Privacy Policy

1. Introduction

Welcome to Don't Forget a Card, a service provided by Future Mill Limited ("we", "us", or "our"). We are committed to protecting the privacy and security of your personal information.

This Privacy Policy explains how we collect, use, and protect your personal data when you visit our website or use our web application (the "Service"), and tells you about your privacy rights and how the law protects you.

This policy is designed to be compliant with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. Who We Are

For the purposes of data protection laws, the Data Controller is:

  • Company Name: Future Mill Limited
  • Company Number: 08329410
  • Registered Address: 13 Fonthill Road, London N4 3HY, UK
  • Email Address: hello@dontforgetacard.com

3. The Data We Collect

We may collect, use, store, and transfer different kinds of personal data about you, which we have grouped together as follows:

  • Identity Data: First name, last name, username, or similar identifier.
  • Contact Data: Billing address, email address, and telephone numbers.
  • User Content (Contacts & Dates): We store the data you input regarding your personal contacts, including their names and the specific dates associated with them (such as anniversaries and birthdays). We process this data solely to provide the reminder service to you.
  • Financial Data: Payment card details are processed by our third-party payment processor and are not stored directly on our servers.
  • Technical Data: Internet Protocol (IP) address, your login data, browser type and version, time zone setting, and operating system.
  • Usage Data: Information about how you use our website and services.
  • Marketing and Communications Data: Your preferences in receiving marketing from us and your communication preferences.

We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data).

4. How We Use Your Data

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

A. Performance of a Contract

To register you as a new customer, process your orders, and manage your account. Crucially, we use the User Content (contacts and anniversaries) you provide to fulfill our core service: reminding you of upcoming events.

Legal Basis: Necessary for the performance of a contract.

B. Legitimate Interests

To manage our relationship with you, improve our website/products, and detect fraud.

Legal Basis: Necessary for our legitimate interests (to keep our records updated and to study how customers use our products/services).

C. Legal Obligation

To comply with a legal or regulatory obligation (e.g., tax reporting).

D. Consent

Generally, we do not rely on consent as a legal basis for processing your personal data other than in relation to sending third-party direct marketing communications to you via email or text message. You have the right to withdraw consent to marketing at any time by contacting us.

5. Sharing Your Data

We use trusted third-party service providers ("subprocessors") to help us provide our Service. We may share your personal data with:

  • Service Providers: Companies that provide IT and system administration services, hosting, email delivery, and monitoring.
  • Professional Advisers: Lawyers, bankers, auditors, and insurers.
  • Regulators: HM Revenue & Customs and other authorities.
  • Payment Processors: For the purpose of processing payments.

For a complete and up-to-date list of the specific third-party service providers we use to process your data, please refer to our Subprocessors List.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes.

6. International Transfers

Some of our external third parties (like cloud hosting providers) may be based outside the United Kingdom (UK). Whenever we transfer your personal data out of the UK, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

  • We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data.
  • Where we use certain service providers, we may use specific contracts approved for use in the UK which give personal data the same protection it has in the UK (such as the IDTA or Standard Contractual Clauses).

7. Data Security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorized way, altered, or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors, and other third parties who have a business need to know.

8. Data Retention

We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

9. Your Legal Rights

Under certain circumstances, you have rights under data protection laws in relation to your personal data, including the right to:

  • Request access to your personal data (commonly known as a "data subject access request").
  • Request correction of the personal data that we hold about you.
  • Request erasure of your personal data (the "right to be forgotten").
  • Object to processing of your personal data.
  • Request restriction of processing of your personal data.
  • Request the transfer of your personal data to you or to a third party.
  • Withdraw consent at any time where we are relying on consent to process your personal data.

If you wish to exercise any of the rights set out above, please contact us at hello@dontforgetacard.com.

10. Cookies

Our website uses cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and also allows us to improve our site. For detailed information on the cookies we use and the purposes for which we use them, see our Cookie Policy.

11. Contact and Complaints

If you have any questions about this privacy policy or our privacy practices, please contact us via email at hello@dontforgetacard.com.

You have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO, so please contact us in the first instance.

Last Updated: 16 January 2026