Privacy Policy

Just like you, the EXECUTIVE SPAS LTD team shops online for personal and business products, providing our data so that those transactions can be properly fulfilled and signing up to marketing initiatives so we can be kept up-to-date about new products and offers. We don’t want our data to be misused so we promise to not misuse yours either.

For all our services, the data controller, responsible for your data privacy, is EXECUTIVE SPAS LTD Limited (registration 7910951, registered in England). Our contact details are:

Registered Address: The Stables Back Lane, Eaton, Congleton, United kingdom, CW12 2NL

  • Phone: 01260 223 722
  • E-mail: info@executivespas.co.uk

If you have any questions about how we protect your privacy and use your data, please contact us in any of the above ways or via the contact form on our website.

We may change our Privacy Policy from time to time, to reflect changes in how we process your data. 


  1. Our Lawful Basis for Processing Your Data
  2. Using Your Data
  3. Sharing Your Data
  4. Marketing
  5. Keeping Your Data
  6. Your Rights
  7. Cookies


Under the new General Data Protection Regulations, we have two lawful bases to process your data:

For operational purposes (ie to fulfil your orders), we have a contractual lawful basis to process your data. For example, we cannot send you your order and therefore complete our contract of sale if we cannot process your name and address details.

For the purposes of marketing (eg e-mail, SMS and direct mail), we have a consensual lawful basis to process your data.  You can opt in and out of specific marketing initiatives, you are in charge, providing and removing your consent when you wish.



This includes your name, billing address, delivery address, phone number, IP address and e-mail address. We do not gather sensitive or special category data such as your date of birth, ethnicity or gender. 



To deliver your purchases to you

We have to use your details to fulfil our contract of sale with you – we can’t send you your order if we don’t have your name and delivery address

To send your electronic gift vouchers

We have to use your e-mail address if someone buys you a gift voucher, so we can e-mail you the gift voucher

To send you service messages

We have to use your details to fulfil our contract of sale with you – we can’t let you know that your order has been dispatched or provide tracking numbers if we can’t e-mail or send you an SMS

To detect and prevent fraud

To detect and prevent fraud against EXECUTIVE SPAS LTD™ and yourself, for example we will match the location of your IP address to your billing and delivery address which helps us determine if a card may be stolen

To send you information about new products & services or special offers

We only do this when you opt in, providing us with consent. You can remove consent at any time. Please see section 4 Marketing below

To display EXECUTIVE SPAS LTD™ adverts as you surf the web

This lets you see information about new products & services or special offers. We only do this if you have cookies enabled on your browser so you can stop this by clearing your browser cookies

To send you automated basket abandonment e-mails

If you input your e-mail address at the checkout but fail to complete a purchase, we will automatically email you with a link that allows you to easily complete the purchase if you wish. These e-mails will stop after 24 hours



This includes e-mails you have sent us, messages sent through our online contact form and messages on social media (eg Twitter and Instagram). We do not currently record phone calls. We keep e-mails for six months. We are unable to delete social media messages as these are kept by those respective platforms.



To provide customer service and support 

We need to answer your enquiries and we need to communicate with you if there is an issue with an order

To train staff

We need to use enquiries to train our staff so they can provide a great service to you in the future



When you input payment details on our website, that section of the website is fully encrypted and operated by our payment processor, Paypal, who hold all the necessary SSL security certificates to keep your payment details secure. 

EXECUTIVE SPAS LTD™ does not collect or see payment data such as your specific card details. However, we are able to see some transaction data on our Paypal account (eg whether you input a correct 3D secure password or not). This transaction data is only used to review for fraud reviews.



To assess whether payment has successfully been taken for an order

We need to verify with Paypal, that payment has been made, so that a contract of sale exists and we can then dispatch your order

To provide refunds where necessary

We have to find your transaction details on our Paypal account and use these to request a refund to be made

To detect and prevent fraud using Paypal’s fraud management system

We need to use this to detect and prevent fraud against EXECUTIVE SPAS LTD™ and yourself

To verify a delivery address where payment is placed through a Paypal account, rather than by card

Where payment is made through a Paypal account, Paypal will provide your verified delivery address on that account, helping us to reduce fraud and ensure your order is dispatched to the correct address



If you decide to hold an account with us, you can view your order history within this account. If you create a wishlist, you can view saved items which you can also e-mail to someone else. If you put items into a basket, but are not ready to pay for those items, you can save the basket for later.



To help you complete an order

It’s much easier, faster and more practical for you to complete an order at a later date if you’ve saved items and baskets

To provide customer service & support

If you have a question about a previous order, you may wish to see the order details in your order


history, and we will need to view your order history to follow-up your enquiry

If you have trouble completing a transaction, we will need to view the order details to help you

To complete returns

We have to view your order history to complete a return and fulfil our contract of sale with you – we can’t refund an item on an order if we can’t view that order

To help you save items of interest for a later date

It’s much easier, faster and more practical for you to be able to save items of interest so that you can come back to purchase them when you are ready. You may want to e-mail your saved items/wish-list to friends and family for a birthday or maybe even Santa!

To detect and prevent fraud

Reviewing your order history is one way that EXECUTIVE SPAS LTD™ can help detect and prevent fraud



We cannot use your device (eg mobile, tablet, desktop) and browser data (eg the browser used, the version of that browser) to specifically identify you but we use Google Analytics to review the devices and browsers which our website visitors collectively use.



