Privacy Notice – E Cups Ltd

This Privacy Notice explains how E Cups Ltd (the Data Controller) collects, uses, and protects your personal data. References to “we”, “us”, “our”, or “controller” refer to E Cups Ltd.

Last Updated: May 2026

1. Our Contact Details

We are the data controller for the personal data we process. You can contact us regarding your data through any of the following channels:

  • Postal Address: Appletree House, The Lane, Gate Helmsley, York YO41 1JT

  • Telephone: 07813 964541

  • Email: hello@ecups.co.uk

  • Website:https://www.ecups.co.uk/

Data Protection Officer

While we are not legally required to appoint a Data Protection Officer (DPO) under the UK GDPR, we take your privacy seriously. We consult with external data protection experts to ensure our practices remain compliant and secure.

2. How We Obtain Your Personal Data

We collect information through the following methods:

Directly from you:

  • When you make enquiries about our products.

  • When you purchase products from us.

  • Through networking events or social engagements (e.g., swapping business cards).

Indirectly:

  • Information you have made publicly available (e.g., social media platforms).

  • Word-of-mouth referrals and business recommendations.

3. How We Use Your Data

The table below outlines our processing activities, the data involved, and our legal basis for doing so.

4. Lawful Grounds for Processing

We rely on the following sections of the UK GDPR to process your data:

  • Contractual Obligation (Art. 6(1)(b)): Necessary to provide quotes, fulfill orders, and receive payment. Without this data, we cannot enter into a contract with you.

  • Legal Obligation (Art. 6(1)(c)): Necessary for tax records, financial auditing, or cooperating with law enforcement.

  • Legitimate Interests (Art. 6(1)(f)): Specifically for "soft opt-in" marketing. If you have previously engaged with us or bought our products, we may send you relevant marketing info. You can opt-out at any time.

5. Sharing and Transferring Data

  • No Selling: We do not sell or rent your data to third parties for marketing purposes.

  • Data Processors: We use third-party service providers (e.g., QuickBooks). They operate under strict contracts and are only permitted to process data as instructed by us.

  • International Transfers: If data is transferred outside the UK, we ensure protection via Adequacy Regulations or Standard Contractual Clauses (SCCs) / UK International Data Transfer Agreements (IDTA).

6. Your Rights

Under UK data protection law, you have the following rights:

  1. Access: Request a copy of the data we hold about you.

  2. Rectification: Ask us to correct inaccurate information.

  3. Erasure: Request that we delete your data (in certain circumstances).

  4. Restriction: Ask us to limit how we use your data.

  5. Objection: Object to processing based on legitimate interests (e.g., marketing).

  6. Portability: Request the transfer of your data to another provider.

Note: We do not perform any automated decision-making or profiling.

To exercise these rights, please contact us at hello@ecups.co.uk. We will respond within one month and do not charge a fee for valid requests.

7. Complaints and Links

  • ICO: If you are unhappy with how we handle your data, you can complain to the Information Commissioner’s Office (ICO) at https://ico.org.uk/make-a-complaint/.

  • External Links: Our website may link to other sites. We are not responsible for their privacy practices; please review their individual policies.