Privacy Policy

Aby Hair
Trading as ExpressAby Limited
Last updated: 3rd March 2026

At Aby Hair, we are committed to protecting your privacy and handling your personal data with transparency and care. This Privacy Policy explains how we collect, use, and protect your information when you visit our website or make a purchase.

1. Who We Are

Aby Hair is a trading name of ExpressAby Limited, registered in the United Kingdom.

ExpressAby Limited is the data controller responsible for your personal data under the UK General Data Protection Regulation and, where applicable, the EU General Data Protection Regulation.

Contact details:
Email: info@abyhair.co.uk
Address: 5 Brayford Square, E10SG, London, United Kingdom

2. Information We Collect

We may collect and process the following types of personal data:

  • Full name
  • Billing and delivery address
  • Email address
  • Telephone number
  • IP address
  • Device and browser information
  • Payment information
  • Order history
  • Account login details
  • Marketing preferences
  • Messages and enquiries you send to us

We collect this information when you:

  • Place an order
  • Create an account
  • Subscribe to our newsletter
  • Contact customer support
  • Browse our website
  • Participate in promotions or offers

3. How We Use Your Information

We use your personal data to:

  • Process and deliver your orders
  • Manage payments and refunds
  • Provide customer support
  • Send order confirmations and delivery updates
  • Improve website functionality and performance
  • Prevent fraud and protect our business
  • Send marketing communications where you have opted in

4. Legal Basis for Processing

We process your data under the following lawful bases:

  • Contract performance, to fulfil your orders
  • Legal obligation, to meet tax and accounting requirements
  • Legitimate interests, to improve our services and prevent fraud
  • Consent, for email marketing and non essential cookies

You may withdraw your consent at any time by contacting us.

5. Website and Payment Processing

Our website operates using WooCommerce.

We accept payments through WooCommerce Payments and authorised payment providers. Payments may be made using:

  • Credit and debit cards
  • Apple Pay
  • Google Pay
  • Other supported payment methods

Payment information is securely processed by our payment providers in accordance with PCI DSS security standards.

We do not store full credit or debit card details on our own servers.

6. Sharing Your Information

We may share your personal data with trusted third parties, including:

  • Payment processors
  • Delivery and courier services
  • IT and technical support providers
  • Professional advisers
  • Authorities where required by law

We only share the information necessary to provide our services.

7. International Data Transfers

Some service providers may process data outside the United Kingdom or European Economic Area.

Where this happens, we ensure appropriate safeguards are in place, including approved contractual protections and recognised legal transfer mechanisms.

8. Data Retention

We retain personal data only for as long as necessary:

  • Order and financial records are retained for up to 6 years for legal and tax purposes
  • Marketing information is retained until you unsubscribe
  • Account information is retained until you request deletion

9. Your Rights

Under data protection law, you have the right to:

  • Access your personal data
  • Correct inaccurate information
  • Request deletion of your data
  • Restrict processing
  • Object to processing
  • Request data portability
  • Withdraw consent at any time

To exercise your rights, please contact info@abyhair.co.uk.

10. Cookies

We use cookies to:

  • Ensure website functionality
  • Remember items in your cart
  • Analyse site performance
  • Provide relevant advertising

Essential cookies are necessary for the website to function. Non essential cookies are only used with your consent.

You can manage cookie settings through your browser preferences.

11. Security

We implement appropriate technical and organisational measures to protect your personal data, including secure encryption and restricted access controls.

While we take reasonable steps to safeguard your information, no online system is completely secure.

12. Children

Our website is not intended for children under the age of 13. We do not knowingly collect personal data from children.

13. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated revision date.

14. Contact Us

If you have any questions about this Privacy Policy or how your information is handled, please contact:

Email: info@abyhair.co.uk