0

Privacy Policy

How we protect and handle your personal information

Last updated: April 13, 2026

Drofizy Ltd ("we", "us", "our") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, process, and safeguard your personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who We Are

Drofizy Ltd is a company registered in England and Wales with company number 13874562. Our registered office is at 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ, United Kingdom. We are the data controller responsible for your personal information.

2. Information We Collect

We may collect and process the following categories of personal data:

  • Identity Data: Name, title, date of birth
  • Contact Data: Billing and delivery address, email address, telephone numbers
  • Financial Data: Bank account and payment card details (processed securely via Stripe and PayPal)
  • Transaction Data: Details about payments and products purchased
  • Technical Data: IP address, browser type, time zone, device information
  • Profile Data: Purchases, preferences, feedback, survey responses
  • Usage Data: Information about how you use our website and products
  • Marketing Data: Preferences in receiving marketing communications

3. How We Collect Your Data

We collect personal data through:

  • Direct interactions when you create an account, place an order, or contact us
  • Automated technologies such as cookies and server logs when you browse our website
  • Third parties including payment processors and analytics providers

4. Lawful Basis for Processing

We process your personal data only when we have a valid legal basis:

  • Contractual Necessity: To fulfil orders and provide services you've requested
  • Legal Obligation: To comply with tax, accounting, and consumer protection laws
  • Legitimate Interests: To improve our services, prevent fraud, and maintain security
  • Consent: For marketing communications (which you can withdraw at any time)

5. How We Use Your Information

Your personal data is used to:

  • Process and deliver your orders
  • Manage your account and provide customer support
  • Send order confirmations and delivery updates
  • Comply with legal and regulatory requirements
  • Prevent fraud and protect our business
  • Send marketing communications (with your consent)
  • Improve our website and customer experience

6. Data Sharing

We may share your personal data with:

  • Service Providers: Payment processors (Stripe, PayPal), delivery companies, IT support
  • Professional Advisers: Accountants, lawyers, insurers
  • Regulatory Bodies: HMRC, Trading Standards when legally required
  • Marketing Partners: Only with your explicit consent

We never sell your personal data to third parties.

7. International Transfers

Some of our service providers operate outside the UK. When we transfer your data internationally, we ensure appropriate safeguards are in place, including Standard Contractual Clauses approved by the UK government.

8. Data Security

We implement appropriate technical and organisational measures to protect your personal data, including:

  • SSL/TLS encryption for all website communications
  • PCI-DSS compliant payment processing (we never store full card details)
  • Regular security assessments and penetration testing
  • Staff training on data protection
  • Access controls and authentication requirements

9. Data Retention

We retain your personal data only as long as necessary:

  • Order records: 6 years (for tax and accounting purposes)
  • Marketing consent records: Until you withdraw consent
  • Account data: Until you delete your account or 3 years of inactivity
  • Website logs: 12 months

10. Your Rights

Under UK GDPR, you have the following rights:

  • Right to Access: Request copies of your personal data
  • Right to Rectification: Correct inaccurate or incomplete data
  • Right to Erasure: Request deletion of your data ("right to be forgotten")
  • Right to Restrict Processing: Limit how we use your data
  • Right to Data Portability: Receive your data in a structured format
  • Right to Object: Object to processing based on legitimate interests or direct marketing
  • Right to Withdraw Consent: Withdraw consent at any time

To exercise these rights, contact us at [email protected]. We respond within one month.

11. Cookies and Tracking

We use cookies and similar technologies to improve your browsing experience, analyse website traffic, and personalise content. For detailed information, please see our Cookie Policy.

12. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices of these websites. Please review their privacy policies before providing any personal information.

13. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated revision date. We encourage you to review this policy periodically.

14. Contact Us

If you have questions about this Privacy Policy or how we handle your personal data, please contact:

Data Protection Officer
Drofizy Ltd
71-75 Shelton Street, Covent Garden
London, WC2H 9JQ
Email: [email protected]
Phone: +44 20 7946 0958

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues.