**Last updated:** January 2026

Eskimo EPOS Limited t/a **Eskimo Rolls** (“we”, “us”, “our”) is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, store and protect your personal data when you use our website **[www.eskimorolls.com](https://www.eskimorolls.com)**.

This policy is written in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who We Are (Data Controller)
Eskimo Rolls is a trading name of:
**Eskimo EPOS Limited**
The Old Dairy, Parley Green Lane
Parley, Christchurch
Dorset, BH23 6BB
United Kingdom
Company Number: **09088085**

For any data protection or privacy-related enquiries, please contact: privacy@eskimorolls.com

2. What Personal Data We Collect
We may collect and process the following types of personal data:
a) Information You Provide Directly
* Name
* Company name
* Billing and delivery address
* Email address
* Telephone number
* Account login details (if you create an account)
* Order details and purchase history
* Messages submitted via contact forms

b) Automatically Collected Information
* IP address
* Browser type and version
* Device information
* Pages visited and interactions with the website
This data is collected using cookies and analytics tools (see Section 9).

3. How We Use Your Personal Data
We use your personal data for the following purposes:
* To process and fulfil orders
* To manage customer accounts
* To send order confirmations and transactional communications
* To arrange delivery of goods
* To respond to enquiries and customer service requests
* To maintain accurate accounting and business records
* To improve our website, products and services
* To comply with legal and regulatory obligations
We do **not** use your data for marketing communications unless you have explicitly opted in.

4. Legal Basis for Processing
We process your personal data under the following lawful bases:
* **Contractual necessity** – to fulfil orders and provide services
* **Legal obligation** – for accounting, tax and regulatory compliance
* **Legitimate interests** – to operate and improve our business
* **Consent** – where you have opted in to receive marketing communications
You may withdraw consent at any time.

5. Payments & Card Security
All card payments are processed securely using a **hosted payment solution provided by DOJO (formerly Payment Sense)**.
* We **do not store or process card details** on our website or servers
* Card data is handled directly by DOJO in accordance with **PCI-DSS security standards**
* Credit account customers may place orders on account subject to approval

6. Who We Share Your Data With
We only share your personal data where necessary to operate our business, including:
* **Payment processors** – DOJO (Payment Sense)
* **Courier and delivery services** – such as Parcelforce or other couriers depending on order requirements
* **Accounting software** – Xero, for financial record keeping
* **IT and website service providers** – where required for hosting and maintenance
All third parties are required to process your data securely and in compliance with data protection law.
We do **not** sell or rent your personal data to third parties.

7. Marketing Communications
At present, we send **order-related emails only**.
We may offer marketing communications (such as email or WhatsApp Business messages) in the future. Any such communications will be:
* Sent on an **opt-in basis only**
* Clearly identifiable as marketing
* Easy to unsubscribe from at any time

8. Data Retention
We retain personal data only for as long as necessary:
* **Order and financial records** – typically retained for 6–7 years to meet HMRC requirements
* **Customer accounts** – retained while the account remains active
* **Marketing data** – retained until you unsubscribe or withdraw consent
* **Contact enquiries** – retained only as long as needed to respond

9. Cookies & Analytics
We use cookies to ensure our website functions correctly and to analyse site usage.
* We use **Google Analytics** to collect anonymised statistical data
* Cookies are managed using **CookieYes**
* You can control or withdraw cookie consent at any time via the cookie banner or your browser settings
For more information, please see our Cookie Policy.

10. Your Rights Under UK GDPR
You have the right to:
* Access the personal data we hold about you
* Request correction of inaccurate data
* Request deletion of your data (where applicable)
* Restrict or object to processing
* Request data portability
* Withdraw consent at any time
* Lodge a complaint with the Information Commissioner’s Office (ICO)

To exercise any of these rights, please contact privacy@eskimorolls.com

11. Data Security
We take appropriate technical and organisational measures to protect your personal data against loss, misuse, unauthorised access or disclosure.

12. Changes to This Policy
We may update this Privacy Policy from time to time. Any changes will be posted on this page and the “Last updated” date will be revised accordingly.

13. Contact Us
If you have any questions about this Privacy Policy or how we handle your personal data, please contact: privacy@eskimorolls.com