Privacy Policy
Last Updated: 18/02/2026
1. INTRODUCTION
Welcome to Nexaurastores (“we,” “us,” “our,” or the “Company”). We are committed to protecting your personal data and respecting your privacy in accordance with the UK General Data Protection Regulation (UK GDPR), the EU General Data Protection Regulation (EU GDPR 2016/679), the Data Protection Act 2018, and other applicable data protection laws in the European Economic Area (EEA) and the United Kingdom.
This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you visit our website [www.nexaurastores.online] (the “Website”) or make purchases through our e-commerce platform.
Please read this Privacy Policy carefully. By accessing or using our Website, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy.
2. DATA CONTROLLER INFORMATION
Nexaurastores is the data controller responsible for your personal data.
Contact Details:
- Company Name: Nexaurastores
- Registered Address: Suite 7215 Unit 3A 34-35 Hatton Garden Holborn,London,EC1N 8DX ,United Kingdom.
- Email: nxs@nexaurastores.com
- Phone: +447446192812
- Data Protection Officer (DPO): Saba Mahmood
- DPO Contact: nexauraestores@gmail.com
If you have any questions about this Privacy Policy or our data practices, please contact us using the details above.
3. PERSONAL DATA WE COLLECT
We collect and process the following categories of personal data:
3.1 Information You Provide Directly
| Category | Examples |
|---|---|
| Identity Data | First name, last name, username, title, date of birth |
| Contact Data | Billing address, delivery address, email address, telephone numbers |
| Financial Data | Payment card details, bank account details |
| Transaction Data | Details about payments to and from you, products purchased |
| Account Data | Username, password, purchases, preferences, feedback |
| Profile Data | Preferences, interests, feedback, survey responses |
| Marketing Data | Preferences for receiving marketing communications |
3.2 Information Collected Automatically
| Category | Examples |
|---|---|
| Technical Data | IP address, browser type and version, time zone, operating system, device information |
| Usage Data | Pages visited, time spent on pages, click patterns, navigation paths |
| Location Data | Approximate location based on IP address |
| Cookie Data | Information collected through cookies and similar technologies |
3.3 Information from Third Parties
- Payment processors (transaction confirmations)
- Analytics providers (website usage data)
- Social media platforms (if you link accounts)
- Delivery partners (delivery status updates)
4. LEGAL BASIS FOR PROCESSING
Under UK GDPR and EU GDPR, we must have a valid legal basis to process your personal data. We rely on the following legal bases:
| Purpose | Legal Basis |
|---|---|
| Processing orders and delivering products | Contract Performance – necessary to fulfill our contractual obligations |
| Processing payments | Contract Performance and Legal Obligation |
| Creating and managing your account | Contract Performance |
| Sending service communications (order confirmations, delivery updates) | Contract Performance |
| Sending marketing communications | Consent – only with your explicit opt-in |
| Fraud prevention and security | Legitimate Interests – protecting our business and customers |
| Website analytics and improvement | Legitimate Interests – improving user experience |
| Compliance with legal obligations | Legal Obligation – tax, accounting, regulatory requirements |
| Responding to inquiries and complaints | Legitimate Interests and Contract Performance |
| Personalizing your shopping experience | Consent or Legitimate Interests |
Legitimate Interests
Where we rely on legitimate interests, we have conducted a balancing test to ensure our interests do not override your fundamental rights and freedoms. You may contact us to request details of these assessments.
5. HOW WE USE YOUR PERSONAL DATA
We use your personal data for the following purposes:
5.1 Order Fulfillment
- Processing and managing your orders
- Arranging delivery of products
- Processing payments and refunds
- Communicating order status and updates
5.2 Account Management
- Creating and managing your customer account
- Providing customer support
- Handling returns and exchanges
5.3 Marketing and Communications
- Sending promotional emails, newsletters, and offers (with your consent)
- Personalizing marketing content based on your preferences
- Conducting surveys and collecting feedback
5.4 Website Operations
- Maintaining and improving our Website
- Analyzing usage patterns and trends
- Ensuring security and preventing fraud
- Troubleshooting technical issues
5.5 Legal and Compliance
- Complying with legal and regulatory obligations
- Establishing, exercising, or defending legal claims
- Responding to lawful requests from authorities
6. MARKETING COMMUNICATIONS
6.1 Consent-Based Marketing
We will only send you marketing communications if you have explicitly opted in to receive them. This includes:
- Promotional emails
- Newsletters
- Product recommendations
- Special offers and discounts
6.2 Your Choices
You can opt out of marketing communications at any time by:
- Clicking the “unsubscribe” link in any marketing email
- Updating your preferences in your account settings
- Contacting us at nxs@nexaurastores.online
6.3 Non-Marketing Communications
Even if you opt out of marketing, we may still contact you regarding:
