GDPR Compliance & Data Protection
At GFS Express, we are committed to protecting your privacy and ensuring compliance with the General Data Protection Regulation (GDPR). This page outlines how we collect, use, and protect your personal data.
Last Updated: September 23, 2025
Data Controller Information
Company Details
Company: GFS Express
Address: London, United Kingdom
Phone: 08443 350 530
Email: legal@gfs.co.uk
Data Protection Officer
Contact: dpo@gfs.co.uk
Role: Ensuring GDPR compliance and handling data protection queries
Response Time: Within 72 hours
What Personal Data We Collect
Shipping Services Data
- Full name and contact information
- Shipping and billing addresses
- Phone numbers and email addresses
- Package contents and descriptions
- Payment information
Website & Technical Data
- IP address and browser information
- Cookies and tracking data
- Website usage analytics
- Account registration details
- Communication preferences
How We Use Your Personal Data
Service Delivery
We use your data to provide our shipping and logistics services:
- • Processing and tracking shipments
- • Managing pickups and deliveries
- • Customs clearance and documentation
- • Customer service and support
Legal Compliance
We process data to comply with legal obligations:
- • International shipping regulations
- • Customs and border control requirements
- • Anti-money laundering checks
- • Tax and accounting obligations
Your GDPR Rights
Right of Access
Request copies of your personal data we hold
Right of Rectification
Request correction of inaccurate personal data
Right of Erasure
Request deletion of your personal data
Right to Restrict Processing
Request limitation of data processing
Right to Data Portability
Receive your data in a structured format
Right to Object
Object to processing based on legitimate interests
Right to Withdraw Consent
Withdraw consent for data processing
Right to Lodge a Complaint
File complaints with supervisory authorities
Data Security & Protection
Encryption
All data is encrypted in transit and at rest using industry-standard protocols
Access Control
Strict access controls ensure only authorized personnel can access your data
Regular Audits
Regular security audits and vulnerability assessments protect your information
Data Retention Policy
| Data Type | Retention Period | Legal Basis |
|---|---|---|
| Shipping Records | 7 years | Legal compliance |
| Customer Account Data | 5 years after last activity | Legitimate interest |
| Marketing Data | Until consent withdrawn | Consent |
| Website Analytics | 26 months | Legitimate interest |
Exercise Your Rights
Data Protection Requests
To exercise any of your GDPR rights, please contact us:
Email: dpo@gfs.co.uk
Subject Line: GDPR Data Request
Response Time: Within 30 days
What to Include
- • Your full name and contact details
- • Description of your request
- • Proof of identity (for security)
- • Relevant account or tracking numbers
- • Preferred response method
Important: We may need to verify your identity before processing certain requests. All requests are handled confidentially and in accordance with GDPR requirements.
Cookie Policy
We use cookies to enhance your browsing experience and provide personalized services. You can manage your cookie preferences below:
Essential Cookies
Required for website functionality
Analytics Cookies
Help us understand website usage
Marketing Cookies
Used for targeted advertising
Policy Updates
We may update this GDPR compliance policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any significant changes via email or website notification at least 30 days before they take effect.