Privacy & Cookie Policy
Apexx Engines
Effective Date: 27 February 2026
Apexx Engines (“we”, “us”, “our”) is committed to protecting your privacy and handling your personal data responsibly. This document explains what data we collect, why we collect it, who we share it with, and what your rights are — in plain English.
This policy covers both our Privacy Policy and our Cookie Policy in a single document, and applies to all data collected through our website (apexxengines.co.uk), our quote request form, and any communications with us. It is written in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
If you have any questions, please contact us at info@apexxengines.co.uk.
1. Who We Are & Our Role
Apexx Engines is a disclosed agent and introducer in the engine reconditioning and specialist automotive services sector. We connect customers who need engine-related work with vetted independent suppliers in our network who carry out the physical work.
- Business name: Apexx Engines
- Website: apexxengines.co.uk
- Contact: info@apexxengines.co.uk
Apexx Engines collects and uses your personal data solely to facilitate the introduction between you and a suitable supplier. We act as an intermediary and handle your data only to the extent necessary to provide this service — we do not use it for any other commercial purpose.
Suppliers in our network handle your personal data independently for the purpose of carrying out the job you have approved. We require all suppliers to comply with UK GDPR and to process your data only for that purpose.
2. What Data We Collect
2.1 Data you provide to us
When you submit a quote request, contact us, or interact with our website, we may collect:
- Name and contact details — email address and phone number
- Vehicle details — make, model, year, registration plate, mileage, fuel type, engine type, engine code, and engine configuration
- Location — town and postcode, used to assess supplier proximity and any recovery or collection logistics
- Fault description and vehicle status — symptoms, warning lights, whether the engine starts, whether the vehicle is driveable, and whether the engine has been removed
- Any additional information you voluntarily provide in the free-text fields of our form
2.2 Data collected automatically
When you visit our website we may automatically collect:
- IP address and approximate geographic location (country / region level)
- Browser type, version, and operating system
- Pages visited, time spent on each page, and navigation behaviour
- Referring website or search query that brought you to our site
This technical data is collected via cookies and third-party analytics tools. See Section 9 — Cookie Policy for full details of what is set and by whom.
2.3 Data we do not collect
- Payment card details — we never see or store your card details. Where card payments are processed (via Stripe), all data is handled by Stripe under their own security and privacy standards.
- Sensitive personal data — we do not collect information about health, religion, ethnicity, or similar. Please do not include such information in any form submission.
3. Lawful Basis for Processing
Under UK GDPR we must have a lawful basis for each type of processing. We rely on the following:
- Contractual necessity — processing your quote request and facilitating an introduction to a supplier requires us to handle your personal data. Without it, we cannot provide the service.
- Legitimate interests — we process certain data (such as website analytics, job history, and supplier performance monitoring) to improve our service and operate our business. We have assessed that this does not override your privacy rights.
- Consent — for non-essential cookies and any marketing communications, we rely on your explicit consent, which you may withdraw at any time.
- Legal obligation — we retain certain records to comply with legal, tax, and accounting obligations.
4. How We Use Your Data
We use the data you provide to:
- Assess your job requirements and identify suitable suppliers in our network based on vehicle type, service required, and location
- Share your relevant details with matched suppliers solely for the purpose of preparing a quote
- Communicate with you throughout the quote process, during the job, and for any post-job warranty or dispute queries
- Issue payment instructions — either directing you to pay the supplier by bank transfer, or facilitating payment via Stripe where applicable
- Maintain internal job records and audit trails
- Improve our platform, matching accuracy, and service quality using anonymised analytics data
We will not use your data for any purpose incompatible with the reason you provided it, without first obtaining your explicit consent.
5. Automated Processing of Enquiries
When you submit a quote request, your enquiry is automatically processed to assist our team. This includes:
- Extracting key vehicle and job details from your form submission
- Routing your enquiry to relevant suppliers based on engine type, vehicle brand, location, and service required
- Generating notifications and job summaries for our internal team
This automated processing does not make any legally significant or binding decisions about you — it is used only to speed up job matching and ensure the right information reaches the right people. A member of our team reviews all enquiries before any supplier contact is made.
6. Who We Share Your Data With
6.1 Suppliers in our network
When your enquiry is matched to one or more suppliers, we share with them:
- Your name and contact details
- Your vehicle details and description of work required
- Your location (town and postcode)
We share only what is necessary for the supplier to prepare an accurate quote. Suppliers must not use your data for any purpose other than quoting and carrying out agreed work, must keep it secure, and must comply with UK GDPR. We do not share payment details with suppliers.
6.2 Payment processors
Where payment is processed by card rather than direct bank transfer, we use Stripe as our payment processor. Stripe handles all card transactions securely and in accordance with PCI DSS standards. We do not see, receive, or store your card number, CVV, or expiry date. See Stripe’s privacy policy at stripe.com/gb/privacy.
6.3 Analytics and technology providers
We use the following third-party services which may process data about your website visit:
- Google Analytics — website traffic and behaviour analysis. Google may transfer data outside the UK under standard contractual clauses. Privacy policy
- Microsoft Clarity — session recording and heatmaps to understand how users navigate our site. No personally identifiable data is deliberately captured. Privacy policy
- CookieYes — cookie consent management. Stores your cookie preferences on your device. Privacy policy
6.4 What we do not do
- We do not sell your personal data to any third party.