- Order confirmations and updates
- Delivery notifications
- Account security alerts
- Changes to our terms or policies
- Responses to your inquiries
7. COOKIES AND TRACKING TECHNOLOGIES
7.1 What Are Cookies?
Cookies are small text files placed on your device when you visit our Website. We use cookies and similar technologies (pixels, web beacons, local storage) to enhance your experience.
7.2 Types of Cookies We Use
| Cookie Type | Purpose | Duration |
|---|---|---|
| Strictly Necessary | Essential for Website functionality, shopping cart, checkout | Session/Persistent |
| Performance/Analytics | Understanding how visitors use our Website | Up to 2 years |
| Functionality | Remembering your preferences and settings | Up to 1 year |
| Targeting/Advertising | Delivering relevant advertisements | Up to 2 years |
7.3 Cookie Consent
In accordance with the ePrivacy Directive and UK PECR, we:
- Obtain your consent before placing non-essential cookies
- Provide a cookie consent banner upon your first visit
- Allow you to manage your cookie preferences at any time
7.4 Managing Cookies
You can manage cookies through:
- Our cookie consent tool on the Website
- Your browser settings
- Third-party opt-out tools
Note: Blocking certain cookies may affect Website functionality.
For more details, please see our [Cookie Policy].
8. DATA SHARING AND DISCLOSURE
8.1 Categories of Recipients
We may share your personal data with:
| Recipient Category | Purpose |
|---|---|
| Payment Processors | Processing payments securely (e.g., Stripe, PayPal) |
| Delivery Partners | Shipping and delivering your orders |
| Cloud Service Providers | Hosting and data storage |
| Analytics Providers | Website analytics (e.g., Google Analytics) |
| Marketing Platforms | Email marketing and advertising |
| Customer Support Tools | Managing inquiries and support tickets |
| Professional Advisors | Legal, accounting, and insurance services |
| Government Authorities | When required by law |
8.2 Data Processing Agreements
All third parties are required to:
- Process data only on our instructions
- Implement appropriate security measures
- Comply with applicable data protection laws
- Enter into Data Processing Agreements (DPAs) where required
8.3 We Do NOT:
- Sell your personal data to third parties
- Share your data for third-party marketing without your explicit consent
9. INTERNATIONAL DATA TRANSFERS
9.1 Transfers Outside the EEA/UK
Some of our third-party service providers may be located outside the EEA and UK. When we transfer your data internationally, we ensure appropriate safeguards are in place:
| Safeguard | Description |
|---|---|
| Adequacy Decisions | Transfer to countries deemed adequate by the UK/EU Commission |
| Standard Contractual Clauses (SCCs) | EU/UK-approved contractual terms for data protection |
| UK International Data Transfer Agreement (IDTA) | UK-specific transfer mechanism |
| Binding Corporate Rules | Internal rules for multinational organizations |
9.2 Your Rights
You have the right to request information about the safeguards in place for international transfers. Contact us at nxs@nexaurastores.online.
10. DATA RETENTION
10.1 Retention Periods
We retain your personal data only for as long as necessary:
| Data Category | Retention Period | Reason |
|---|---|---|
| Account Data | Duration of account + 6 years | Contract and legal compliance |
| Transaction Records | 7 years | Tax and accounting obligations |
| Marketing Preferences | Until consent withdrawn | Consent-based processing |
| Customer Support Records | 3 years | Service improvement and disputes |
| Website Analytics | 26 months | Performance analysis |
| Cookie Data | Varies by cookie (see Cookie Policy) | Functional necessity |
10.2 Deletion and Anonymization
When retention periods expire, we will:
- Securely delete your personal data, or
- Anonymize it so it can no longer identify you
11. YOUR DATA PROTECTION RIGHTS
Under UK GDPR and EU GDPR, you have the following rights:
11.1 Summary of Rights
| Right | Description |
|---|---|
| Right of Access | Request a copy of your personal data |
| Right to Rectification | Request correction of inaccurate or incomplete data |
| Right to Erasure (“Right to be Forgotten”) | Request deletion of your data in certain circumstances |
| Right to Restriction | Request limitation of processing in certain circumstances |
| Right to Data Portability | Receive your data in a structured, machine-readable format |
| Right to Object | Object to processing based on legitimate interests or direct marketing |
| Right to Withdraw Consent | Withdraw consent at any time (where processing is based on consent) |
| Rights Related to Automated Decision-Making | Not be subject to solely automated decisions with legal effects |
11.2 How to Exercise Your Rights
To exercise any of these rights:
- Email: nxs@nexaurastores.online
- Post:Suite 7215 Unit 3A 34-35 Hatton Garden Holborn,London,EC1N 8DX ,United Kingdom.
