Who we are
MyOnlineDesk is dedicated to your data privacy and to upholding the principles of the General Data Protection Regulation “GDPR”.
MyOnlineDesk is registered with the Information Commissioners Office our registration number is ZA176362.
What we collect when you view our site
Our site automatically logs IP addresses and referrals from other sites. We do this to monitor traffic and the effectiveness of our advertising campaigns. (GDBR Article 6. 1. f)
What we collect when you sign up as a user and why
When you sign up as a user on our site we collect the following information from you, which is provided from you when you enter an agreement with us to provide a service to you (GDBR Article 6 1. b)
First and last name
To identify you the user to ourselves
To contact you for:
- If you forgot your password we use your email to help reset this for you.
- To inform you when we process mail(letters) for you.
- To inform you of letter tracking information (if you choose this option when sending a letter via our service).
- To inform you if mail arrives for you (if you choose our mailbox service).
- Low balance warning (if you choose to activate this option from your account).
- To inform you of changes to our service that may affect you.
- To send you occasional news about our service (if you explicitly consent to this when you sign up to use our service GDBR Article 6 1. a).
- To respond to you if you have contacted us regarding a support query
- So that you may log into our site
- To inform you (if you subscribe to our Real Letterbox service) when your annual renewal for using the service is due.
- An address to forward mail we may receive for you.
- To verify your identity if you lose access to your account.
- To know what country you live in for legal reasons.
- To provide a return address on items of mail you may send via our service.
How long we keep this data
We retain this information as long as you keep an account with us. If you request to have your MyOnlineDesk account closed the data will be deleted within one month as outlined in Article 17 of the GDPR.
Further information we may request
In some circumstances we may request further information from you if you sign up for a business account representing a business or organisation. This request would be made for the following reasons:
- To ensure the data we hold is accurate.
- To ensure you are legally allowed to represent that organisation (GDPR Article 6. 1. C)
What we collect if you subscribe to our letter box service and why
In addition to our letter sending service users are also able to purchase a subscription to our letterbox service once they have signed up for an account (as mentioned in the section “What we collect when you sign up as a user and why”). To provide this service we collect additional information from you (GDBR Article 6. 1. c)
Proof of identity
We ask for this information for the following reasons.
- To prevent fraud
- To ensure you are legitimately allowed to receive mail as the person or entity you have given us when signing up for a letter box account.
How long we keep this data
This information is destroyed within 2 weeks after it has been used to confirm your identity.
Information we collect when you send a letter
Our website enables you to send real letters from the Internet. In order to provide this service, we need to collect a certain amount of data about each letter you send. Below we outline what information we request from you. (GDPR Article 6. 1. b)
So we can place a postal address on the envelope to send the letter
This provides a return address on the letter so it can be returned to you if the letter cannot be delivered by the postal service.
The content of your letter
This is the content of the letter you wish to send to the above mentioned “Postal Address”
How long is my letter data stored?
Your letter data is retained until you delete it from your account, the data is then purged from our system within 1 month.
The following information is deleted:
- We delete the content of the letter
- We delete the address the letter is to
- A record you sent a letter
- The cost of the letter (for accounting purposes)
- The date the letter was created and sent from our system
Why the data is only purged after 1 month:
- To address complaints a customer may have about a letter. We need this information to address that complaint. (GDBR Article 6. 1. f)
- If a letter is sent maliciously or the contents of the letter breaks the law (GDBR Article 6. 1. c) we are obliged to act on requests from law enforcement (previously under section 29 of the DPA this now falls under Article 23 of the GDPR). We act on these requests under our own discretion.
Who we share your data with
MyOnlineDesk will never share your data with 3rd parties, however there are three exceptions to this listed below
- Sub-Processors: If you choose to send your mail via our US or German printing partners the contents of your letter and destination address will be forwarded on to them for the purposes of providing a service to you. You have the option not to use this option and to send your mail via ourselves only if you choose.
- Organisation accounts: Organisation accounts are linked to an organisation and are setup by your employer for the purposes of caring out work for your employer. If you use MyOnlineDesk from an Organisation account, all content generated in the account is the property of your employer/organisation and subject to the policies of your employer/organisation.
- If we are requested to do so by UK law enforcement for the purposes of the prevention, or detection of a crime (Article 23 1. d). What we divulge is under our discretion and only what we believe would be pertinent for the request made.
Access to your personal information
All information provided to us by you is available for you to view and alter from within our website.
You have the right to access your data and the right to portability of your data.
Logging into the site and cookies
When logging into your MyOnlineDesk account, the site places what is known as an encrypted cookie onto your machine. The only purpose of this cookie is to let the site know you are logged into the site and you are who you say you are. The cookie is not used for advertising and is deleted when you log off the site.
When making an online payment to us, your bank may place a cookie onto your machine when authenticating you to services such as Verified by Visa.
When making an online payment to us via PayPal or Nochex, PayPal or Nochex may place a secure cookie onto your machine when you authenticate to use their service.
We also make use of Google Analytics to monitor website usage. In this case Google will place a cookie onto your machine. No personally identifiable information is collected about you.
If you would like to learn more about cookies please visit the following site www.allaboutcookies.org
Our site undergoes regular security scans.
We have a regular process in place to review our security and to assess the impact on any new functionality we may introduce.
Data stored with MyOnlineDesk is held in secure data centres within the EEA (European Economic Area).
MyOnlineDesk regularly reviews if data is relevant and if not, it is assessed for deletion.
Secure details and SSL
All transactions on MyOnlineDesk take place over SSL encryption.
Data Traveling out of the EEA
If you choose to send your letters via our US printing partner. A copy of the contents of your letter and the address the letter is to will leave the EEA zone for the purposes of our printing partner being able to send the letter on our behalf for you.