Privacy Policy

This Privacy Policy explains how Rhondda Leaflet Drops collects, uses, and protects your personal data in accordance with UK GDPR and the Data Protection Act 2018.

Who We Are

Data Controller: Rhondda Leaflet Drops

We operate as a leaflet distribution service based in South Wales. We do not have a physical office, but we take your privacy seriously and comply fully with UK data protection law.

1. What Information We Collect

• Contact details (phone number, email) when you make an enquiry or booking
• Delivery zone details and campaign preferences
• Payment information (processed securely via Stripe — we do not store full card details)
• Cookie and usage data for analytics and marketing (with your consent)

2. Legal Basis for Processing

• Contract: To fulfil your booking or enquiry
• Consent: For marketing communications and non-essential cookies
• Legal obligation: If required by law
• Legitimate interest: To improve our services and customer experience

3. How We Use Your Data

• To manage leaflet distribution campaigns and communicate with you
• To process payments and confirm bookings
• To improve our website and services
• To send marketing updates (only if you’ve opted in)

4. Sharing Your Data

• We do not sell or rent your data
• We may share data with trusted partners (e.g. Stripe, Airtable) to deliver our services
• We may disclose data if legally required

5. Cookies and Consent

We use cookies to improve your experience and measure website performance. Non-essential cookies (e.g. analytics, marketing) are only set with your consent. You can manage or withdraw consent anytime via our cookie banner. For full details, see our Cookie Policy.

6. Data Security

We use secure systems and encrypted connections to protect your data. Access is limited to authorised personnel only.

7. Data Retention

We retain personal data only as long as necessary to provide our services or meet legal requirements. Consent logs are stored for up to 12 months.

8. Your Rights

• Access: You can request a copy of your personal data
• Correction: You can ask us to fix inaccurate data
• Deletion: You can request deletion of your data (unless we’re legally required to keep it)
• Objection: You can opt out of marketing or withdraw cookie consent
• Complaint: You can contact the ICO if you believe your data has been mishandled

9. International Transfers

Some data may be processed outside the UK (e.g. Stripe servers). We ensure appropriate safeguards are in place.

10. Automated Decision-Making

We do not use automated decision-making or profiling.

11. Changes to This Policy

We may update this policy from time to time. Changes will be posted here with a revised date.

12. Contact Us

Any questions etc get in touch below:

Last updated: November 26, 2025