Privacy Policy

This privacy policy tells you what to expect when we collect and process your personal data, the rights that are available to you and how you can exercise them.

Table of Contents

Who we are

Our website address is

What we do with your data

We will never sell your personal data for any reason, though sometimes it will be necessary to transfer your data to a third party to be processed. Your data is processed for certain specific reasons:

Essential data

To create an online account so you can manage and download your orders, we generate a unique identifier and use your email address as a username.

So that we can get in touch with you about your order, we need to know your name, email address, phone number and any messages you have sent through your online account.

On the order form, we require every information we ask for. If we ask for your country, This is because we are required to know the country in which you are downloading your order for VAT purposes.

To process your order properly, we also need to keep details about the work you are asking us to complete as well as any files you have uploaded to your order. You should try to remove all personal data from anything you upload, but we will do our best to anonymise it. Sometimes, when a file is too large to upload to our database, we will ask you to use a service called WeTransfer to send it to us. These files remain on WeTransfer’s servers for 28 days, after which they are automatically deleted. You can read WeTransfer’s privacy policy here.


If you have explicitly consented to receive direct marketing from us, or if you have ordered from us in the past, we will sometimes use your name and email address to send you offers and promotions about the services we provide. We do this using a service called Mailchimp. You can read Mailchimp’s privacy policy here.

Similarly, we might also use your name and phone number to text you about offers and promotions that we are currently running. We do this using a service called Esendex. You can read Esendex’s privacy policy here.

We will only ever call you about an existing service you have asked us to provide or to talk about something important related to your account.


After we have completed your order, we pass your name, email address, order number and localisation data, to any company in partnership with us for review purposes, which will provide an independent product review service. They will then email you, asking for feedback on your order.

Sometimes we use a service called Survey Monkey to administer surveys so that we can gather feedback from our customers and improve the services we provide. Survey Monkey will use your IP address to log responses to surveys so that we know how many people have completed them. In order to encourage people to provide feedback, we might offer a prize draw for respondents. If so, we will ask for an email address to be provided in the survey, but this is entirely optional and is only used to contact the winner of the prize. You can read Survey Monkey’s privacy policy here.

Other purposes

Sometimes, we offer coupons to individual customers for use with future orders. To ensure only the intended recipient of the coupon can use it, we store their email address alongside the coupon details. These addresses are not used for anything other than the administration of coupons.

When you place an order, our system stores your IP address. This address is used to work out your time zone so that we can call you during hours that are convenient for you. It is also used to identify when a customer is using multiple accounts to place their orders.

For payments over a certain amount, we ask for documents to prove you are the registered account holder. This is so that we can prevent fraudulent transactions, such as people paying with stolen card details.

In order to establish the facts in case of a legal dispute, we archive anything that might be relevant to the negotiation or performance of a contract (for example, messages or order instructions). Access to this archived data is strictly controlled so that only a few privileged employees can see it, and it is only ever used for the specific purpose of supporting a legal case.


Our websites set cookies in your browser to improve your experience and to make everything run smoothly. For more information, please read our cookie policy.

Your rights

By law, you have a number of rights available to you when you give us your personal data. You can ask for access to any of your personal data that we hold; you can ask us to correct any inaccuracies in your personal data; you can ask us to delete your personal data where there is no longer any good reason for us to have it; you can object to the processing of your data in some cases; and, where you have given consent, you are able to withdraw that consent at any time. Under certain circumstances, such as if the data is material to legal proceedings, you can also ask us to temporarily stop processing your personal data. Where your data is automatically processed, you can also ask for a copy of your data in a machine-readable format.

If you would like to exercise any of your rights listed above, please send your request to our data protection officer at After we have received proof of your identity, we will respond to your request within one calendar month.


When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: After approval of your comment, your profile picture is visible to the public in the context of your comment.

How we keep your data safe

Security measures

We use a variety of technical and organizational measures to make sure your personal data is stored and transmitted securely. For example, we make diligent use of encryption whenever personal data is being transmitted to a third party and we make regular backups in case the original copy of your data is lost, so you can rest assured that your personal data is secure and protected.

If you communicate with us by email over the Internet, you should be aware that the nature of the Internet is such that unencrypted communication may not be secure and may pass through several different countries en route to us. Please do not email us with confidential or sensitive information such as your credit card details. We cannot accept responsibility for unauthorised access to your information that is outside our control.

Data retention policy

We only hold on to your data for as long as we need it to fulfil one of the purposes it was originally collected for, such as to provide a service, to gather feedback or to comply with a legal obligation. This means that retention policies for your data can differ considerably depending on the context and the way it is used. When deciding on a retention policy for any type of data, we use the following criteria:

  • How long is the data needed for? – For example, if you have not logged in to your account for several years, we will try to remove you from our mailing lists.
  • What did we say we would do with the data when we collected it? – If the purposes for which we originally collected the data are no longer relevant, there is no need to keep it.
  • Do we have a legal obligation to keep the data? – For example, financial information needs to be kept for a minimum amount of time for tax reasons.
  • Does holding the data carry an inherent risk? – In the unlikely event of a data breach, we want to ensure that nothing sensitive is stolen. We will therefore have reduced retention periods for data we consider to be sensitive.

However, in general, we securely archive most of your account data after five years of inactivity (see ‘Other purposes’ above) and then permanently delete all of your personal data after six years of inactivity.

Who we share your data with

If you request a password reset, your IP address will be included in the reset email.

Transfers to countries outside the EU

Some of the third parties we use to process your data are based in countries which do not have the same standard of data protection laws that EU citizens enjoy. In these cases, we have made sure there are safeguards in place to protect your rights and interests. For example, Survey Monkey and Mailchimp are both located in the United States, but we have made sure that they both comply with the EU-U.S. Privacy Shield Framework, which guarantees the same level of protection.


If you are 13 or under, you must have permission from a parent or guardian before you give us your personal information. If we find that we have received information from you without the appropriate consent, we reserve the right to cancel all transactions and services and remove all personal data that you have supplied. You will be able to re-submit the information when you have the required permission.

Links to other websites

Our websites may contain links to external third-party websites. We are not responsible for the privacy and security of these websites unless they belong to E-Legal Online. This privacy policy applies only to E-Legal Online.

Ready to get started?

About Us >>

Donate now >>