Privacy.

Two reasons. To answer your quote or contact request, and to keep a working record of the order if it proceeds. The lawful basis is legitimate interest (replying to an enquiry you initiated) and, where the order proceeds, contract performance.

We do not use this data for marketing to you about unrelated products. We do not sell or trade it.

We use a small number of UK-or-EU-hosted processors to operate the site and reply to enquiries:

Supabase

Database hosting for quote and contact records. EU region.

Resend

Transactional email (auto-replies to you, notifications to us).

Vercel

Site hosting and edge delivery.

Plausible

Privacy-friendly analytics. No personal identifiers.

When backend wiring is live, the data flow is documented above. Until then, the forms acknowledge submission visually but do not transmit data. The policy will be updated the day forms go live.

Quote records are retained for 24 months from the date of last contact, after which they are deleted. Records of completed orders are retained for 7 years to satisfy UK accounting and HMRC record-keeping requirements.

Contact form messages without a follow-up order are deleted after 12 months. Email correspondence is retained for the duration of the business relationship plus a reasonable handover period, then archived.

Under UK GDPR you have the right to access the personal data we hold about you, correct it if it is inaccurate, delete it, restrict processing, object to processing, and ask for a copy in a portable format.

To exercise any of these, write to privacy@myeverflow.co. We respond within one calendar month.

If we have not responded to your satisfaction, you have the right to complain to the Information Commissioner’s Office (ICO).

Privacy queries: privacy@myeverflow.co

General enquiries: hello@myeverflow.co

Postal address available on request. Everflow Ltd is registered in England and Wales.