- We do not share your data with advertisers or marketing agencies.
- We do not transfer your data outside the UK or EEA except where adequate safeguards are in place, as noted above.
7. Data Retention
We retain your personal data only for as long as necessary. Our standard retention periods are:
- Quote requests (not progressed) — 12 months from submission, after which they are securely deleted.
- Completed job records — 6 years from the date of job completion, in line with standard limitation periods for contractual claims under English law.
- Communications (email, messages) — 2 years unless related to an ongoing warranty claim or dispute, in which case records are retained until resolution plus 12 months.
- Payment records — 7 years as required by HMRC financial record-keeping rules.
- Website analytics data — retained by third-party providers in accordance with their own retention policies (typically 14–26 months for Google Analytics).
When retention periods expire, data is securely deleted or permanently anonymised. You may request earlier deletion subject to our legal obligations — see Section 8.
8. Your Rights Under UK GDPR
You have the following rights regarding your personal data. To exercise any of them, contact us at info@apexxengines.co.uk — we will respond within one calendar month.
- Right of Access — request a copy of the personal data we hold about you (Subject Access Request).
- Right to Rectification — ask us to correct inaccurate or incomplete data.
- Right to Erasure (‘Right to be Forgotten’) — ask us to delete your data, subject to any legal obligation to retain records.
- Right to Restrict Processing — ask us to pause processing of your data in certain circumstances.
- Right to Data Portability — request your data in a structured, machine-readable format.
- Right to Object — object to processing based on legitimate interests, including any profiling.
- Rights relating to automated decisions — you have the right not to be subject to solely automated decisions with significant legal or similar effects. As noted in Section 5, a human reviews all automated outputs before action is taken.
If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO):
- Website: ico.org.uk/make-a-complaint
- Phone: 0303 123 1113
9. Cookie Policy
9.1 What are cookies?
Cookies are small text files placed on your device by a website. They allow the site to remember information about your visit — such as your preferences or whether you have accepted cookies — and to measure how the site is used. Some cookies are essential for the site to work; others are optional and only set with your consent.
9.2 How we manage cookie consent
When you first visit apexxengines.co.uk, a cookie consent banner is displayed (managed by CookieYes). You can accept all cookies, reject all optional cookies, or customise your preferences by category. Your choices are saved so you are not asked again on every visit.
You can update your preferences at any time by clicking the cookie settings link in the footer of our website.
9.3 Cookies we use
Strictly Necessary Cookies
Always active. Required for the website to function correctly. These cannot be disabled.
| Cookie Name | Provider | Purpose | Duration |
|---|---|---|---|
| cookieyes-consent | CookieYes | Saves your cookie consent preferences | 1 year |
| PHPSESSID | WordPress | Session management | Session |
| wordpress_* | WordPress | Authentication and admin session cookies | Session |
| wp-settings-* | WordPress | Stores editor and layout preferences | 1 year |
Analytics Cookies (Optional — require your consent)
Used to understand how visitors use our website. Only set if you accept analytics cookies via the consent banner. No personally identifiable information is sent to analytics providers.
| Cookie Name | Provider | Purpose | Duration |
|---|---|---|---|
| _ga | Google Analytics | Distinguishes unique users | 2 years |
| _ga_XXXXXXXX | Google Analytics | Maintains session state | 2 years |
| _gid | Google Analytics | Distinguishes users (short-term) | 24 hours |
| _gat | Google Analytics | Throttles request rate | 1 minute |
| _clsk | Microsoft Clarity | Connects page views within a session | 1 day |
| _clck | Microsoft Clarity | Persists Clarity user ID | 1 year |
| MUID | Microsoft (Clarity) | Identifies unique browsers across sites | 1 year |
9.4 Managing cookies in your browser
You can control or delete cookies directly through your browser settings. Note that blocking strictly necessary cookies may affect how our website functions. Browser guidance:
To opt out of Google Analytics tracking specifically, you can install the Google Analytics Opt-out Browser Add-on.
10. Data Security
We take appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, alteration, or disclosure:
- Our website and internal systems are hosted on secure, maintained infrastructure
- Data is transmitted over encrypted HTTPS connections
- Access to personal data is restricted to team members who need it to carry out their role
- Third-party integrations are reviewed for compliance and security before use
- We review our data handling practices periodically
No method of internet transmission is 100% secure. If you believe your data may have been compromised, please contact us immediately at info@apexxengines.co.uk.
11. Changes to This Policy
We may update this Privacy & Cookie Policy periodically to reflect changes to our services, technology, or legal requirements. The current version will always be published at apexxengines.co.uk/privacy-policy, with the effective date shown at the top.
Where changes are material — such as a significant change to how we use your data, who we share it with, or the cookies we set — we will take reasonable steps to notify existing customers by email.
12. Contact Us
For any questions about this policy, to exercise your data rights, or to raise a privacy concern:
- Email: info@apexxengines.co.uk
- Website: apexxengines.co.uk
We aim to acknowledge all privacy-related queries within 2 working days and to respond fully within one calendar month as required by UK GDPR.
Read alongside our Customer Terms & Conditions at apexxengines.co.uk/terms-conditions
