Privacy Policy
1. Introduction
At London Lost and Found (accessible via londonlostandfound.com), we are committed to safeguarding your personal information. This Privacy Policy outlines how we collect, use, disclose, and protect your data in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). We place your privacy and the security of your personal data at the forefront of our operations.
2. Scope of the Policy and Role as Data Controller
This Privacy Policy applies to all personal data processed by London Lost and Found through our website and related services. For purposes of data protection law, London Lost and Found is the data controller of any personal information submitted through londonlostandfound.com. This includes data collected during your interactions, whether browsing the website, creating an account, engaging with our customer support, or making use of our lost and found services.
3. Categories of Data We Process
We may collect and process the following categories of personal data:
a) Usage Data
Includes information about your visit to londonlostandfound.com including IP address, browser type and version, operating system, referral source, page views, and browsing paths.
b) Account Data
Includes first and last name, postal address, email address, phone number, login credentials, and any other identifiers used to create or manage your online account.
c) Profile Data
Includes demographic details, product or service preferences, user behavior patterns, purchase history, and interaction with features on the website.
d) Communication Data
Includes any communications you send to us such as support queries, feedback, service inquiries, and associated metadata such as timestamps and method of contact.
e) Technical Data
Includes device model, device identifier, timezone setting, mobile network information, browser plug-in types and versions, and system configuration data.
f) Transaction Data
Includes payment information (processed through secure third-party platforms), billing invoices, service delivery status, and transactional correspondence.
g) Preference Data
Includes your marketing preferences, opt-in/opt-out consents, saved settings, interests in specific products or services, and other user experience preferences.
4. Legal Bases for Processing
We rely on the following lawful bases to process your personal data:
– Consent: Where you have provided specific and informed consent for certain activities such as receiving marketing communications.
– Contract: Where processing is necessary to fulfill our contractual obligations to you or to take steps at your request prior to entering into a contract.
– Legal Obligation: Where processing is necessary for compliance with a legal obligation.
– Legitimate Interests: Where processing is necessary for our legitimate business interests, such as improving our website, services, and customer experience, provided that such interests are not overridden by your rights and freedoms.
5. Your Data Protection Rights
Subject to applicable data protection laws, you have the following rights in relation to your personal data:
– Right of Access – to obtain confirmation about whether we process your data and to request a copy.
– Right to Rectification – to request that incomplete or inaccurate data be corrected.
– Right to Erasure – to request deletion of your data where there is no lawful reason to continue processing.
– Right to Restriction – to limit the processing of your personal data under certain conditions.
– Right to Data Portability – to receive your personal data in a structured, commonly used, and machine-readable format and to transmit it to another controller without hindrance.
– Right to Object – in circumstances where we rely on legitimate interests or consent, you may object to our use of your data.
– Right to Withdraw Consent – where processing is based on your consent, you may withdraw it at any time without affecting the lawfulness of prior processing.
Requests to exercise these rights can be directed to: [email protected].
6. Security Measures
We employ a comprehensive set of technical and organizational security measures to protect your personal data against unauthorized access, loss, misuse, alteration, or destruction. These include but are not limited to:
– Data encryption at rest and in transit
– Role-based access controls and authentication protocols
– Firewalls and intrusion detection systems
– Regular system monitoring and security audits
– Secure data backups and disaster recovery mechanisms
– Staff training and confidentiality agreements
7. International Data Transfers
Where personal data is transferred to countries outside the United Kingdom or European Economic Area that do not offer an equivalent level of data protection, we implement appropriate safeguards. These may include Standard Contractual Clauses (SCCs) or reliance on adequacy decisions where applicable. We ensure that your privacy rights continue to be protected under such framework even in international jurisdictions.
8. Data Retention
We retain personal data based on necessity and legal compliance. Specific retention periods include:
– Account Data: retained for the duration of your active account and up to 6 years after closure for legitimate business or legal purposes.
– Communication Data: retained for up to 3 years for query tracking and dispute resolution.
– Transaction Data: retained for 7 years to comply with accounting and tax regulations.
– Preference and Marketing Data: retained until you withdraw your consent or instruct us to delete this data.
Upon expiry of the retention period or valid erase request, data is securely deleted or anonymized.
9. Cookie Policy
London Lost and Found uses cookies and similar technologies to personalize content, analyze traffic, and improve user experience. Categories of cookies used include:
– Essential Cookies: Necessary for website functionality such as account login, session validation, and security protocols.
– Functional Cookies: Enable enhanced features like remembering your preferences or saved searches.
– Analytical Cookies: Collect aggregated data to help us understand how the website is used.
– Performance Cookies: Help monitor load times, user pathways, and technical performance of the site features.
10. Cookie Management and GDPR/CCPA Compliance
When you visit londonlostandfound.com, you are presented with a cookie consent banner. You may choose to accept, reject, or adjust your preferences regarding non-essential cookies. We honor do-not-track signals and provide mechanisms for users to manage cookie preferences at any time.
Under CCPA, California residents can opt out of the “sale” of their personal information, which we do not conduct. Users can manage their cookie preferences through their browser or by clicking the “Cookie Settings” link on our website.
11. Children’s Privacy
Our website and services are not directed toward children under the age of 13. We do not knowingly collect personal data from individuals under this age. If we are made aware that we have unknowingly collected data from a child, we will take immediate steps to delete such information from our records.
12. Policy Updates
We reserve the right to update this Privacy Policy at our discretion. Any material changes that affect your rights or the way we process your data will be communicated prominently on our website or through direct notification where required by law. Continued use of londonlostandfound.com following such updates indicates your acknowledgment of the changes.
13. Contact Us
For any questions, concerns, or requests regarding this Privacy Policy or how your data is handled, please contact:
Email: [email protected]
Website: https://londonlostandfound.com
We are committed to compliance with GDPR, CCPA, and all applicable privacy regulations. Please do not hesitate to contact us if you have any privacy-related concerns.