Close this search box.

Privacy Policy

Table of Contents


HIFICRITIC is a data controller under the General Data Protection Regulation (GDPR). Here is our Privacy Policy with regards to that regulation, including our processing of cookies.

What data we hold and how it is processed

We do not hold any sensitive personal data.


We have contractual arrangements with third parties for the processing of our data for our own business purposes. We do not share any personal data for use by any third parties for their own purposes unrelated to our data processing.


HIFICRITIC personal data is stored in the United Kingdom or other ‘adequate’ countries as defined by UK law.


Our website is not connected to any analytics services. We do not collect individual IP addresses for direct targeting of sales, marketing or advertising activities. We do not do profiling or automatic decision making with your personal data.


When you click on social media icons or other external hyperlinks, your interactions with those external websites regarding personal data are no longer covered under HIFICRITIC’s policy.

Contact data

We receive data that you provide on contact forms on our website in order to respond to your enquiries. We store the name and email address that you provide us.

Order data

We store the names, addresses, telephone numbers and email addresses that you provide us as part of any order you place on the website.


We send the product and quantity information you provide in an order over a payment gateway to allow you to pay for your order and to receive confirmation that payment has succeeded or failed. This does not involve us in sending any personal data to the payment processor.


We share your information with delivery services for the obvious purpose of delivering your order.


We use the information you provide to communicate with you in processing your order.


We record the information in our internal systems and retain it for as long as legally required for tax and financial reporting purposes.

Blog comments

When you comment on articles on the Blog, you supply personal data that is recorded in our website’s Content Management System (CMS). When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection. 


When you leave a comment, our CMS records your name, your email address and your IP address.


Your comment will only appear after we have reviewed it (moderation), which may entail contacting you at the email address you have recorded with your comment. 


We cannot publish comments that include personal data other than the name recorded by our CMS.

Technical data

In the process of using our website, your IP address may be stored by our data processors. Their privacy policies apply.



IONOS collects IP addresses in system logs for the smooth operation of the website and email servers. You will find their terms of their data processing agreement here:



Prevention of spam from comment forms is provided by the Google. You can find the applicable policies here (Privacy Policy) and here (Terms of Service).


Payment Processing

Neither PayPal nor HIFICRITIC processes personal data on behalf of the other. PayPal does process data received from the customer for purposes of facilitating the payment in the manner determined by PayPal and on the instruction of the customer, which is detailed in their privacy statement.


This site uses only ‘essential’ or ‘necessary’ cookies, that is, only those cookies that are essential for the correct functioning of the website. We do not store non-essential tracking or marketing cookies. 

If you leave a comment on our site your name, email address and, optionally, a website address, will be stored in cookies. These are obligatory for comment moderation and last for one year. 

Accountability and data management

We are aware of the GDPR guidelines. We do not have a Data Protection Officer and are not required to under Article 37 of GDPR.


The HIFICRITIC website operates under the secure HTTPS protocol. Access to our CMS and internal systems are protected by passwords and firewall.


We will report a data breach involving personal data to the local authorities and to the people (data subjects) involved.

Your rights under GDPR

You can request to view, amend or delete personal information held in our systems by emailing us at


You can also request us to deliver your data to a third party. We endeavour to act on your instructions and confirm our actions to you within 48 hours.


We automatically delete data held in our systems that our business no longer has any use for. We review the data to identify and remove obsolete data annually.


In certain cases, IP addresses are required to be held by our data processors for legal reasons. Therefore, we may not be able to act on a request to view, amend or delete IP address records.


The Send button on the contact form on our website gives your explicit consent to our use of your personal data as described in this policy. 


Completing the payment process is your consent to use the personal data associated with your order as described in this policy. 


Pressing the “Post Comment” button on a blog comment is explicit consent to store the associated cookie (described above) and,  provided your comment passes our moderation process, to publish your comment on our site with your name as you have recorded it, but not your email.

Review and change

We regularly review policies for changes, effectiveness, changes in handling of data and changes to the state of affairs of other countries to which our data flows during data processing.


We will inform you if we make a material change to our privacy policy.


We believe that this privacy policy is clear and understandable, but please don’t hesitate to comment or request clarification by emailing


This site uses only essential cookies, as explained in the Privacy Policy.