Privacy Policy
Last updated: 6 July 2026
Privacy Policy
Policy key definitions:
* "I", "our", "us", or "we" refer to the business, EachMoment.
* "you", "the user" refer to the person(s) using this website.
* GDPR means General Data Protection Regulation.
* ICO means Information Commissioner's Office.
* Cookies mean small files stored on a user's computer or device.
This privacy policy notice is served by EachMoment ("We" or "us") and governs the privacy of those who use it. This policy explains how we control, process, handle and protect your personal information under current laws and regulations in UK. These include:
* Data Protection Act 2018 (DPA).
* The General Data Protection Regulation (GDPR).
* Data (Use and Access) Act 2025.
Processing of Your Personal Data
Under the GDPR we control and/or process any personal information about you electronically using the following lawful bases:
* Lawful basis: Consent.
* Data retention period: We will continue to process your information under this basis until you withdraw consent, or it is determined your consent no longer exists.
* SMS & WhatsApp Service: If you opt-in to our messaging services at checkout or via our website, we use your mobile number to provide strictly transactional updates on your Memory Box.
Processing of Your Submitted Media
We must retain the digital data processed as a result of the service provided throughout the course of the service. Once your original media and processed digital data are returned to you, we provide ongoing hosting of your digital data via our archival platform, Atlas.
While we aim to provide this hosting for the lifetime of the service, we reserve the right to modify our hosting arrangements, provided we give you reasonable notice to download your media. You can opt-out or request deletion by contacting our Data Controller.
Your Individual Rights
Under GDPR, you have the right to be informed, access, rectification, erasure, restrict processing, data portability, and to object. You specifically have the right to object to the migration of your files to the Atlas platform.
The Data We Collect About You
Personal data we process includes name, address, telephone or mobile number, and email address. Our collection methods are:
* Engagement of services (Memory Box orders).
* Communications (including WhatsApp/SMS opt-ins).
* Networking and engagement of service providers.
How Your Data Will be Used
We use information held about you to:
* Provide products or services requested.
* Service Updates: Notify you about changes to your order via Email, SMS, or WhatsApp.
* Platform Archival: Provide long-term hosting of your digitized media on Atlas.
* Abandoned Checkout Reminders: Help you finish a purchase if you start an order but do not complete it.
* Carry out our obligations arising from any contracts entered between you and us.
Legitimate Interest & Marketing
Where we use Legitimate Interests, we record our decision method. We use Legitimate Interest for the administrative consolidation of our digital archives onto the Atlas platform to ensure data security and file integrity. If you are an existing customer, we may contact you with information about similar services previously purchased. You can opt-out at any time.
Where We Process Your Data
EachMoment operates a logistics network across the United Kingdom and Europe, comprising our UK hub and collection and drop-off points in other European locations. Media is moved between our locations by our own employed couriers under a fully tracked, secure chain of custody.
The digitisation of your media is carried out at our secure processing facility within the European Union. This facility is a branch of EachMoment Ltd — the same legal entity you contract with, not a separate company. Under UK GDPR this is internal (intra-entity) processing rather than a transfer to a third party, and because the facility operates in the European Union, your data there is protected under both UK GDPR and EU GDPR standards.
Your personal data and digitised media are stored within the United Kingdom and the European Union. We do not transfer your personal data outside the UK or EU without an appropriate legal basis and the safeguards required under UK GDPR.
Third Parties
We keep your information within the organisation except where disclosure is required by law or when using third-party data processors. Our Data Processors include:
* Cloud/FTP Service – IT Support.
* Email, SMS & WhatsApp Provider (Klaviyo).
* Specialist document scanning provider.
* Couriers (for Memory Box transit).
* Accountants & Payroll providers.
Our EU processing facility is not listed above because it is not a third party: it is a branch of EachMoment Ltd itself, as described under "Where We Process Your Data".
Data Correction and Deletion
We will correct or update your data without delay upon written request. Under GDPR, you have the right to erasure under specific circumstances.
Complaints, Incidents and Data Retention
If you are unhappy with how we handle your personal data, contact our data controller first and we will respond within one month. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.
We operate an incident procedure for any suspected loss, mis-delivery or breach involving your media or personal data: we investigate, tell affected customers promptly, and notify the ICO where legally required.
How long we keep your data: original media is returned to you when your order completes or is cancelled; digital files are hosted on Atlas until you ask us to delete them; order and contact records are kept only as long as needed to meet our legal and accounting obligations.
How to Contact Us
For the Data Protection Laws, the data controller is EachMoment. Email: jude@eachmoment.co.uk Telephone: 01603 291 552