Privacy policy

Introduction

Xnexz (“we”, “our” or “us”) is committed to protecting the privacy and security of our customers and website visitors. We make marvellous safety footwear for people who work hard and deserve comfort and protection, and we want you to feel comfortable with how we handle your personal information. This Privacy Policy explains the kinds of personal data we collect, how we use and protect it, the lawful bases for our processing and the rights available to you. By accessing or using any part of the Xnexz website, you acknowledge the practices described in this policy.

Who We Are and How to Contact Us

Xnexz is a trading name of Xnexz Safety Footwear Ltd. We are the controller responsible for your personal data when you use our website, place an order or engage with us. We have appointed a data-privacy manager who oversees questions in relation to this Privacy Policy. If you have any questions about this policy or would like to exercise your rights, please contact:

  • Email: info@xnexz.com
  • Address: Xnexz Safety Footwear Ltd, 58 East Reach, Taunton, TA1 3EZ, United Kingdom.
  • Telephone: +44 2045690161

You have the right to complain to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection (www.ico.org.uk), if you believe we have not complied with data-protection law. We would appreciate the chance to address your concerns first.

Data we collect about you

Personal data means any information that can identify you. We collect the following categories of data when you interact with our website, purchase products or sign up for communications:

Category

Examples

Source & purpose

Identity and Contact Data

Name, billing and shipping address, email address, telephone number and shoe/clothing size (when placing an order).

Collected directly when you create an account, place an order, complete a form or contact us. Needed to fulfil orders, communicate with you and manage your account.

Financial Data

Payment card details and transaction information. We use a payment processor to handle payments securely; we do not store full card details on our servers.

Collected when you pay for goods. Used to process payments, issue refunds and detect fraud.

Technical and Device Data

IP address, browser type, device type, operating system, time zone, cookie identifiers and information about how you use our site (pages viewed, clicks, time spent, referring/exit pages).

Collected automatically through cookies, log files and analytics services to provide our website accurately, maintain security, understand user behaviour and improve our services.

Profile and Usage Data

Username and password, purchase history, preferences (e.g., shoe size and style), wishlist items and any feedback or survey responses.

Collected when you register, place orders, participate in surveys or promotions. Used to administer your account, recommend relevant products and improve customer experience.

Marketing and Communications Data

Your preferences in receiving marketing from us and our third-party partners and your communication preferences.

Collected when you opt in to emails or updates. Used to send you promotions, newsletters and updates about products you may like.

Customer Support Data

Information provided when contacting customer service, including the content of emails or phone calls.

Collected directly to respond to enquiries, resolve issues and improve our services.

Aggregated or Statistical Data

We may aggregate usage data to calculate statistics about website visits, product popularity or marketing effectiveness. Aggregated data does not directly identify you.

Generated from your personal data but used for analytical purposes and service improvement.

We do not collect special categories of personal data (such as health, race, political opinions or religion), nor do we intentionally collect information about children. Our site is intended for users over 13 years of age. If you believe a child has provided personal data to us, please contact us so we can delete it.

How We Collect Your Data

We use different methods to gather data from and about you:

  1. Direct interactions – You provide information when you create an account, place an order, subscribe to marketing communications, enter a competition, or contact us by phone, email or through social media.
  2. Automated technologies – As you browse the site, we automatically collect Technical and Usage Data using cookies, web beacons and other tracking technologies to understand how our site is used, maintain its security and personalise your experience. See the Cookies and tracking technologies section below for more details.
  3. Third-party or publicly available sources – We may receive personal data from analytics providers (such as Google Analytics), advertising networks and payment processors. We may also obtain limited data from social media platforms when you interact with our pages (e.g., when using hashtags or tagging us).

How We Use Your Data and Legal Bases

We will only use your personal data when the law allows us to. The General Data Protection Regulation (GDPR) and UK Data Protection Act require us to have a lawful basis for each use. We typically rely on the following bases:

  • Performance of a contract – To process your order, provide products, manage payments, arrange delivery, respond to warranty or return requests, and administer your account. Without your data we cannot fulfil these obligations.
  • Legitimate interests – To conduct and grow our business, improve our website and products, send relevant marketing, and prevent fraud. We consider and balance any potential impact on you and your rights.
  • Compliance with legal obligations – To comply with laws (e.g., accounting, tax), respond to legal requests, and ensure safety and security.
  • Consent – For sending marketing communications or using non-essential cookies. You can withdraw consent at any time without affecting the lawfulness of processing before withdrawal.