- Account Settings: Manage certain preferences directly
11.3 Verification
We may request proof of identity before processing your request to protect your data.
11.4 Response Time
We will respond to your request within one month. This may be extended by two additional months for complex requests, and we will inform you accordingly.
11.5 No Fee Usually Required
You will not usually be charged for exercising your rights. However, we may charge a reasonable fee for manifestly unfounded, repetitive, or excessive requests.
12. AUTOMATED DECISION-MAKING AND PROFILING
12.1 Current Practices
We may use automated processes for:
- Fraud Detection: Automated screening of transactions for security
- Product Recommendations: Personalized suggestions based on browsing/purchase history
12.2 Your Rights
You have the right to:
- Request human intervention
- Express your point of view
- Contest automated decisions
These rights apply where decisions produce legal or similarly significant effects.
13. DATA SECURITY
13.1 Security Measures
We implement appropriate technical and organizational measures to protect your personal data:
Technical Measures:
- SSL/TLS encryption for data in transit
- Encryption of sensitive data at rest
- Secure payment processing (PCI-DSS compliant)
- Regular security testing and vulnerability assessments
- Firewalls and intrusion detection systems
Organizational Measures:
- Access controls and authentication
- Staff training on data protection
- Confidentiality agreements
- Incident response procedures
- Regular policy reviews
13.2 Data Breach Notification
In the event of a personal data breach that poses a risk to your rights and freedoms, we will:
- Notify the relevant supervisory authority within 72 hours
- Notify affected individuals without undue delay (where required)
14. CHILDREN'S PRIVACY
14.1 Age Restrictions
Our Website is not intended for children under the age of 16 (or applicable age in your jurisdiction). We do not knowingly collect personal data from children.
14.2 Parental Rights
If you believe we have collected data from a child, please contact us immediately at nxs@nexaurastores.online. We will delete such data promptly.
15. THIRD-PARTY LINKS
Our Website may contain links to third-party websites. We are not responsible for the privacy practices of these external sites. We encourage you to read their privacy policies before providing any personal data.
16. COMPLAINTS
16.1 Contact Us First
If you have concerns about how we handle your personal data, please contact us first:
We will endeavor to resolve your complaint promptly.
16.2 Supervisory Authorities
You have the right to lodge a complaint with a data protection supervisory authority:
For UK Residents:
- Information Commissioner’s Office (ICO)
- Website: www.ico.org.uk
- Phone: 0303 123 1113
For EEA Residents:
Contact your local Data Protection Authority. A list is available at:
https://edpb.europa.eu/about-edpb/about-edpb/members_en
17. CHANGES TO THIS PRIVACY POLICY
17.1 Updates
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.
17.2 Notification
We will notify you of significant changes by:
- Posting the updated policy on our Website
- Updating the “Last Updated” date
- Sending email notifications for material changes
- Displaying a notice on our Website
17.3 Review
We encourage you to review this Privacy Policy periodically.
18. CONTACT US
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
Nexaurastores
- Email: nxs@nexaurastores.com
- Data Protection Officer: nexauraestores@gmail.com
- Address:Suite 7215 Unit 3A 34-35 Hatton Garden Holborn,London,EC1N 8DX ,United Kingdom.
- Phone: +447446192812
- Website: [www.nexaurastores.online]
19. ADDITIONAL INFORMATION FOR EEA/UK USERS
19.1 Representative (if applicable)
If we are established outside the EEA/UK but process data of EEA/UK residents, our representative is:
[Insert Representative Name and Contact Details if applicable]
19.2 Lead Supervisory Authority
Our lead supervisory authority is:
- Saba Mahmood
DOCUMENT CONTROL
| Version | Date | Changes |
|---|---|---|
| 1.0 | 18/02/2026 | Initial version |
This Privacy Policy was last updated on 18/02/2026.