FunFakes, operated by FakeIDUK (“we”, “us”, or “our”), is committed to protecting your privacy and handling your personal data transparently and securely. This privacy policy outlines how we collect, use, share, and safeguard your personal information in compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.
We collect and process personal data you provide directly when ordering or interacting with our services, such as novelty card orders or account creation. This may include your name, email address, delivery address, and payment details. We also collect anonymised data automatically when you visit our website at [website URL], such as browsing behaviour and IP addresses, using cookies and similar technologies.
We utilise Google Analytics and Microsoft Clarity to analyse website usage and improve user experience. These tools collect anonymised data about your interactions with our site, such as pages visited and time spent, via cookies. This information cannot be used to identify you personally and helps us enhance our services.
We use your personal data to:
Process and fulfil your novelty card orders.
Communicate order updates, confirmations, and tracking information.
Respond to your inquiries via [contact page URL] or [[email protected]].
Improve our website and services based on anonymised analytics.
Comply with legal obligations, including reporting to authorities if required.
When you order novelty cards, we process data (e.g., names, photos) as a data processor on your behalf. You, as the customer, remain the data controller responsible for the accuracy and legality of the data provided.
We retain customer-provided data for 6 months after order completion to facilitate returns or inquiries, after which it is securely and permanently deleted. Shorter retention periods may apply if requested by you or mandated by law.
We may share your personal data only in the following cases:
With trusted service providers (e.g., payment processors, postal services) who process data on our behalf under strict confidentiality agreements.
With law enforcement agencies, such as the London Metropolitan Police, National Crime Agency, or other national police agencies, if required by a valid warrant or legal obligation.
We do not sell or share your data for marketing purposes.
Under GDPR, you have the following rights regarding your personal data:
Access: Request a copy of your data.
Rectification: Correct inaccurate data.
Erasure: Request deletion of your data.
Restriction: Limit how your data is processed.
Data Portability: Receive your data in a structured, machine-readable format.
Objection: Object to certain data processing activities.
Automated Decision-Making: Opt out of automated profiling (not currently used by FunFakes).
To exercise these rights, contact us via [contact page URL].
We implement robust technical and organisational measures to protect your personal data against unauthorised access, loss, alteration, or disclosure. These include encrypted payment systems, secure servers, and regular security audits.
If we transfer your data outside the UK or European Economic Area (EEA), we ensure compliance with GDPR through appropriate safeguards, such as Standard Contractual Clauses or adequacy agreements, to maintain the same level of protection.
We may update this policy to reflect changes in our practices or legal requirements. Significant updates will be communicated by posting the revised policy on this page and updating the “Last updated” date. We encourage you to review this page periodically.
For questions about this privacy policy or our data practices, please contact us at:
Contact Form: [contact page URL]
We aim to respond within 48 hours.
If you are dissatisfied with our handling of your data, you may lodge a complaint with the Information Commissioner’s Office (ICO), the UK’s supervisory authority for data protection, at [ICO website URL].