Purposes for which we use your data

We may use your personal data for the following purposes:

  1. To register you as a new customer and manage your account (Identity, Contact and Profile Data). This includes verifying your identity, managing login credentials and keeping your account information up to date.
  2. To process and deliver your orders – including receiving payments, shipping products, communicating about your order, and providing invoices (Identity, Contact, Financial, Transaction and Marketing Data). We use third-party payment processors and couriers to perform these services. For example, we may share your address with our delivery partners to dispatch your order.
  3. To respond to customer enquiries and provide support – we use Identity, Contact and Support Data to communicate with you about your questions or complaints. This communication is not for marketing purposes; you will continue to receive order-related messages even if you opt out of marketing.
  4. To manage our relationship with you – including notifying you about changes to our terms or privacy policy, requesting feedback or reviews, and enabling you to take part in surveys or competitions.
  5. To personalise your experience and send you marketing – we may use your Identity, Contact, Technical, Usage and Profile Data to form a view on what products and offers may be relevant for you and to provide personalised promotions. You will receive marketing communications only if you have subscribed or purchased from us and have not opted out. We never sell your data to third parties. You can opt out at any time by using the unsubscribe link in our emails or contacting us.
  6. To administer and protect our website and business – including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data. This helps us keep our website secure, improve its performance and prevent fraud.
  7. To use data analytics – to improve our website, products, marketing and customer relationships. We use services like Google Analytics and Microsoft Clarity to collect de-identified usage data. These providers may set cookies to collect information about your device and browsing behaviour; we use this information only in aggregated form.
  8. To deliver relevant online advertising – we may use cookies and share certain anonymised data with advertising partners (e.g., Google, Facebook, TikTok) to show you targeted ads and measure the effectiveness of our campaigns. You can manage your preferences via our cookie banner or opt out through the links in our Cookie Policy.
  9. To comply with legal and regulatory obligations – including record-keeping for tax and accounting, responding to legal requests, preventing fraud and protecting our rights and those of our customers.

We will not use your personal data for purposes incompatible with those described above. If we need to use your data for a different purpose, we will notify you and explain the legal basis.

Cookies and Tracking Technologies

Cookies are small text files placed on your device when you browse our site. We use cookies and similar technologies to:

  • Make the website work – essential cookies remember items in your cart and enable you to log in and check out.
  • Improve performance and analytics – cookies help us understand how visitors use our site, which pages are popular and whether users return to the site. We use traffic log cookies for statistical analysis and then remove the data.
  • Personalise content and advertising – cookies allow us to remember your preferences, show you relevant products and measure the effectiveness of our advertising campaigns.

Most browsers automatically accept cookies but you can usually modify your browser settings to decline or delete cookies. Declining certain cookies may limit your ability to use some features of the website. For detailed information about the cookies we use and how to manage your preferences, please see our Cookie Policy.

Disclosure of Your Information

We respect your privacy and will only share your personal data with trusted third parties for the purposes described in this policy. We may disclose your data to:

  • Service providers and partners – such as payment processors, couriers, IT hosting providers, customer service software providers, marketing and analytics partners and other companies that help operate our business. We require all service providers to treat your data in accordance with the law and to process it only for specified purposes under our instructions.
  • Affiliated companies – we may share your data with other brands within our corporate group where they assist us in providing services; they will use your data only as described in this policy.
  • Professional advisers and regulators – including lawyers, auditors and insurers who require the data to provide professional services, and government or law-enforcement agencies if required to comply with legal obligations.
  • Business transfers – if we sell or merge our business or transfer assets, we may share your data with the buyer or prospective buyer so they can continue to provide services. If such a change occurs, the new owners may use your personal data in the same way as set out in this privacy policy.
  • Fraud-prevention and credit-screening agencies – to detect, investigate and prevent fraud and protect the security of our website and customers.

We do not sell, rent or trade your personal information to third parties for their own marketing purposes.



International Transfers

Our website is hosted in the UK, but some of our service providers (such as analytics and advertising platforms) are located outside the United Kingdom and the European Economic Area (EEA). When we transfer personal data outside these regions, we ensure appropriate safeguards are in place to protect your data, including the use of standard contractual clauses approved by the UK government or European Commission, or reliance on adequacy decisions. Transfers to the USA by providers such as Google, Microsoft, Meta or TikTok may occur when using their analytics or advertising services; these providers are contractually obliged to protect your data and we will only share what is necessary.

