Cookies, GDPR & Privacy


Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site. The ones used on  are described below.

Google Analytics

This is used on our site, and their cookie usage is detailed through the below link.

Google Tag Manager

This sets the "Facebook Pixel" which sets a cookie. Further info about the pixel can be found at

Nop commerce

.Nop.Antiforgery A security feature to help protect against cross-site request forgery

.Nop.Authentication System cookie to identify if the current user is logged into the website. 

.Nop.Customer Stores a unique identifier for the current visitor to track the current basket, as baskets can be populated with items even when a user is not logged in.

.Nop.RecentlyViewedProducts Stores a list of product identifiers for recently viewed products so that the website can show the current visitor their recently viewed products to improve the user experience when navigating the website.

 .Nop.Session This is used to identify you as a unique user. It expires when you close your browser and does not store personal data about you.

Spotler Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. These cookies do not store any personally identifiable information.

These specific cookies are listed upon below

These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

When a user clicks the "GOT IT" button on the cookie notice, a cookie is set to remember that fact, so that the message isn't displayed on every page. It just has a value of "dismiss".

Service locator (

This can accept a full address if the user enters one, and precise location coordinates (particularly from mobile devices), which would capture personally identifying information, this is not saved anywhere outside of the users' own browser, or used for anything other than returning the requested locations in order of distance for that and subsequent requests to the service locator, in the same session.

Other people’s cookies

We use videos from YouTube and feeds from other websites such as Facebook and Twitter. These websites place cookies on your device when watching or viewing these pages.


What is GDPR?

GDPR stands for General Data Protection Regulation and is designed to protect your valuable personal information. GDPR is the law that governs your personal data; every UK & EU company needs to abide by it and In return ECL Cares Solutions will let you know how your personal data is used.

At ECL Cares Solutions we are committed to protecting our customers data when you use our service in compliance with the Data Protection Act 2018 (DPA 18) and the General Data Protection Regulation 2016 (GDPR).

for further information on GDPR please visit:

ECL Care Solutions customers will need to provide personal details to purchase goods or services of their choosing.

ECL Care Solutions will/may use your personal data to:

Deliver goods or services to you

Manage services for you

Ensure communications are up to date with your relevant requirements.

To help research key requirements and needs from our clients

Help ensure any concerns or complaints are dealt with promply and in a timely professional manner. 

How do we protect your data?

We are committed to ensuring that your personal data is secure, whether it is a paper record or held electronically. In order to prevent unauthorised access or disclosure, we have put in place appropriate technical, physical and managerial procedures to safeguard and secure the information we collect from you.

We limit access to your personal information to those who have a genuine business need to know it. Those processing will do so only in an authorised manner and are subject to a duty of confidentiality.

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

Examples of how we keep our information secure include:

Encryption, meaning that information is hidden so that it cannot be read without special knowledge (such as a password). This is done with a secret code or what’s called a ‘cypher’. The hidden information is said to then be ‘encrypted’.

Pseudonymisation, this is where we use a different name so we can hide parts of your personal information from view.

Controlling access to systems and networks allows us to stop people who are not allowed to view your personal information from getting access to it.

Annual training for all our staff to ensure they are aware how to handle information and how and when to report when something goes wrong.

Regular testing of our technology and ways of working including keeping up to date on the latest security updates (commonly called patches).

Most our information is stored systems in the UK. There are some occasions where your information may leave the UK either in order to get to another organisation or if it’s stored in a system outside of the EU. We have additional protections on your information if it leaves the UK ranging from secure ways of transferring data to ensuring we have a robust contract in place with that third party.

Privacy Policy

The Data Protection Act 2018 requires us (Essex Cares Limited, trading as ECL) as a Data Controller to have an appropriate policy document in place relating to the processing of special category personal information and information about criminal offenses.

Personal data is any information by which a living individual can be identified. Individual identification can be by information alone or in conjunction with other information. Certain categories of personal data have additional legal protections when being processed. These categories are referred to in the legislation as “special category data” and are data concerning:


Racial or ethnic origin

Political opinions

Religious or philosophical beliefs

Trade union membership

Genetic data

Biometric data

Sex life or sexual orientation

The processing of criminal offence data also has additional legal safeguards. Criminal offence data includes information about criminal allegations, criminal offences, criminal proceedings and criminal convictions.

ECL Care Solutions will collect the following

  • Name
  • Address
  • Contact details
  • Disability if applicable for Vat exemption

ECL Care solutions will ensure data collected is only stored in a secure managed location and managed by Data controller within GDPR Law . 

The principles

The below information sets out our procedures for ensuring our compliance with the principles as detailed in Article 5 of the General Data Protection Regulation.

Principle 1: Personal data shall be processed lawfully, fairly and in a transparent manner in relation to the data subject.

We will:

ensure that personal data is only processed where a lawful basis applies, and where processing is otherwise lawful

only process personal data fairly, and will ensure that data subjects are not misled about the purposes of any processing

ensure that data subjects receive full privacy information so that any processing of personal data is transparent

Principle 2: Personal data shall be collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes.

We will:

only collect personal data for specified, explicit and legitimate purposes, and we will inform data subjects what those purposes are in a privacy notice

not use personal data for purposes that are incompatible with the purposes for which it was collected. If we do use personal data for a new purpose that is compatible, we will inform the data subject first

Principle 3: Personal data shall be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.

We will:

only collect the minimum personal data that we need for the purpose for which it is collected.

ensure that the data we collect is adequate and relevant.

Principle 4: Personal data shall be accurate and, where necessary, kept up to date.

We will:

ensure that personal data is accurate, and kept up to date where necessary.

take particular care to do this where our use of the personal data has a significant impact on individuals.

Principle 5: Personal data shall be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed.

We will:

only keep personal data in identifiable form as long as is necessary for the purposes for which it is collected, or where we have a legal obligation to do so. Once we no longer need personal data it shall be deleted or rendered permanently anonymous.

Principle 6: Personal data shall be processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.

We will:

ensure that there appropriate organisational and technical measures in place to protect personal data.

Accountability principle: The controller shall be responsible for, and be able to demonstrate compliance with these principles. Our Accounting Officer is responsible for ensuring that the department is compliant with these principles.

We will:

ensure that records are kept of all personal data processing activities, and that these are provided to the Information Commissioner on request

carry out a Data Protection Impact Assessment for any high risk personal data processing, and consult the Information Commissioner if appropriate

ensure that a Data Protection Officer is appointed to provide independent advice and monitoring of personal data handling, and that this person has access to report to the highest management level of the department

have in place internal processes to ensure that personal data is only collected, used or handled in a way that is compliant with data protection law

Our policies in regards retention and erasure of personal data

We will ensure, where special category or criminal convictions personal data is processed, that:

there is a record of that processing, and that record will set out, where possible, the envisaged time limits for erasure of the different categories of data

where we no longer require special category or criminal convictions personal data for the purpose for which it was collected, we will delete it or render it permanently anonymous

data subjects receive full privacy information about how their data will be handled, and that this will include the period for which the personal data will be stored, or if that is not possible, the criteria used to determine that period

If you have any concerns or questions about how we use your personal information, you can speak with our Data Protection Officer.

You can contact them by:

For independent advice about data protection, privacy and data sharing issues, you can contact the Information Commissioner’s Office (ICO) at: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF / Tel: 03031 231 113 (local rate). Alternatively, visit or email