To collectively review which browsers and devices our customers use to view our online store

To help develop our online store to provide a better shopping experience – we need the store to work well on the most popular browsers and devices

To collectively review who our visitors are - if you have enabled cookies on your browser, Google Analytics collects and reviews the geo-location, demographics and interests that it believes you have, based upon your browser cookies and surfing habits

To help us to understand our visitors better so we can provide a better online store and shopping experience



We do not sell any information or data to any third party ever. However, we do share your information with the following companies, who process elements of your data, often in order to fulfil our services and contract with you, to meet our legal obligations or to provide marketing services to where you have explicitly consented to this.

  • Our courier, The Royal Mail (and their service providers abroad where an order is delivered outside the UK), for example:

    • To generate a delivery label for your parcel
    • To generate export documentation for your parcel, if it is being delivered outside the EU
    • To inform Customs authorities about details of the package where this is required outside the EU
    • To communicate about missing and late parcels o To investigate and make compensation claims for missing and late parcels
    • To send you marketing mail where you have specifically consented to this 
  • Our web development agency, Visualsoft, who host our website, provide the Content Management System which holds your data, provide development and support services. The Content Management System is password protected and has two factor login authentication. It does not store any payment details. In relation to providing us with support, Visualsoft may need to test the system using your data, review your order etc
  • Our payment merchant, Paypal, who provide the payment gateway on our website. You input your payment details into their payment gateway and they encrypt this so nobody else, including us, can see it. You may have a Paypal account which you use to make a payment. Paypal are provided with details of your order, such as the value and currency, so the transaction can be completed.
  • eBay, where you place an order through our eBay store. We provide eBay with delivery details such as your tracking number so that we can fulfil eBay’s requirements and our contract of sale.
  • Google Analytics, whose code is embedded on our website, so we can review how visitors with enabled cookies on their browser use the website, allowing us to improve it. The code also helps us to identify which marketing initiatives generate our sales. The retention period for data sent to Google Analytics that is associated with cookies and advertising identifiers is retained for 38 months and then automatically deleted. We are unable to identify specific individuals from the cookie data and advertising identifiers, it is collective data.
  • Our advertising partners (eg Google, Bing, AdRoll) who may show you EXECUTIVE SPAS LTD™ adverts after you have left the website.
  • Our marketing provider, Mailchimp. Only if you have given prior consent (see section 4 Marketing), we transfer to them, the data which is necessary to send you our e-mail newsletters. Mailchimp is based in the USA and therefore, when we transfer data from our website system to Mailchimp, we are transferring the data outside of the EU. Mailchimp is compliant with the GDPR regulations, EU-US Privacy Shield and SwissUS Privacy Shield Regimes in order to lawfully transfer EU personal data to the USA.
  • Our SMS marketing provider, Text Marketer. Only if you have given prior consent (see section 4 Marketing), we transfer to them, the data which is necessary to send you our SMS marketing messages.
  • Law enforcement agencies, if and where we are required to do so by law.


Under the GDPR regulations, we have a consensual lawful basis to process your data for marketing purposes. 

If you have consented to us doing so, we will send you direct marketing messages to keep you aware of our new products, special offers, exclusive deals and developments at EXECUTIVE SPAS LTD™.

You can select which methods you consent to, whether that be by e-mail, SMS text, mail or a combination of all these. You can also select which type of e-mail newsletters you receive, so you receive only those of interest to you. It is entirely your choice, you do not have to consent to anything.

You can change your consent to direct marketing preferences at any time, in the following ways:

  •        Within your account
  •        By unsubscribing on e-mails
  •        By contacting us via e-mail, phone, online website contact form or by post

We will update your details within 7 days, although unsubscribing on an e-mail takes immediate effect.

Ending marketing messages will not affect communications necessary to fulfil a contract of sale with you, so you will still receive communications in relation to orders you place because under GDPR, we have a contractual lawful basis to process your data. Your consent is only necessary for marketing communications where under GDPR, we have a consensual lawful basis to process your data.


We will hold your data for as long as you hold your account with us, or as long as is required to be able to provide our services and support to you. 

You have the right to request that we delete your data (see section 6 Your Rights). However, we may keep hold of your data as required, even after you close an account or it is nolonger necessary to provide services to you, in order to meet legal or regulatory requirements. For example, under VAT legislation, we need to keep your order information for 6 years.

Communication e-mails and messages are kept for 6 months and then deleted.

We will continue to provide marketing services using your data for as long as you provide consent to this. You can remove your consent at any time as detailed in section 4 Marketing.

Data sent to Google Analytics that is associated with cookies and advertising identifiers is retained for 38 months and then automatically deleted.


Your rights in relation to your personal information are as follows:



The right of access – you have the right to know what data is being processed and how

This Privacy Policy details how your data is used

The right to access the information we hold about you

Please contact us via e-mail, phone, online contact form or by post to access the information we hold

The right to rectification – you may request us to correct inaccurate data
or complete incomplete data

Please use your account or contact us via e-mail, phone, online contact form or by post to correct any inaccurate information

The right to be forgotten – you may request us to delete your data without undue delay

Please contact us via e-mail, phone, online contact form or by post to have your data deleted. Once deleted, we can nolonger process or collect it

The right to stop direct marketing messages

You can change your marketing preferences, at any time within your account, by unsubscribing to emails, replying STOP to SMS messages or by contacting us

The right to portability – you may request us to transfer your data to another organization

Please contact us via e-mail, phone, online contact form or by post to transfer elements of your data

The right to complain to your data protection regulator

Within the UK, you can complain to the Information Commissioner’s Office but we would ask that you contact us first so we can try to resolve any issues