Outbox Storage Ltd. Privacy Policy

Last Updated: [24 October 2025]

1. Introduction
Outbox Storage Ltd. ("we", "us", "our") is committed to protecting and respecting your privacy.

This policy explains what personal data we collect from you, or that you provide to us, and how it will be processed. As the "data controller" for the purposes of the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, we are responsible for your personal data.

Our registered details are:

Company Name: Outbox Storage Ltd.
Company Number: 10864279
Registered Address: First Floor, 85 Great Portland Street, London W1W 7LT
Data Protection Contact: sales@outbox.co.uk

2. What Personal Data We Collect

We may collect and process the following data about you:

Identity Data: Includes first name and last name.
Contact Data: Includes billing address, delivery address, email address, and telephone numbers.
Transaction Data: Includes details about payments to and from you, your reservation fee, and details of products you have purchased from us.
Financial Data: We do not store your full payment card details. These are collected and processed securely by our third-party payment processors (e.g., Stripe, PayPal).
Technical Data: Includes your Internet Protocol (IP) address, browser type and version, time zone setting and location, and other technology on the devices you use to access our website.
Usage Data: Includes information about how you use our website and services (e.g., browsing patterns).
Marketing and Communications Data: Includes your preferences in receiving marketing from us and your communication preferences.

3. How We Use Your Personal Data (and our Lawful Basis)

We will only use your personal data when the law allows us to. Most commonly, we will use your data in the following circumstances:

Purpose / Activity

Type of Data

Lawful Basis for Processing

To process your Reservation Fee and manage your place in the queue.

Identity, Contact, Transaction

To perform our Contract with you.

To process and deliver your final Product Order.

Identity, Contact, Transaction, Financial

To perform our Contract with you.

To manage our relationship with you (e.g., sending service emails, responding to enquiries).

Identity, Contact, Communications

Legitimate Interest (to provide good customer service).

To send you marketing communications (e.g., newsletters, new product updates) that you have opted-in to receive.

Identity, Contact, Marketing

Consent. You can withdraw this at any time.

To improve our website, products, and marketing.

Technical, Usage

Legitimate Interest (to run and improve our business).

To comply with our legal or regulatory obligations.

Identity, Contact, Transaction

Legal Obligation (e.g., for tax and accounting).

4. Who We Share Your Data With

We do not sell your personal data. We may share your data with trusted third-party service providers ("data processors") who act on our behalf, such as:

Payment Processors: To securely process your payments (e.g., Stripe, PayPal).
Delivery & Logistics Partners: To deliver your product (e.g., Royal Mail, DPD, or a freight partner).
Marketing Platforms: To manage our email communications.
IT & Website Providers: Our web hosts and analytics providers (e.g., Google Analytics) who help us run our website.
Professional Advisors: Our lawyers, accountants, and insurers.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law.

5. International Data Transfers

Some of our external third-party providers (e.g., Google, Mailchimp) are based outside the United Kingdom (UK). This means your data may be transferred outside the UK.

When we do this, we ensure a similar degree of protection is afforded to it by using specific safeguards approved by UK authorities, such as the UK's "Adequacy Regulations" or "Standard Contractual Clauses."

6. Data Security

We have put in place appropriate technical and organisational security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorised way. This includes using Secure Sockets Layer (SSL) encryption for data transmitted to our website.

However, no method of transmission over the Internet is 100% secure. While we do our best to protect your data, we cannot guarantee its absolute security.

7. Data Retention

We will only keep your personal data for as long as is necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.1

By law, we must keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for six years after they cease being customers for tax purposes.
If you pay a Reservation Fee but cancel or do not proceed to order, we will retain your data for a shorter period, in line with our legal and customer service needs.
Data used only for marketing will be kept until you withdraw your consent.

8. Your Data Protection Rights

Under UK data protection law, you have several rights in relation to your personal data:

Right of Access: You can request a copy of the personal data we hold about you.
Right to Rectification: You can ask us to correct any inaccurate or incomplete data.
Right to Erasure: You can ask us to delete your personal data (the "right to be forgotten") where there is no good reason for us to continue processing it.
Right to Restrict Processing: You can ask us to suspend the processing of your data in certain scenarios.
Right to Data Portability: You can ask us to transfer your data to you or to a third party in a machine-readable format.
Right to Object: You can object to us processing your data (e.g., for direct marketing).
Right to Withdraw Consent: Where we rely on consent (e.g., for marketing), you can withdraw it at any time.

To exercise any of these rights, please contact us at sales@outbox.co.uk].

9. Cookies

Our website uses cookies to distinguish you from other users. Cookies are small files stored on your browser or device that help our site work and provide us with information about how users interact with our site.

Essential Functionality: (e.g., remembering what's in your basket).
Performance & Analytics: (e.g., helping us see which pages are popular).
Marketing: (e.g., showing you relevant adverts).

When you first visit our site, you will be shown a cookie banner asking for your consent for non-essential cookies. You can manage your preferences at any time. [Optional: For full details, please see our Cookie Policy at [TBC]].

10. How to Complain

We hope to resolve any query or concern you raise about our use of your information. Please contact us first at [sales@outbox.co.uk].

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK's supervisory authority for data protection issues.

Website: www.ico.org.uk
Helpline: 0303 123 1113

11. Changes to This Policy

This policy is subject to ongoing review in order to ensure we remain compliant with GDPR and maintain the security of your personal data. We reserve the right to update or amend this policy. Any substantial changes to the policy will be notified to you in writing.

12. Breaches of this policy

If you consider that there has been a breach of your rights under GDPR you should raise the matter with our Nominated Directors.
Any breach of the GDPR which is likely to result in a high risk to the rights and freedoms of you as an individual or any of our clients/contacts will be reported to the Information Commissioners Office (ICO) without undue delay and where feasible within 72 hours of us becoming aware of the suspected breach. For example, if a breach may result in discrimination against an individual or a loss of confidentiality this should be reported to the Nominated Directors who will then notify the ICO as appropriate.