Last Updated: June 2026
At HSE Store, we believe that digital privacy is a fundamental extension of physical workplace safety. Unlike traditional business-to-business (B2B) e-commerce platforms that track, profile, and commercialise visitor data, we operate a hardened, privacy-first digital architecture.
We have purposefully stripped our platform of all third-party advertising pixels, mass behavioural analytics, and session recording software. Because we do not track you, monitor your demographics, or profile your purchasing intent, we do not utilise an intrusive cookie consent banner.
This privacy policy outlines the absolute minimum data we collect, how it is strictly protected, and why your corporate data footprint remains entirely secure when partnering with us.
1. Core Principles of Our Privacy Infrastructure
We strictly adhere to the true spirit of the UK General Data Protection Regulation (UK GDPR) and the Privacy and Electronic Communications Regulations (PECR). Our operations are guided by three strict data sovereignty rules:
Absolute Data Minimisation: We only collect, process, and retain data that is strictly necessary to execute your transaction, protect our network, or fulfill legal obligations.
Zero Commercial Tracking: We do not track your browsing habits across the web, we do not feed advertising networks (such as Google Ads or Meta pixels), and we do not profile your operational research.
Zero Post-Procurement Spam: We do not automatically enrol your corporate email address into recurring marketing campaigns or promotional loops after a transaction.
2. What Information We Collect (And Why)
To securely process and deliver heavy-duty industrial and safety equipment, we process a minimal set of professional data points when you actively place an order or contact us.
A. Order Fulfillment and Transaction Data
When you purchase from HSE Store, we collect the necessary business and contact details required to fulfill our contract with you:
Contact Information: Name, corporate email address, and telephone number.
Logistics Information: Billing address, corporate delivery address, and company name.
Financial Processing: Payments are securely routed directly through WooPayments (powered by Stripe). HSE Store never sees, processes, or stores your raw credit card data, bank credentials, or CVV numbers on our servers. Stripe processes this transaction independently as a secure, PCI-compliant payment gateway.
B. Voluntary Communications
Customer Support & Live Chat: If you explicitly choose to interact with our live support widget, we process the text transcripts and contact details you provide to resolve your query.
3. The Clean Slate: Our Cookie and Code Execution Footprint
The vast majority of modern websites utilise cookies to build permanent behavioural profiles. HSE Store does not. Our platform has been engineered to operate purely on strictly necessary and strictly functional data memory.
When you browse our storefront, only three lightweight, non-tracking components are permitted to execute code:
| Component / Provider | Technical Function | Expiry Time | Compliance Status |
Enterprise Firewall (__cf_bm) | Identifies and mitigates malicious automated web bots, brute-force attacks, and DDoS threats. | Session | Strictly Necessary. Holds zero tracking, historical, or demographic data. It secures platform infrastructure. |
| WooCommerce Session | Keeps track of items added to your shopping basket as you transition between product categories. | Session / Post-Checkout | Strictly Functional. Temporary ephemeral memory layer required to process your checkout order. |
Contextual Live Support (Tawk.to) | Powers real-time human customer support capability. | Session | Strictly Optional. Gated behind a localised consent prompt. Fires zero scripts or data memory unless explicitly initialised by the user. |
4. How We Utilise and Protect Your Data Post-Checkout
Our dedication to data integrity does not conclude at the checkout screen. We treat your professional records with absolute discretion.
Fulfillment Only: Your data is used exclusively to dispatch your goods, coordinate site delivery with logistics partners, and manage our statutory corporate tax and accounting obligations.
Native UK Tree Planting (Ecologi): For every company order placed, we fund the planting of a native UK tree in your company’s name via our sustainability partner, Ecologi. To do this, our system securely passes only your company name or order reference to the Ecologi API. Ecologi drops zero tracking cookies or marketing scripts onto your browser during your time on our store.
No Uninvited Marketing: Your order completion will never result in an automated subscription to marketing newsletters, weekly promotional updates, or uninvited sales pitches.
No Third-Party Data Sharing: We do not under any circumstances sell, rent, lease, or distribute corporate intent data, purchasing trends, or employee information to external data syndicates, marketing agencies, or corporate list-builders.
5. Data Retention: How Long We Hold Records
We maintain transaction histories only as long as mandated by UK statutory obligations:
Financial and Tax Records: Order logs, invoices, and company details relevant to transactions are securely stored for a standard 6 years plus the current financial year, in full compliance with UK HM Revenue & Customs (HMRC) requirements.
Ephemeral Support Memory: General browsing sessions and temporary cart tokens vanish the moment you close your browser or clear your local cache.
6. Your Statutory Legal Rights Under UK GDPR
As a professional buyer, procurement manager, or individual customer operating within the UK, you possess ironclad statutory rights regarding your personal information. You have the right to request:
Access: A full copy of any personal data we hold relating to your transactions.
Rectification: The immediate correction of inaccurate or incomplete contact or delivery information.
Erasure (“Right to be Forgotten”): The deletion of your details, provided they are no longer required to fulfill active contracts or comply with HMRC financial retention regulations.
Restriction & Objection: The right to limit or completely object to how your data is processed.
To exercise any of these statutory rights, or to submit a direct enquiry to our team regarding data governance, please contact us directly at sales@hsestore.co.uk