Privacy policy

PRIVACY NOTICE

Last updated: [25th September, 2025]

This privacy notice for Boomf Gifts Ltd (doing business as “Boomf”, “we”, “us”, or “our”) describes how and why we collect, store, use, and/or share (“process”) your personal information when you use our services (“Services”), such as when you:

  • Visit our website at https://boomf.com, or any website of ours that links to this privacy notice.

  • Engage with us in other related ways, including any sales, marketing, or events.

Questions or concerns? Reading this privacy notice will help you understand your privacy rights and choices. If you do not agree with our policies and practices, please do not use our Services. If you still have any questions or concerns, please contact us at hello@boomf.com.


SUMMARY OF KEY POINTS


This summary provides key points from our privacy notice, but you can find out more details in the full text below.

  • What personal information do we process? Depending on how you interact with Boomf and our Services, we process personal information such as names, addresses, emails, payment data, and device information.

  • Do we process sensitive personal information? No, we do not.

  • Do we receive information from third parties? No, unless you register via a social login.

  • How do we process your information? To provide and improve Services, communicate with you, secure transactions, and comply with law.

  • Do we share information? Yes, with service providers, payment processors, and logistics providers when necessary.

  • How do we protect your information? Through organisational and technical safeguards, but no system is 100% secure.

  • What are your rights? You may access, correct, delete, or restrict use of your personal information, depending on applicable laws (see Section 9).

  • How do you exercise rights? Contact us at hello@boomf.com or via our Contact Page.

TABLE OF CONTENTS



1. WHAT INFORMATION DO WE COLLECT?


Personal information you disclose to us

We collect personal information that you voluntarily provide when you register, purchase, participate in activities, or contact us. This may include:

  • Names

  • Email addresses

  • Mailing addresses

  • Contact preferences

  • Payment information (processed via Adyen and PayPal; see their policies: Adyen, PayPal)

All personal information you provide must be accurate and updated.

Information automatically collected

We automatically collect device and usage information, such as:

  • IP address, browser/device characteristics

  • Log data (pages visited, activity timestamps)

  • Device information (OS, mobile carrier, hardware model)

  • Geolocation data (IP-based; you can disable location tracking in your device settings)

 

2. HOW DO WE PROCESS YOUR INFORMATION?


We process personal information to:

  • Facilitate account creation, authentication, and management.

  • Process and fulfil orders, including shipping (see Terms of Use, Section 12).

  • Send administrative and marketing communications (with consent).

  • Improve our website, products, and services.

  • Detect and prevent fraud and misuse.

  • Comply with legal obligations.

  • Protect vital interests (e.g., to prevent harm).


3. WHAT LEGAL BASES DO WE RELY ON TO PROCESS YOUR INFORMATION?


Under GDPR and UK GDPR, we rely on:

  • Consent – e.g., for marketing emails (you may withdraw at any time).

  • Contractual necessity – e.g., processing orders.

  • Legal obligation – e.g., tax reporting.

  • Legitimate interests – e.g., improving security, preventing fraud.

  • Vital interests – e.g., preventing harm.


4. WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL INFORMATION?


We may share your information with:

  • Payment processors (Adyen, PayPal)

  • Logistics/shipping partners (for fulfilment)

  • Service providers (IT, analytics, customer support)

  • Business partners (for promotions or joint offerings)

  • Authorities (when legally required, e.g., law enforcement)

We do not sell your personal information.


5. DO WE USE COOKIES AND OTHER TRACKING TECHNOLOGIES?


Yes. We use cookies, pixels, and similar technologies for analytics, site performance, and targeted advertising (with consent). See our Cookie Notice for details.

6. HOW DO WE HANDLE YOUR SOCIAL LOGINS?


In Short: If you choose to register or log in to our services using a social media account, we may have access to certain information about you.

Our Services offer you the ability to register and log in using your third-party social media account details (like your Facebook or Twitter logins). Where you choose to do this, we will receive certain profile information about you from your social media provider. The profile information we receive may vary depending on the social media provider concerned, but will often include your name, email address, friends list, and profile picture, as well as other information you choose to make public on such a social media platform.

