Privacy Policy
Last Updated: 24/11/2025
Easytek Ltd ("we", "us", "our"), trading as Vape Superstore, is committed to protecting your privacy. This Privacy Policy explains how we collect, use and protect your personal data when you use https://www.vapesuperstore.co.uk/ (the "Service").
By using the Service, you agree to the practices described in this Privacy Policy.
1. Who We Are
Data Controller:
Easytek Ltd
Unit 19 Lockwood Industrial Estate
London
N17 9QP
United Kingdom
Email: support@vapesuperstore.co.uk
Telephone: 020 3394 0152
ICO Registration: ZB134459
2. Personal Data We Collect
We collect information to provide and improve our services. This includes:
Information You Provide
- Name
- Email address
- Phone number
- Billing and delivery address
- Age verification information (via 1account)
- Account details if you create an account
- Communication and marketing preferences
Information We Collect Automatically
- IP address
- Browser type and version
- Device identifiers
- Pages visited and time spent on pages
- Access times and dates
- Other usage and diagnostic data
Location Data
If you allow location access in your browser or device, we may use this information to improve or tailor your experience on the Service. You can disable location access at any time in your device or browser settings.
Cookies
We use cookies and similar technologies to operate the Service, remember your preferences and improve performance.
- Session cookies to operate the Service.
- Preference cookies to remember your settings and choices.
- Security cookies to help protect your data.
You can set your browser to refuse cookies or to alert you when cookies are being used. If you disable cookies, some parts of the Service may not function properly.
3. Age and Identity Verification (1account)
Where you have asked us to provide a restricted product or service, we may collect information from One Account Mobile Limited (1account) and third-party providers of identity data to 1account. This is necessary for 1account to verify that you meet the minimum age and identity verification requirements as determined by relevant UK age restriction and other legislation. We will record that you have been successfully verified so that you don’t need to go through the process again. You can find information about how 1account manage your personal data and view their privacy policy by visiting their website: 1account.net.
4. How We Use Your Personal Data
We use your personal data to:
- Provide, operate and maintain the Service
- Process and deliver your orders and handle returns
- Verify that you are eligible to purchase age restricted products
- Respond to your questions and provide customer support
- Notify you about changes to the Service
- Improve and optimise our website and services
- Monitor usage and performance of the Service
- Detect, prevent and address fraud or other unlawful activity
- Send you news, special offers and information about similar products or services you have bought or enquired about, unless you opt out
5. Our Legal Bases for Processing
Under the UK GDPR, we rely on the following legal bases to process your personal data:
- Performance of a contract: for example to process and deliver your orders, manage your account and provide customer support.
- Legal obligation: for example to comply with tax, accounting and age restriction laws and to respond to lawful requests from authorities.
- Legitimate interests: for example to operate and improve the Service, prevent fraud, keep the Service secure and send certain marketing to existing customers.
- Consent: for example when you choose to receive certain types of marketing communications where consent is required.
You can withdraw your consent at any time. This will not affect the lawfulness of processing before consent was withdrawn.
6. Legitimate Interests
When we rely on legitimate interests, we balance our interests against your rights and freedoms. Our legitimate interests include:
- Running, maintaining and improving our website and services
- Preventing fraud and misuse of our services
- Understanding how customers use our Service to improve user experience
- Communicating with customers about products or services they have bought or shown interest in
7. Automated Decision Making
Some of our third-party providers use automated tools to help keep payments secure and ensure legal compliance. This may include:
- Fraud prevention and risk assessment by payment providers
- Age and identity checks by verification providers
- Credit and eligibility decisions by Klarna when you choose Klarna payment options
These automated processes help protect customers, reduce fraud and ensure that age restricted products are sold lawfully. Where required by law, you can request human review of an automated decision that has a legal or similarly significant effect on you. To do this, please contact us using the details in the Contact Us section.
8. How Long We Keep Your Data
We keep your personal data only for as long as necessary for the purposes set out in this Privacy Policy, including:
- Providing the Service and fulfilling your orders
- Complying with legal, tax and regulatory obligations
- Resolving disputes and enforcing our terms
- Preventing fraud or abuse
When we no longer need your data, we will securely delete or anonymise it.
9. Sharing Your Personal Data
We share your personal data only when necessary and only with trusted third parties. This includes:
Service Providers
We use service providers to help us operate our business. For example:
- Shopify for our ecommerce platform and hosting
- Omnisend for email and SMS communications
- Gorgias for customer support and helpdesk services
- Smile for loyalty rewards and referrals
- Algolia for site search functionality
- Brightpearl / ControlPort for order management and fulfilment with our third party logistics partners
- Analytics providers that help us understand how the Service is used
- Payment providers, as described in the Payments section below
These providers are only allowed to use your personal data to perform services for us and must keep it secure.
