Privacy Policy

Last updated: 15 January 2026

1. Who we are

Addressless (“we”, “us”, “our”) is an early-stage service currently operated by an individual (not yet a limited company).

We take privacy seriously and are committed to handling personal data responsibly and transparently.

If you have questions about this policy, you can contact us at:
Nick@addressless.co

2. What data we collect

We only collect data that is necessary to operate the service.

a) Sender data

If you send a card or gift, we may collect:

  • Your name


  • Your email address


  • Payment information (processed securely by Stripe — we do not store card details)


  • Details of the gift or card you choose


  • Any message you write to the recipient


b) Recipient data

If you receive a gift invitation, we may collect:

  • Your name


  • Your email address


  • Your delivery address (only if you accept the gift)


Important:
 Senders never see recipients’ postal addresses.

3. How we use your data

We use personal data only to:

  • Send gift invitations


  • Process payments


  • Arrange fulfilment and delivery


  • Communicate status updates


  • Provide customer support


  • Prevent fraud or misuse


We do not use personal data for advertising or sell it to third parties.

4. Address handling (core to the service)

Recipient addresses are:

  • Collected only after a gift is accepted


  • Used solely for fulfilment


  • Shared only with the fulfilment provider needed to deliver the item


  • Never visible to the sender


We do not store addresses longer than necessary for fulfilment and basic record-keeping.

5. Payments

All payments are processed by Stripe, a third-party payment processor.

Stripe handles your card details directly.
 We do not store or have access to full payment card information.

Stripe’s own privacy policy applies in addition to this one.

6. Third-party services

We may share limited personal data with trusted third parties strictly for service delivery, including:

  • Payment processors (e.g. Stripe)


  • Card printers


  • Gift retailers


  • Delivery and courier services


  • Email delivery services


These providers only receive the data required to perform their role.

7. Legal basis for processing (GDPR)

Under UK GDPR, we process personal data based on:

  • Contractual necessity – to deliver the service you request


  • Legitimate interests – operating, improving, and protecting the service


  • Legal obligations – accounting, fraud prevention, and compliance


8. Data retention

We keep personal data only for as long as necessary to:

  • Provide the service


  • Handle support or disputes


  • Meet legal or accounting requirements


Early-stage test data may be retained in anonymised or aggregated form for product learning.

9. Your rights

You have the right to:

  • Access your personal data


  • Request correction of inaccurate data


  • Request deletion of your data (subject to legal obligations)


  • Object to or restrict certain processing


To exercise these rights, contact us at the email above.

10. Security

We take reasonable technical and organisational measures to protect personal data, including:

  • Secure third-party providers


  • Access controls


  • Minimal data collection


However, no system is completely secure, and we cannot guarantee absolute security.

11. Children’s data

The service is not intended for children under 16, and we do not knowingly collect data from children.

12. Changes to this policy

We may update this Privacy Policy from time to time as the service evolves.

The latest version will always apply and will be available wherever the service is offered.

13. Governing law

This Privacy Policy is governed by the laws of England and Wales.