We will use the information we receive only for the purposes that are described in this privacy notice or that are otherwise made clear to you on the relevant Services. Please note that we do not control, and are not responsible for, other uses of your personal information by your third-party social media provider. We recommend that you review their privacy notice to understand how they collect, use, and share your personal information, and how you can set your privacy preferences on their sites and apps.

7. HOW LONG DO WE KEEP YOUR INFORMATION?


We keep your data only as long as necessary to fulfil purposes outlined in this notice, unless law requires longer retention (e.g., accounting). When no longer needed, data is anonymised or securely deleted.

8. HOW DO WE KEEP YOUR INFORMATION SAFE?


In Short: We aim to protect your personal information through a system of organisational and technical security measures.

We have implemented appropriate and reasonable technical and organisational security measures designed to protect the security of any personal information we process. However, despite our safeguards and efforts to secure your information, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorised third parties will not be able to defeat our security and improperly collect, access, steal, or modify your information. Although we will do our best to protect your personal information, transmission of personal information to and from our Services is at your own risk. You should only access the Services within a secure environment.

9. WHAT ARE YOUR PRIVACY RIGHTS?


Depending on where you live (EEA, UK, Switzerland, California, etc.), you may:

  • Request access to, or a copy of, your data.

  • Request rectification, erasure, or restriction.

  • Object to processing.

  • Request data portability.

  • Withdraw consent (without affecting prior lawful processing).

For EEA/UK residents: you may also lodge a complaint with your local Data Protection Authority.


10. CONTROLS FOR DO-NOT-TRACK FEATURES


We do not respond to DNT browser signals because no standard has been finalised. If adopted in future, we will update this policy.

11. DO CALIFORNIA RESIDENTS HAVE SPECIFIC PRIVACY RIGHTS?


11.1 Shine the Light Disclosure

California residents may request (once per year, free of charge) information about disclosures of their personal data to third parties for direct marketing.

11.2 Rights Under CCPA/CPRA

  • Right to Know

  • Right to Delete

  • Right to Correct

  • Right to Opt-Out of Sale/Sharing

  • Right to Limit Sensitive Data Use

  • Right to Non-Discrimination

11.3 Categories of Personal Information Collected

Category Examples Collected? Purpose Disclosed/Shared With
A. Identifiers Name, alias, email, IP Yes Account, orders, fraud prevention Service providers
B. Customer Records Address, phone, payment info Yes Orders, support Payment & shipping providers
C. Protected Characteristics Age, gender No Not collected N/A
D. Commercial Info Purchase history Yes Marketing, fulfilment Marketing/analytics
E. Biometric Data Fingerprints, voiceprints No Not collected N/A
F. Internet/Network Data Browsing, device info Yes Security, analytics Analytics providers
G. Geolocation IP/device-based Yes Delivery, fraud prevention Logistics
H. Sensory Data Audio/video No Not collected N/A
I. Professional Data Job applications No (unless employment) Recruitment HR/recruitment
J. Education Data Student records No Not collected N/A
K. Inferences Profiles/preferences No Not actively generated N/A


11.4 Sale or Sharing of Personal Information

We do not “sell” data. We may “share” limited information for advertising with your consent.

11.5 Exercising Your Rights

Contact us at hello@boomf.com or via Contact Page. Verification is required. You may also appoint an authorised agent.


12. DO WE MAKE UPDATES TO THIS NOTICE?


Yes. We may update this notice from time to time for compliance and transparency. Updates will show a “Last updated” date. Material changes may be communicated via notice or email.

13. HOW CAN YOU CONTACT US ABOUT THIS NOTICE?


If you have questions, contact us at:

Boomf Gifts Ltd
Unit 37, Easter Park
Benyon Road, Silchester
Reading, RG7 2PQ
United Kingdom
📧 Email: hello@boomf.com

 

14. HOW CAN YOU REVIEW, UPDATE, OR DELETE THE DATA WE COLLECT FROM YOU?


To review, update, or delete your personal data, submit a request at our Contact Page. We will respond in accordance with applicable law.