Privacy Policy
Outbox UK (“we,” “us,” or “our”) is committed to protecting and respecting your privacy. We recognize the importance of safeguarding personal data and ensuring transparency in the way we collect, use, and store your information. This Privacy Policy outlines how we handle your personal data when you visit or use our website (outboxuk.com), in accordance with applicable data protection laws including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
1. Commitment to Privacy and Data Protection
We are dedicated to protecting the privacy of our users and maintaining the confidentiality, integrity, and availability of personal information in our care. We process personal data lawfully, fairly, and in a transparent manner. We take appropriate technical and organizational measures to ensure personal data remains secure, and we continuously strive to improve our privacy practices.
2. Scope of Policy and Role as Data Controller
This Privacy Policy applies to all users who access or interact with outboxuk.com and any services we provide through our platform. Outbox UK is the data controller in respect of personal data processed through this website. As data controller, we determine the purpose and means by which your personal data is processed in accordance with applicable law.
3. Categories of Personal Data We Process
We may collect and process the following categories of personal information:
a) Usage Data
Includes information automatically collected when you visit outboxuk.com, such as IP address, browser type and version, date and time of visit, referring URL, location, pages visited, time spent on pages, and session data.
b) Account Data
Includes data you provide when creating an account with us such as your full name, billing and shipping address, email address, and phone number.
c) Profile Data
Includes information relating to your preferences, interests, purchase history, and browsing behavior on our website.
d) Communication Data
Includes any correspondence or communication between you and us, including customer support inquiries, contact form submissions, and email history.
e) Technical Data
Includes device-specific information such as device model, operating system, unique device identifiers, system configuration, and diagnostic logging.
f) Transaction Data
Includes details of products or services you have purchased, payment information (excluding full card numbers), delivery details, and invoicing history.
g) Preference Data
Includes your selected preferences in relation to marketing consents, product notifications, newsletter subscriptions, and categories of interest.
4. Legal Bases for Processing Personal Data
We process your personal data under the following legal bases as laid out in the GDPR and related privacy laws:
– Consent: When you have given us explicit permission to process your personal data, such as signing up for our newsletter or accepting cookies.
– Contractual Necessity: Where data processing is necessary to perform our contract with you, including order processing and account management services.
– Legal Obligation: When processing is required to comply with applicable legal or regulatory obligations.
– Legitimate Interest: When processing is necessary for our legitimate interests in improving our services, preventing fraud, and communicating with you in a business-related context, and those interests do not override your fundamental rights.
5. Your Rights
Under GDPR and applicable privacy laws, you have the right to:
– Access: Request a copy of the personal data we hold about you.
– Rectification: Request correction of inaccurate or incomplete data.
– Erasure: Request the deletion of personal data in certain circumstances.
– Restriction: Request restriction of processing in limited situations.
– Portability: Request a copy of your personal data in a structured, commonly used format to transfer to another provider.
– Objection: Object to certain processing activities, especially profiling and data processed under legitimate interests or direct marketing.
– Withdraw Consent: Where processing is based on consent, you may withdraw it at any time.
To exercise any of your rights, please contact us at [email protected].
6. Security Measures
We apply robust security measures to protect your data, including but not limited to:
– End-to-end encryption of sensitive data during transmission.
– Secure storage and access controls to protect data at rest.
– Regular security audits and vulnerability assessments.
– Role-based access controls limiting staff access to only what is necessary.
– Data backups and continuity planning.
– Staff training on best practices for data protection and confidentiality.
7. International Data Transfers
Where personal data is transferred outside the UK, European Economic Area (EEA), or other jurisdictions with adequate data protection, we ensure that appropriate safeguards are in place. This includes the use of Standard Contractual Clauses (SCCs) and adherence to jurisdictional-specific requirements dictated by GDPR and the CCPA.
8. Data Retention
We retain your personal data only for as long as necessary for the purposes for which it was collected, including to satisfy legal, contractual, accounting, or reporting obligations. Specific retention periods include:
– Account and Profile Data: Retained for the duration of your account and up to 6 years post-closure.
– Transaction and Financial Records: Retained for 7 years to comply with tax and financial regulations.
– Communication Logs: Retained for 3 years for service analysis and dispute resolution.
– Cookie and Usage Data: Retained for up to 26 months, or as specified in our cookie management settings.
9. Cookie Policy
outboxuk.com uses cookies and similar tracking technologies to enhance user experience. These include:
– Essential Cookies: Required for core functionality such as security, authentication, and checkout process.
– Functional Cookies: Enable customization based on user preferences.
– Analytics Cookies: Help us understand user behavior through services like Google Analytics.
– Performance Cookies: Improve site speed and responsiveness.
Cookies may be placed by us (first-party) or third-party services on our behalf.
10. Cookie Management and Compliance
We respect users’ rights under GDPR and CCPA to manage their cookie preferences. On the first visit to outboxuk.com, you will be prompted with a cookie banner that enables you to accept or customize cookie settings. You may update your preferences at any time via the cookie settings link on our website. CCPA users may exercise their “Do Not Sell or Share My Personal Information” rights via designated mechanisms on our site.
11. Special Protections for Children
We do not knowingly collect or process personal data from children under the age of 13 without verified parental or guardian consent. If we become aware that such data has been collected, we will promptly delete it. Parents or guardians with concerns may contact us at [email protected].
12. Policy Updates
We reserve the right to amend this Privacy Policy to reflect changes in legal obligations, operational practices, or technological developments. Where substantive changes are made, we will notify users via prominent notices on the website or through direct communication, where appropriate.
13. Contact Us
If you have any questions, comments, or requests regarding this Privacy Policy or how we handle your data, please contact us at:
Email: [email protected]
Website: https://outboxuk.com
We aim to respond to all inquiries and legitimate requests without undue delay and within the applicable statutory timeframes.
—
Outbox UK is committed to upholding the highest standards of data privacy and compliance with GDPR, CCPA, and other applicable laws. For any concerns about your personal data or your rights, we encourage you to contact us at [email protected].