Privacy Policy

This privacy page explains, at an interim review level, how GratefulStack and GratefulD may collect, use, retain, and protect information across public pages, tribute and memorial flows, customer areas, supplier and delivery workflows, partner interactions, and internal review surfaces.

This notice is public and not gated behind login. It is intended to give a clear early-stage explanation of current data handling while more detailed legal drafting is still in progress.

We may collect account and contact data such as names, email addresses, login identifiers, support messages, organisation details, and communication records when you create an account, request access, contact us, or use related workflows.

We may collect tribute, order, and location data such as recipient details, memorial or tribute content, delivery notes, addresses, mapping or location inputs, checkout information, fulfilment requests, operational notes, and related status records.

We may collect supplier, florist, delivery, operator, or partner data such as application details, business details, availability, capability, assignment records, proof-of-delivery material, quality-control notes, and support or review history.

We use data to operate the service, manage access, process tribute and order requests, support suppliers and delivery fulfilment, maintain customer and partner communications, prevent misuse, investigate operational issues, and keep business and support records.

We may also use information to review coverage, routing, quality, fraud, abuse, safety concerns, system health, and other operational risks connected to the service.

We may use cookies or similar technologies for sign-in state, security, session continuity, preference storage, analytics, and service performance. Some features may not work properly if relevant cookies are disabled.

Cookie handling may change as the service matures and a fuller cookie notice is finalised.

Where payments are offered, payment details may be processed by third-party payment processors rather than stored directly by us in full. We may still receive transaction status, limited billing metadata, customer identifiers, and records needed to reconcile orders, subscriptions, fraud review, or support handling.

Third-party providers may apply their own terms and privacy notices to the processing they perform.

We keep information for as long as reasonably needed for service delivery, account management, order handling, support, fraud prevention, dispute review, operational records, legal compliance, or other legitimate business needs. Retention periods may vary by data type and workflow.

We use reasonable technical and organisational measures intended to reduce misuse, loss, and unauthorised access, but we do not promise that any system or transmission is completely secure or immune from failure.

Depending on your location and the nature of the data involved, you may have rights to ask about access, correction, deletion, restriction, objection, or related privacy matters. Those rights can be subject to legal or operational exceptions.

Privacy questions or requests can be sent to gratefulstack@gratefulstack.com.