GDPR Compliance

GDPR Compliance & Data Protection

At GFS Express, we are committed to protecting your privacy and ensuring compliance with the General Data Protection Regulation (GDPR). This page outlines how we collect, use, and protect your personal data.

Last Updated: September 23, 2025

Data Controller Information

Company Details

Company: GFS Express

Address: London, United Kingdom

Phone: 08443 350 530

Email: legal@gfs.co.uk

Data Protection Officer

Contact: sales@gfs.co.uk

Role: Ensuring GDPR compliance and handling data protection queries

Response Time: Within 72 hours

What Personal Data We Collect

Shipping Services Data

  • Full name and contact information
  • Shipping and billing addresses
  • Phone numbers and email addresses
  • Package contents and descriptions
  • Payment information

Website & Technical Data

  • IP address and browser information
  • Cookies and tracking data
  • Website usage analytics
  • Account registration details
  • Communication preferences

How We Use Your Personal Data

Service Delivery

We use your data to provide our shipping and logistics services:

  • • Processing and tracking shipments
  • • Managing pickups and deliveries
  • • Customs clearance and documentation
  • • Customer service and support

Legal Compliance

We process data to comply with legal obligations:

  • • International shipping regulations
  • • Customs and border control requirements
  • • Anti-money laundering checks
  • • Tax and accounting obligations

Your GDPR Rights

Right of Access

Request copies of your personal data we hold

Right of Rectification

Request correction of inaccurate personal data

Right of Erasure

Request deletion of your personal data

Right to Restrict Processing

Request limitation of data processing

Right to Data Portability

Receive your data in a structured format

Right to Object

Object to processing based on legitimate interests

Right to Withdraw Consent

Withdraw consent for data processing

Right to Lodge a Complaint

File complaints with supervisory authorities

Data Security & Protection

 

Encryption

All data is encrypted in transit and at rest using industry-standard protocols

 

Access Control

Strict access controls ensure only authorized personnel can access your data

 

Regular Audits

Regular security audits and vulnerability assessments protect your information

Data Retention Policy

Data Type

Retention Period

Legal Basis

Shipping Records

7 years

Legal compliance

Customer Account Data

5 years after last activity

Legitimate interest

Marketing Data

Until consent withdrawn

Consent

Website Analytics

26 months

Legitimate interest

Exercise Your Rights

Data Protection Requests

To exercise any of your GDPR rights, please contact us:

Email: sales@gfs.co.uk

Subject Line: GDPR Data Request

Response Time: Within 30 days

What to Include

  • • Your full name and contact details
  • • Description of your request
  • • Proof of identity (for security)
  • • Relevant account or tracking numbers
  • • Preferred response method

Important: We may need to verify your identity before processing certain requests. All requests are handled confidentially and in accordance with GDPR requirements.

Cookie Policy

We use cookies to enhance your browsing experience and provide personalized services. You can manage your cookie preferences below:

Essential Cookies

Required for website functionality

Always Active

 

Analytics Cookies

Help us understand website usage

Optional

 

Marketing Cookies

Used for targeted advertising

Optional

 

Policy Updates

We may update this GDPR compliance policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any significant changes via email or website notification at least 30 days before they take effect.

We need your consent to load the translations

We use a third-party service to translate the website content that may collect data about your activity. Please review the details in the privacy policy and accept the service to view the translations.