig_referrer | Landing page tracking |
| _s | Shopify analytics |
| _shopify_s | Shopify analytics |
| _shopify_sa_p | Marketing analytics |
| _shopify_sa_t | Marketing analytics |
| _shopify_y | Shopify analytics |
| _y | Shopify analytics |
Cookies may be session-based or persistent, lasting between 30 minutes and two years.
You can manage cookies via your browser settings. Blocking cookies may affect site functionality.
More information: www.allaboutcookies.org
Do Not Track
We do not alter our data practices in response to "Do Not Track" browser signals, as there is no consistent industry standard.
Changes
We may update this Privacy Policy from time to time for operational, legal, or regulatory reasons.
Contact
For more information about our privacy practices, or to make a complaint, please contact us:
Email: hello@nestoro.co.uk
Post:
Nestoro Limited
777 London Road
Westcliff-on-Sea
SS0 9SU
United Kingdom
Last updated: 12 June 2026
If you are not satisfied with our response, you have the right to lodge a complaint with the UK Information Commissioner's Office (ICO): https://ico.org.uk/make-a-complaint/