Privacy Policy
1. Introduction
Outbox UK (“we”, “us”, “our”) is committed to safeguarding your privacy and ensuring the protection of your personal data. We value transparency, accountability, and compliance with data protection regulations including the General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”). This Privacy Policy outlines how we collect, use, disclose, and safeguard your personal information when you visit or interact with our website, outboxuk.com.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all visitors, users, and others who access or use services provided through outboxuk.com. For the purposes of the GDPR, Outbox UK is the data controller responsible for your personal data. If you reside in California, this Policy also serves as our notice under the CCPA regarding the collection and use of your personal information.
3. Categories of Personal Data We Process
We may collect, use, store, and transfer the following categories of personal data, depending on how you interact with us:
a. Usage Data
Information about your interactions with our website, including IP address, browser type, time zone settings, referring website, page views, duration of visit, and navigation patterns.
b. Account Data
Information you provide during account registration or otherwise, including your full name, shipping and billing address, email address, and telephone number.
c. Profile Data
Information regarding preferences, interests, past purchases, browsing behavior, and feedback or survey responses.
d. Communication Data
Records of email communications, support chats or messages, and your responses in communications, including metadata such as timestamps and sender information.
e. Technical Data
Details about the device(s) you use to access outboxuk.com, including device identifiers, operating system and version, system configurations, language, and hardware settings.
f. Transaction Data
Details about the products or services you have purchased, including order history, payment confirmations, delivery status, and other related information.
g. Preference Data
Information on your marketing and communication preferences, including opt-in/opt-out selections, product interests, and consent records.
4. Legal Bases for Processing Personal Data
We collect and process your personal data under the following lawful bases:
– Consent: Where you have given express consent for specific processing purposes, such as subscribing to newsletters or agreeing to marketing communications.
– Contract: Where processing is necessary for the performance of a contract with you or to take steps at your request before entering into a contract.
– Legitimate Interest: Where processing is necessary for our legitimate interests, such as website analytics, fraud prevention, direct marketing (subject to opt-out rights), network and information security—provided that such interests are not overridden by your rights and freedoms.
– Legal Obligation: Where processing is required to comply with our legal and regulatory obligations.
5. Your Rights
Depending on your jurisdiction, you are entitled to exercise the following rights:
– Access: You may request access to your personal data, including confirmation that we process it and a copy of relevant data.
– Rectification: You have the right to request corrections to inaccurate or incomplete personal information.
– Erasure: You may request deletion of personal data where there is no lawful basis for continued processing.
– Restriction: You can request that processing of your personal data be limited under certain circumstances.
– Data Portability: You have the right to receive your personal data in a structured, commonly used format and request transmission to another controller where feasible.
To exercise any of the above rights, please contact us at [email protected]. We reserve the right to verify your identity before acting on your requests, in accordance with applicable laws.
6. Security Measures
We implement physical, technical, and organizational safeguards to protect your personal information from unauthorized access, disclosure, alteration, or destruction. These include, but are not limited to:
– Data encryption both in transit and at rest
– Role-based access control and internal authentication protocols
– Secure hosting infrastructure with regular vulnerability assessments
– Periodic employee training on privacy and information security best practices
– Routine system backups to ensure data availability and integrity
7. International Data Transfers
Information collected through outboxuk.com may be transferred to, stored, and processed in countries other than your country of residence. In such cases, we ensure appropriate safeguards are in place, including Standard Contractual Clauses adopted by the European Commission or approved transfer mechanisms under applicable data protection laws. We comply with regional data protection frameworks when transferring data cross-border.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected or in accordance with our legal obligations. Generally, we retain:
– Usage and Technical Data: 12 months
– Account and Profile Data: For as long as the account remains active, and for 6 years thereafter for audit purposes
– Communication and Support Data: 3 years from last contact
– Transaction Data: 7 years for tax and accounting compliance
– Preference Data: Until the individual withdraws consent or opts out
9. Cookie Policy
We use cookies and similar technologies to enhance your experience on outboxuk.com, analyze website performance, and deliver personalized content. The types of cookies we use include:
– Essential Cookies: Required to operate the website and enable core functionalities
– Functional Cookies: Improve usability by remembering choices and settings
– Analytics Cookies: Help us understand site usage through aggregated and anonymized statistics
– Performance Cookies: Enable us to optimize website speed and error monitoring
10. Cookie Management and Compliance
You can manage cookie settings by adjusting your browser preferences or using our on-site cookie management tool. For GDPR compliance, you may opt in or out of non-essential cookies. California residents may also exercise rights in line with CCPA by using the “Do Not Sell or Share My Personal Information” feature, where applicable.
11. Special Protections for Children
Our services are not intended for children under the age of 13, and we do not knowingly collect personal data from anyone under that age. If we become aware of such collection, we will take steps to delete the data promptly. If you are a parent or guardian and believe your child has provided us with information, please contact us at [email protected].
12. Policy Updates and User Notifications
We may update this Privacy Policy from time to time to reflect changes in legal requirements, our data practices, or enhancements to our services. Any material changes will be communicated prominently on outboxuk.com. Your continued use of our website after updates constitutes your acceptance of the revised Privacy Policy.
13. Contacting Us
If you have any questions, concerns, or requests in connection with this Privacy Policy or our handling of your personal information, please contact us at:
Email: [email protected]
We are committed to maintaining the privacy, integrity, and security of your personal data and will respond promptly to inquiries.
This Privacy Policy is designed to ensure full compliance with GDPR, CCPA, and applicable data protection frameworks. Please do not hesitate to contact us with any privacy-related concerns.