Legal and Regulatory
We may disclose your personal data:
- If required to do so by law or regulation
- In response to a valid request from a public authority or law enforcement body
- To protect our rights, property or safety, or the rights, property or safety of others
10. Payments
When you purchase products or services from us, your payment will be processed by one or more third-party payment providers. These providers enable us to accept card payments and alternative payment methods and to manage fraud and security checks.
We do not store or collect your full payment card details. This information is provided directly to our payment providers, who process your personal data as independent data controllers. They may collect and use information such as your name, contact details, billing and delivery address, payment card details, transaction amount, currency, IP address, device and browser information and other technical data needed to process the payment, verify your identity, prevent fraud and comply with legal and regulatory obligations.
Our payment providers state that they adhere to the security requirements of the Payment Card Industry Data Security Standard (PCI DSS). This helps to ensure the secure processing, handling and transmission of payment information. They may share your personal data with banks, card schemes, alternative payment method providers and other organisations involved in the payment process. They may also transfer your data outside the UK. In those cases they are responsible for ensuring that appropriate safeguards are in place in line with applicable data protection laws.
Klarna
In order to be able to offer you Klarna’s payment options, we will pass to Klarna certain aspects of your personal information, such as contact and order details, in order for Klarna to assess whether you qualify for their payment options and to tailor the payment options for you.
General information on Klarna you can find on Klarna's website. Your personal data is handled in accordance with applicable data protection law and in accordance with the information in Klarna’s privacy policy.
Checkout.com
Where we use Checkout.com to process your payment, they will process your personal data as described in their privacy notice, including for payment processing, fraud prevention, identity verification and regulatory compliance. They may share your data with banks, card schemes and payment method partners as necessary to process your transaction and to protect their services.
We encourage you to read the privacy notices of each payment provider you use, as their processing of your personal data is governed by their own terms and policies.
11. International Data Transfers
Some of our service providers and partners may store or process your personal data outside the United Kingdom. Where this happens, we take steps to ensure that your data remains protected. These steps may include:
- Using the UK International Data Transfer Agreement (IDTA)
- Using the UK Addendum to the EU Standard Contractual Clauses (SCCs)
- Putting in place other safeguards approved under UK data protection law
These measures are designed to ensure that your personal data is given the same level of protection as in the UK.
12. Your Rights
Under UK data protection law, you have a number of rights in relation to your personal data. These include the right to:
- Access the personal data we hold about you
- Ask us to correct inaccurate or incomplete personal data
- Ask us to delete your personal data in certain circumstances
- Ask us to restrict the processing of your personal data in certain circumstances
- Object to certain types of processing, including direct marketing
- Request the transfer of your personal data to you or to another organisation, where technically feasible
- Withdraw consent where we rely on consent to process your data
- Request human review of an automated decision that has a legal or similar significant effect on you
To exercise any of these rights, please contact us at support@vapesuperstore.co.uk. We may need to verify your identity before responding to your request.
You also have the right to make a complaint to the Information Commissioner’s Office (ICO) if you are unhappy with how we use your data. You can find details at https://ico.org.uk. We would appreciate the chance to deal with your concerns first, so please contact us in the first instance if you can.
13. Links to Other Websites
Our Service may contain links to websites that are not operated by us. If you click on a third party link, you will be directed to that third party's website. We strongly advise you to review the Privacy Policy of every website you visit.
We have no control over and assume no responsibility for the content, privacy policies or practices of any third party websites or services.
14. Children's Privacy
Our Service is intended for use by adults who are 18 years of age or older. We do not knowingly collect personally identifiable information from anyone under the age of 18.
If you are a parent or guardian and you believe that your child has provided us with personal data, please contact us. If we become aware that we have collected personal data from a person under 18 without appropriate verification, we will take steps to remove that information from our records.
15. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. When we do, we will update the "Last Updated" date at the top of this page and post the new version on our website.
You are advised to review this Privacy Policy periodically to stay informed about how we handle your personal data.
16. Contact Us
If you have any questions about this Privacy Policy or about how we handle your personal data, please contact us at:
Vape Superstore
Easytek Ltd
Unit 19 Lockwood Industrial Estate
London
N17 9QP
Telephone: 020 3394 0152
Email: support@vapesuperstore.co.uk