Browse Categories
View all stores β†’
backcartSHOP UK Β· SHIPPED HOME

Legal

Privacy Policy

Effective date: 1 May 2025 Β Β·Β  Last updated: 12 May 2026

This policy is issued by UKDirect Ltd trading as ShopFromUK ("we", "us", "our"). It complies with the Nigeria Data Protection Regulation (NDPR) 2019 and the Nigeria Data Protection Act (NDPA) 2023.

1. Who we are

ShopFromUK is an e-commerce service operated by UKDirect Ltd that sources products from UK retailers and ships them to customers in Nigeria. Our registered office is in Nigeria. You can contact our Data Protection Officer at privacy@shopfromuk.com.

2. Data we collect

Information you give us

  • Account data: name, email address, password (hashed β€” we never store plain-text passwords)
  • Order data: delivery address, phone number, order contents, payment reference
  • Communications: messages you send to our support team

Data collected automatically

  • Technical data: IP address, browser type, pages visited, timestamps β€” collected via our server logs for security and rate-limiting purposes
  • We do not use third-party analytics trackers or advertising cookies

Payment data

Card and payment details are handled entirely by Paystack. We receive only a payment reference and status confirmation β€” we never see or store your card number, CVV, or bank credentials.

3. How we use your data

  • Fulfil your order β€” process payment, source products, ship to your address, send order status updates (legal basis: performance of contract)
  • Manage your account β€” verify your email, allow you to sign in, reset your password (legal basis: performance of contract)
  • Customer support β€” respond to your enquiries and resolve disputes (legal basis: legitimate interest)
  • Security and fraud prevention β€” detect and block abusive requests, protect your account (legal basis: legitimate interest)
  • Marketing emails β€” send you newsletters, promotions, and restock alerts only if you have not opted out (legal basis: consent, withdrawable at any time)
  • Legal compliance β€” retain records as required by Nigerian law (legal basis: legal obligation)

4. Who we share your data with

We do not sell your personal data. We share it only where necessary:

  • Paystack β€” payment processing (their privacy policy governs payment data)
  • Logistics partners β€” UK–Nigeria freight forwarders and last-mile couriers, who need your delivery address and phone number to complete delivery
  • Amazon Web Services (AWS) β€” infrastructure hosting (servers located in the EU-West region); AWS processes data under our instructions and is contractually bound to adequate data-protection standards
  • UK retailers β€” where we purchase products on your behalf, limited order details may be shared
  • Law enforcement or regulators β€” only when required by applicable law or a valid court order

5. International transfers

Your data is stored on AWS servers in the EU (Ireland, eu-west-1). Transfers from Nigeria to the EU are made under appropriate safeguards in line with the NDPA 2023. Email is delivered via Amazon SES, which may route through servers outside Nigeria, but this is subject to the same AWS data-processing agreement.

6. How long we keep your data

  • Unverified accounts: deleted automatically 7 days after registration if email is not verified
  • Active accounts: retained while your account is open
  • Closed accounts: order records retained for 7 years for tax and accounting purposes; personal profile data deleted within 30 days of account closure
  • Server logs: retained for 90 days for security analysis, then deleted

7. Your rights under the NDPR / NDPA

As a data subject under Nigerian law, you have the right to:

  • Access β€” request a copy of the personal data we hold about you
  • Rectification β€” ask us to correct inaccurate data
  • Erasure β€” request deletion of your data, subject to legal retention obligations
  • Restriction β€” ask us to limit how we process your data in certain circumstances
  • Objection β€” object to processing based on legitimate interest, including direct marketing
  • Portability β€” receive your data in a structured, machine-readable format
  • Withdraw consent β€” opt out of marketing at any time without affecting other services

To exercise any right, email privacy@shopfromuk.com. We will respond within 30 days. If you are unsatisfied with our response, you may lodge a complaint with the Nigeria Data Protection Commission (NDPC) at ndpb.gov.ng.

8. Marketing opt-out

You can unsubscribe from marketing emails at any time by clicking "Unsubscribe" in any promotional email, or by visiting our unsubscribe page. Opting out of marketing will not affect transactional emails (order confirmations, shipping updates, account security notices).

9. Security

We protect your data using industry-standard measures: all passwords are bcrypt-hashed, all data is transmitted over HTTPS/TLS, access is role-based, and we apply rate-limiting to prevent brute-force attacks. Despite these measures, no system is 100% secure. If you believe your account has been compromised, contact us immediately at support@shopfromuk.com.

10. Cookies

ShopFromUK uses only functional storage (browser localStorage) to maintain your shopping cart, wishlist, and login session. We do not use advertising or tracking cookies. No cookie consent banner is required because we do not set non-essential cookies.

11. Changes to this policy

We may update this policy from time to time. Material changes will be communicated by email to registered users and by updating the "Last updated" date above. Continued use of the service after changes constitutes acceptance.

12. Contact

For all privacy enquiries: privacy@shopfromuk.com
For general support: support@shopfromuk.com

Terms of ServiceUnsubscribe← Back to ShopFromUK