Security of Your Data

We are committed to keeping your personal data secure and take appropriate technical and organisational measures to prevent unauthorised or unlawful processing and accidental loss, destruction or damage. Measures include:

  • Encryption and secure communications – our site uses HTTPS to encrypt information transmitted to our server, protecting personal and payment data during transmission.
  • Secure payment processing – we work with reputable payment providers and do not store full payment card details on our servers.
  • Access controls and confidentiality – only employees and partners who need your data to perform their job have access. They are subject to confidentiality obligations.
  • Physical and technical safeguards – including secure servers, firewalls, and intrusion-detection systems.
  • Training and awareness – staff receive training on data-protection principles and security practices.
  • Incident response – we have procedures to detect and respond to data breaches and will notify you and regulators where legally required.

While we strive to protect your personal data, please remember that no method of transmission or storage is completely secure. You also play an important role in safeguarding your information by choosing a strong password and keeping it confidential.

Data Retention

We will retain your personal data only for as long as necessary to fulfil the purposes we collected it for, including satisfying any legal, accounting or reporting requirements. Factors we consider when determining retention periods include the amount, nature and sensitivity of the data, the potential risk of harm from unauthorised use or disclosure, our purposes for processing and legal obligations.

  • Customer accounts and order data – we retain your order and transaction records for at least six years after you cease being a customer, as required for tax and accounting purposes. If you hold an account with us, we keep your profile information for as long as the account remains active or until you ask us to delete it.
  • Marketing data – we retain your marketing preferences until you opt out or request deletion. If you unsubscribe, we will keep a record of your opt-out to ensure we do not send you marketing again.
  • Technical and analytics data – we typically retain aggregated analytics data for up to 14 months, after which it is anonymised or deleted.
  • Enquiries and support correspondence – we keep communications for as long as necessary to resolve your enquiry and for a short period afterwards.

In some circumstances we may anonymise your personal data (so it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.

Your Rights

Under UK data-protection laws, you have rights in relation to your personal data. These include:

  1. Right to be informed – you have the right to be told about the collection and use of your personal data. We provide this information through this policy and our Cookie Policy.
  2. Right of access – you can request a copy of the personal data we hold about you. We may ask for proof of identity and respond within one month.
  3. Right to rectification – you can ask us to correct or update any inaccurate or incomplete data we hold.
  4. Right to erasure – you can request deletion of your personal data where there is no good reason for us to continue processing it. We may not always be able to comply if legal obligations require us to retain certain information.
  5. Right to object – you can object to our processing of your data where we rely on legitimate interests or for direct marketing. If you object to marketing, we will stop sending marketing messages; if you object to other processing, we will consider your circumstances and whether we have compelling legitimate grounds to continue.
  6. Right to restrict processing – you can ask us to suspend processing of your data in certain circumstances.
  7. Right to data portability – you can request that we transfer your personal data to you or to a third party in a structured, commonly used and machine-readable format.
  8. Right to withdraw consent – where we rely on consent (e.g., for marketing or certain cookies) you can withdraw your consent at any time.
  9. Right not to be subject to automated decision-making – we do not carry out automated decision-making that produces legal or similarly significant effects. Our payment processor may use limited automated checks (e.g., temporary IP or card deny-lists) to prevent fraud.

If you wish to exercise any of these rights, please contact our data-privacy manager at info@xnexz.com. We may ask you to provide information to confirm your identity to ensure your right to access your data. You will not have to pay a fee to exercise your rights unless your request is unfounded, repetitive or excessive.

Children’s Privacy

Our website is not intended for children under 13 years of age. We do not knowingly collect personal information from children. If a parent or guardian believes that a child under 13 has provided us with personal data, they should contact us to request deletion. We will remove the information from our systems as soon as possible.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal or regulatory reasons. The updated version will be posted on our website, and the “last updated” date will change accordingly. Please check back regularly to ensure you are aware of any changes. If the changes are material, we may also notify you by email or via a notice on our website.

Contact us

If you have questions about this Privacy Policy, wish to exercise any of your rights, or have concerns about your personal data, please contact our data-privacy manager:

  • Email: info@xnexz.com
  • Address: Xnexz Safety Footwear Ltd, 58 East Reach, Taunton, TA1 3EZ, UK
  • Telephone: +44 2045690161

We value your trust and will work diligently to address any concerns you may have.