Privacy Policy

1. Who We Are

This privacy notice sets out how StoreFeeder Ltd [Company Number 06585175] (“StoreFeeder”) uses and protects any personal information that you provide to StoreFeeder, or which we may receive from other sources. Our registered office address is: 185 Farringdon Road, London, EC1A 1AA.

StoreFeeder is a wholly owned subsidiary of The Royal Mail Group. StoreFeeder want visitors to its website to be able to take part fully in the functionality of its website. We are committed to do this in a way that does not infringe your right to privacy.

Please read the following carefully. By continuing to use this website you accept the practices described within this policy.

2. Who is the Data Controller (for the purposes of Data Protection Law)?


Controller: StoreFeeder may also receive personal data relating to its own customers (i.e. the Merchants themselves as well as their employees and agents) over the course of the provision of the services.  In respect of this information StoreFeeder is the Data Controller.


Processor: StoreFeeder may receive personal data from Merchants that use our service which relates to customers of those Merchants. In this situation the Merchants are the Data Controllers of their customers’ data.  StoreFeeder are Data Processors in this instance. If you are a customer of a Merchant that uses our services, we would recommend that you contact the relevant Merchant, who is the Data Controller. As such, any queries received by StoreFeeder in relation to the tasks and obligations of the Data Controller within that relationship, will be advised to contact the relevant merchant that that sale was purchased through.

3. Information that we may collect from you

We may collect and process the following data about you:


Identity details: First Name, Last name and title.


Contact details: Provided by filling in forms on this site when e.g. provided at the time of registering to use our services or requesting further services details from us: Business address, billing address, email address(es), telephone number(s) and fax number(s).


Technical information: Including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform.


Profile Data: Your username and password, your browsing history, account preferences, feedback and survey responses.


Transaction Data: Includes details about payments to and from you and other details of products and services you have purchased from us.


Special Category Data: We do not collect any special categories of data about you e.g. your race, ethnicity, religion, political beliefs, sexual orientation, health / biometric data or trade union membership.

4. Information we receive from other sources.


Merchants Data: Through the use of StoreFeeder’s service, we may receive transient (temporary) information that enables the use of our software e.g. details of transactions Merchants’ customers may have inputted through the Merchants’ sales channel (e.g. Ebay, Amazon etc.) that has been linked to our service to enable the fulfilment of the Merchants customers’ order.


Channel Shipper: If you are a user of Royal Mail’s Click&Drop service that opts to upgrade its Click&Drop service to a Channel Shipper account, your existing customer data will be moved over from Click&Drop to Channel Shipper so that you can still utilise your historic customer data. This would cover data as prescribed under Section 3.

5. Uses made of the information

We use information held about you in the following ways:


Legitimate Interests: This means the interest of StoreFeeder conducting and managing our business to enable us to give you the best service/product as well as the best and most secure experience. At all times we are We are committed to do this in a way that does not infringe your right to privacy.


Performance of contract: See 5.2


Customer use analysis: To study available data of how customers use our services/website to develop them and grow our business.


Performance of contract: To carry out our obligations arising from any contracts entered into between you and us or to take steps at your request before entering into such a contract:


Orders & Services: To process / deliver orders/services to you


Manage payments: Fees and charges for services performed under contract.


Billing: Collect and recover money owed to us for services performed under contract.


Renewal of service: Sending / issuing renewal invoices in advance of renewal date.


Protection of our business: To allow us to administer and protect StoreFeeder’s business and this website  e.g. including troubleshooting, data analysis, testing, system maintenance, support and reporting.


Relationship Management: To manage our relationship with you e.g.:


Problem resolution: To facilitate the resolution of a problem/service.


Terms and Conditions: Notify you of changes to our terms and conditions.


Service Review / Survey: To request your participation in a review of the quality services currently provided or future product development.


Existing product recommendations: To make suggestions and recommendations to you regarding the existing services and features of the product that you may already be contracted to.


Marketing: To draw your attention to new services/products that we feel may be of interest to you. Such contact will of course consider your marketing consent preferences selected when you created your account or have since updated by editing your preferences within the settings menu.

6. Disclosure of your information


StoreFeeder Integrated Services: At the instigation of our customers who must already have an pre-existing live account in place with either a Logistics company, company accounts software or ecommerce provider; You may link your account details into StoreFeeder so that you can utilise your linked accounts and from the one control source, StoreFeeder. StoreFeeder will then hold data in line with your integrated account to support their features within StoreFeeder [subjected to clause 9.2.4].


Channel Shipper: If you decide that you wish to revert back to Royal Mail Group Ltd’s Click&Drop service, we will transfer all pertinent data described under Section 3 to the Royal Mail Group Ltd so that you can continue to access historic data generated (within the functionality offered by Click&Drop) whilst utilising Channel Shipper.


Third Party Acquisition:  In the event that we sell or buy any business or assets, in which case we will disclose your personal data to the prospective seller or buyer of such business or assets;
- If we are acquired by a third party, in which case personal data held by us about our customers will be one of the transferred assets; and


Legal obligation to share information: If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms of use and other agreements; or to protect the rights, property, or safety of our customers, our regulator, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and prevention of money laundering and credit risk reduction.

7. Security

We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.

