Privacy Policy

Last updated: 10 February 2026 

This Privacy Policy explains how Self Help Supermarket (“we”, “us”, “our”) collects, uses, shares, and protects personal data when you use our website https://www.selfhelpsupermarket.com

We aim to handle personal data transparently and in line with the UK GDPR and the Data Protection Act 2018.

1) Who we are (Data Controller)

Controller: Self Help Supermarket
Privacy & legal contact: info@selfhelpsupermarket.com

2) The personal data we collect

We may collect and process the following categories of personal data, depending on how you interact with the Site:

A) Information you provide to us

• Enquiries: If you contact us, we may collect your name, email address, and the content of your message.
  
  
• Payments: If you buy something through the Site, we may collect basic purchase and identity details required to process and confirm the transaction (for example: name, email, payment status, and what was purchased).
  
  

We do not store full payment card details. Payments are processed by Stripe (see Section 6).

B) Information we collect automatically

When you browse the Site, we may collect:

• Device and usage data: IP address, approximate location (country/city), browser type/version, device type, operating system, pages visited, time spent, referring URLs, clicks and interactions.
• Cookie identifiers and similar tracking data: depending on which cookies you accept (see Section 5).

C) Public listings and directory content

The Site may display information about Experts or methods. Where information is submitted for listing and publication, it may include personal data (for example, an individual’s name, biography, public contact links, or business details). This content is generally intended to be public.

3) How we use personal data

We use personal data for the following purposes:

1. To run and maintain the Site Including
   performance, troubleshooting, security, and fraud prevention.
   
   
2. To respond to messages
   Where you contact us, we use your details to reply.
   
   
3. To process payments and deliver paid features
   To confirm transactions and provide access/delivery of the relevant paid item or feature.
   
   
4. To understand usage and improve the Site
   Using analytics and behavioural tools to improve usability, content, and performance (subject to cookie consent rules).
   
   
5. To market and measure advertising performance
   Where enabled and where lawful/consented, we may use advertising pixels/tags to understand campaign performance and build audiences.
   
   
6. To comply with legal obligations
   For example, accounting and tax record-keeping, and responding to lawful requests.
   
   

4) Our lawful bases for processing (UK GDPR)

We process personal data only when we have a lawful basis, including:

• Contract: where processing is necessary to provide something you purchase or request.
• Legitimate interests: to operate, secure, and improve the Site (balanced against your rights).
• Consent: for non-essential cookies (including analytics/advertising cookies) and, where applicable, marketing communications.
• Legal obligation: for tax, accounting, and regulatory compliance.
  
  

5) Cookies, analytics, and advertising tags

We use cookies and similar technologies.

• Essential cookies are required for core Site functionality and security.
• Non-essential cookies (analytics and advertising) should be used only where permitted by law and—where required—only after you’ve given consent via a cookie banner.
  
  

Because you use analytics and advertising tools, the Site may involve:

• analytics and performance measurement;
• session recordings/heatmaps to improve usability;
• advertising measurement and audience building.
  
  

Your tooling includes: Google Analytics, Google Search Console, Hotjar, Microsoft Clarity, Meta Pixel, LinkedIn Insight Tag.

Once a cookie banner is installed, you will be able to accept, reject, or manage non-essential cookies. You can also control cookies through browser settings, though this may affect Site functionality.

6) Payments via Stripe

Payments on the Site are processed by Stripe. Stripe may collect and process personal data such as:

• your name and email address,
• transaction and payment status information,
• billing details you provide to Stripe,
• payment method details (handled securely by Stripe).
  
  

We receive confirmation and transaction metadata (e.g., successful/failed payment, product purchased, time/date, amount). We do not receive or store your full card number.

7) Sharing your data

We do not sell your personal data.

We may share data with:

• Service providers who help us run the Site (hosting, analytics, security, email delivery, cookie management tools).
• Payment processors (Stripe) to take payments and prevent fraud.
• Professional advisers (legal/accounting) where necessary.
• Authorities where required by law.
  
  

Expert sharing: You have confirmed you do not automatically share purchaser personal data with Experts. If you choose to contact an Expert, or provide details to an Expert directly, that exchange is between you and the Expert and is governed by their own policies.

8) International data transfers (US hosting and third parties)

Your Site is hosted in the United States, and several service providers you use may also process data outside the UK.

Where personal data is transferred outside the UK, we aim to ensure appropriate safeguards are in place—such as the UK International Data Transfer Agreement (IDTA), the UK Addendum to the EU Standard Contractual Clauses, or another lawful transfer mechanism.

9) Data retention

We keep personal data only as long as necessary for the purposes described:

• Enquiries: typically retained for up to 24 months (unless longer retention is needed for an ongoing matter).
• Transaction records: typically retained for up to 6 years to meet UK accounting/tax obligations.
• Analytics data: retained according to the settings within the relevant tools and our configuration.
  
  

10) Your rights (UK GDPR)

You may have rights including:

• access to your personal data,
• correction of inaccurate data,
• deletion (in certain circumstances),
• restriction of processing,
• objection (particularly where we rely on legitimate interests),
• withdrawal of consent (where processing is based on consent),
• data portability (in some circumstances).
  
  

To exercise rights, contact: info@selfhelpsupermarket.com.

You may also complain to the Information Commissioner’s Office.

11) Children

The Site is not intended for children under 18, and we do not knowingly collect personal data from children.

12) Security

We use reasonable technical and organisational measures to protect personal data. However, no online service can be guaranteed to be fully secure, and you use the Site at your own risk.

13) Changes to this policy

We may update this Privacy Policy from time to time. We will change the “Last updated” date accordingly. Continued use of the Site after changes take effect means you accept the updated policy.