Privacy policy
Last updated: 17 January 2026
This Privacy Policy explains how Xevox Nutrition (“we”, “us”, “our”) collects, uses, and shares your personal data when you visit our website, create an account, place an order, or interact with us.
Data Controller
Xevox Nutrition
Address: 71–75 Shelton Street, Covent Garden, London, WC2H 9JQ, United Kingdom
Email: support@xevoxnutrition.com
Please read this Privacy Policy alongside any notices shown at checkout, on forms, or at the point we collect data.
We may update this Privacy Policy from time to time by publishing an updated version on our website.
1) What personal data we collect
We collect personal data from you directly (e.g., checkout, forms), automatically (e.g., cookies/analytics), and from service providers that help us operate our store.
Data we may collect
|
Category |
Examples |
Collected when |
|
Identity & Contact |
Name, email, phone number, billing/shipping address |
Checkout, account creation, support contact |
|
Order & Transaction |
Items purchased, order value, delivery details, returns |
Checkout, returns/refunds |
|
Payment & Fraud Signals |
Payment status, risk signals, limited identifiers from payment providers |
Checkout/payment verification |
|
Account Data |
Login details, saved addresses, preferences |
Account creation/login |
|
Customer Support |
Messages, emails, chat content, complaint handling notes |
Contacting support |
|
Usage & Device |
IP address, device/browser info, pages viewed, clicks, referral source |
Site browsing (cookies/analytics) |
|
Marketing Preferences |
Opt-in status, email engagement (opens/clicks) |
Newsletter sign-up, email interactions |
Important: We do not store full card details. Payments are processed by our payment providers.
If you provide personal data about someone else (e.g., gifting), you must have their permission.
2) How we use your data
Under UK GDPR, we must have a lawful basis to process your data.
Processing purposes
|
Purpose |
Examples |
Lawful basis |
|
Fulfil your order |
Payment processing, packing, shipping, order updates |
Contract |
|
Customer support |
Answering questions, resolving delivery/returns issues |
Contract / Legitimate interests |
|
Improve our website |
Analytics, troubleshooting, performance monitoring |
Legitimate interests |
|
Marketing communications |
Email updates, product news, restock notifications |
Consent (and soft opt-in where permitted) |
|
Security & fraud prevention |
Fraud screening, protecting accounts and checkout |
Legitimate interests / Legal obligation |
|
Legal & compliance |
Tax/accounting records, responding to legal requests |
Legal obligation |
3) Marketing preferences
If you subscribe to our emails, we’ll send you marketing communications. You can opt out at any time by:
- Clicking unsubscribe in any marketing email, or
- Contacting us at [your support email]
Service messages (e.g., order confirmation, dispatch, payment and account security notices) are not marketing and you can’t opt out of them.
4) Cookies & analytics
We use cookies and similar technologies to:
- Make the site function (cart/checkout, security)
- Remember preferences
- Measure performance and improve the site
- Understand how customers browse and shop (Google Analytics)
You can manage cookies through your browser settings. If you block cookies, some site features may not work correctly.
(If you use a cookie banner/consent tool, include a “Cookie preferences” link in your footer and reference it here.)
5) Who we share your data with
We share personal data only when needed to operate the store, provide services, or meet legal obligations.
Key service providers (based on your stack)
|
Type |
Providers/tools |
Why they receive data |
|
Store platform |
Shopify |
Hosting, checkout, order management |
|
Payments |
Shopify Payments, PayPal, Stripe, Klarna, Clearpay, Shop |
Payment processing, fraud prevention, transaction handling |
|
Email marketing |
Klaviyo |
Email campaigns, customer segmentation (based on your settings), transactional/marketing emails where enabled |
|
Analytics |
Google Analytics |
Site usage measurement and performance insights |
|
Delivery/fulfilment |
Shipping carriers/fulfilment partners you use |
Delivering orders, tracking updates |
We do not sell your personal data.
We do not allow service providers to use your data for their own purposes; they may only process it to provide services to us, under contract.
6) International transfers
Some of our service providers may store or process data outside the UK (for example, in the US). Where this occurs, we use appropriate safeguards required by UK GDPR (such as approved contractual protections) to help keep your data protected.
7) How long we keep your data
We keep your personal data only for as long as necessary for:
- Fulfilling orders and providing support
- Legal, tax, and accounting obligations
- Fraud prevention and dispute resolution
Typical retention (guidance)
|
Data type |
Typical reason |
Typical retention |
|
Order/transaction records |
Tax/accounting, customer service |
Usually 1 year (UK accounting/tax practice) |
|
Support correspondence |
Resolving issues, service improvement |
As needed, then deleted/archived |
|
Marketing data |
Until you unsubscribe or request deletion |
Until opt-out/request (or inactive list clean-ups) |
|
Analytics data |
Site improvement and performance |
According to your GA settings |
8) Your rights (UK GDPR)
You may have the right to:
- Access the data we hold about you
- Correct inaccurate data
- Request deletion (where applicable)
- Restrict or object to processing (including direct marketing)
- Request data portability
- Withdraw consent at any time (where processing is based on consent)
To make a request, contact support@xevoxnutrition.com
You also have the right to complain to the Information Commissioner’s Office (ICO), the UK data protection authority.
9) Security
We take the security of your personal data seriously and use appropriate technical and organisational measures to help protect it from unauthorised access, loss, misuse, or disclosure.
While no online system can guarantee absolute security, we continuously review and maintain our safeguards to align with industry standards.
10) Contact
Xevox Nutrition
71–75 Shelton Street, Covent Garden, London, WC2H 9JQ, United Kingdom
Email: support@xevoxnutrition.com