8. Where we store your personal data


European Economic Area: The data that we collect from you is transferred to, and stored at, a destination within the European Economic Area (“EEA”). This data will be processed by staff or approved external suppliers that operate from either inside or outside of the EEA. Should your personal data be transferred out of the EEA, we will ensure that a similar degree of protection is afforded to as is required by the UK’s data protection legislation, as set out below.


We may share your personal data with Royal Mail Group Ltd (company number 04138203) and its group of companies. This may involve transferring your data outside the UK.


We ensure your personal data is protected by requiring that Royal Mail Group Ltd and its group of companies follow the same rules when processing your personal data. These rules are called “binding corporate rules”.


Whenever we transfer your personal data out of the UK, we will ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:


We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data. Countries within the EEA are recognised by the UK as having adequate protections in place in relation to personal data.


Where we use service providers who are based outside the UK and the EEA, we may use specific contracts approved for use in the UK which give personal data the same protection it has in the UK.


Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between Europe and the US.


Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the UK.


StoreFeeder Data Drop Point: Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

9. How long we will keep your personal data


Storage limitation: We will only retain your personal data for so long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting or reporting requirements (typically six years after the end of any contract with you).


Retention period: To determine the appropriate retention period for personal data, we consider:


The amount, nature and sensitivity of the personal data,


The potential risk from unauthorised use or disclosure of your personal data,


The purposes for which we process your personal data and whether we can achieve those purposes through other means and the applicable legal requirements.


Any Integration contractual terms of use commitments in place e.g. instructions from eCommerce platforms.


Data Deletion and Anonymisation:


Data Deletion: In some circumstances you can ask us to delete your data: See section 11 for more information about your rights regarding your personal data.


Data Anonymisation: some circumstances, we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.

10. Changes to our privacy policy

This policy may be updated from time to time. Please check back frequently to see any updates or changes to our privacy policy.

11. Your rights in respect of your personal data

Where processing of your personal data is based on consent, you can withdraw that consent at any time.

You have the following rights. You can exercise these rights at any time by contacting us at You have the right:


To ask us not to process your personal data for marketing purposes. We will inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes;


To ask us not to process your personal data for scientific or historical research purposes, where relevant, unless the processing is necessary in the public interest;


To ask us not to process your personal data for scientific or historical research purposes, where relevant, unless the processing is necessary in the public interest;


To request from us access to personal information held about you. To submit your SAR, you can contact us at using this form Open Subject Access Form.


To ask for the information we hold about you to be rectified if it is inaccurate or incomplete;


To ask for data to be erased provided that the personal data is no longer necessary for the purposes for which it was collected, you withdraw consent (if the legal basis for processing is consent), you exercise your right to object, set out below, and there are no overriding legitimate ground for processing, the data is unlawfully processed, the data needs to be erased to comply with a legal obligation or the data is children’s data and was collected in relation to an offer of information society services;


To ask for the processing of that information to be restricted if the accuracy of that data is contested, the processing is unlawful, the personal data is no longer necessary for the purposes for which it was collected, or you exercise your right to object (pending verification of whether there are legitimate grounds for processing); and


To ask for data portability if the processing is carried out by automated means and the legal basis for processing is consent or contract.

To exercise any of these rights or should you have any issues, concerns or problems in relation to your data, or wish to notify us of data which is inaccurate, please let us know by contacting us at or you can also submit your request in writing to:

FAO Compliance Manager
Unit 2, Colliers Way,
Phoenix Business Park,

12. Lodging a complaint

If you have any concerns with how we have handled your enquiry, write to us at the following address outlining your concerns with an indication of the action you expected to have been taken. Once received, we will respond to acknowledge the receipt of your concerns with an indication of an expected timeline of how long it may take to review concerns raised – dependant upon the complexity of the issues raised:

Urgent Data Protection Complaint
Managing Director: Brian Williamson
Unit 2, Colliers Way,
Phoenix Business Park,

13. Supervisory Authority

If you remain dissatisfied with our response to your enquiry, you have the right to contact ‘The Information Commissioners Office’ (ICO) to discuss your concerns and agree any relevant next steps. The latest contact details for the ICO can be found here:

14. Cookies

Cookies are small text files that can be used by a website or domain to make a user’s experience more efficient. Cookies help us provide you with a better website experience by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.

The law states that we can store cookies on your device if they are strictly necessary for the operation of this site. For all other types of cookies, we need your permission. You can choose to accept or decline the other form of cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website

15. List of Cookies we use on this site:

16. Links to other websites

Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.

17. HotJar

We use Hotjar in order to better understand our users’ needs and to optimize this service and experience. Hotjar is a technology service that helps us better understand our users’ experience (e.g. how much time they spend on which pages, which links they choose to click, what users do and don’t like, etc.) and this enables us to build and maintain our service with user feedback. Hotjar uses cookies and other technologies to collect data on our users’ behaviour and their devices. This includes a device’s IP address (processed during your session and stored in a de-identified form), device screen size, device type (unique device identifiers), browser information, geographic location (country only), and the preferred language used to display our website. Hotjar stores this information on our behalf in a pseudonymized user profile. Hotjar is contractually forbidden to sell any of the data collected on our behalf.

For further details, please see the ‘about Hotjar’ section of Hotjar’s support site .

18. Controlling your personal information

You may choose to restrict the collection or use of your personal information. Whenever you are asked to fill in a form on the website, look for the box that you can click to indicate whether you want the information to be used for marketing purposes. This choice can always be changed should you wish by changing your privacy settings in your account details.