- Who we are
- Our website
- Our collection and use of your personal information
- Transfer of your information out of the EEA
- Cookies and similar technologies
- Your rights
- Keeping your personal information secure
- Data Retention
- How to complain
- How to contact us
1. WHO WE ARE
This Website is operated by Phoenix Furniture Limited. We operate a furniture design company.
We collect, use and are responsible for certain personal information about you and, in doing so, comply with the Data Protection Act 2018 and we are responsible as ‘controller’ of that personal information for the purposes of applicable data protection legislation.
2. OUR WEBSITE
Throughout our Website we may provide you with links to other websites owned and operated by certain trusted third parties who may make their own products and services available to you. These other third party websites may also gather information about you in accordance with their own separate privacy polices. For privacy information relating to these other third party websites, please consult their privacy policies as appropriate. We cannot accept any liability for your use of those third-party websites or how your data is processed by the owners/operators of those websites.
3. OUR COLLECTION AND USE OF YOUR PERSONAL INFORMATION
We collect personal information about you when you access our Website, register with us, contact us, send us feedback, use the services via our Website, and compete customer surveys.
We collect this personal information from you either directly (such as when you register with us, contact us or purchase services) or indirectly (such as your browsing activity while on our Website).
The personal information we collect about you depends on the particular activities carried out through our Website. Such information may include:
- your name, address and contact details;
- date of birth;
- details of any feedback you give us by phone, email, post or via social media;
- information about the services we provide to you;
- your account details, such as username, login details;
- any other information that you submit to us; and
We may use this personal information to:
- create and manage your account with us;
- verify your identity;
- provide services to you;
- customise our Website and its content to your particular preferences;
- notify you of any changes to our Website or to our services that may affect you; and
- improve our services.
This Website is not intended for use by children and we do not knowingly collect or use personal information relating to children.
Our legal basis for processing your personal information
When we use your personal information we are required to have a legal basis for doing so. There are various different legal bases upon which we may rely, depending on what personal information we process and why.
The legal bases we may rely on include
- consent: where you have given us clear consent for us to process your personal information for a specific purpose;
- contract: where our use of your personal information is necessary for a contract we have with you, or because you have asked us to take specific steps before entering into a contract;
- legal obligation: where our use of your personal information is necessary for us to comply with applicable law (not including contractual obligations);
- legitimate interests: where our use of your personal information is necessary for our legitimate interests or the legitimate interests of a third party (unless there is a good reason to protect your personal information which overrides our legitimate interests).
How we may use information received from you
We will use the information that we receive from you to:
- communicate with you in relation to any use by you of this Website, including providing you with customer support;
- subject to your marketing preferences, to provide you with information about goods or services that selected third parties offer;
- to improve the content of our Website so that it is presented to you in the most effective manner, including personalised suggestions and recommendations;
- to improve the internal operation of our Website, including data analysis, testing, and statistical research; and
- to measure and understand the effectiveness of any advertising that we present to you.
Who we share your personal information with
We may disclose anonymized data (such as aggregated statistics) about the users of our Website in order to describe our sales, customers, traffic patterns and other information to prospective partners, advertisers, investors and other reputable third parties and for other lawful purposes, but these statistics will not contain your personal data.
We may occasionally be required by law, court order or governmental authority to disclose certain types of personal data.
We may also share your information with third parties in the following situations, to the extent permitted by law:
(a) if we think doing so is necessary to protect the rights, property, security, or safety of us, our users, or the public;
(c) to investigate and defend ourselves or others against any third-party claims or allegations; and
(d) while negotiating or in relation to a business transaction, such as a merger, change of control, sale of assets, or bankruptcy.
4. TRANSFER OF YOUR INFORMATION OUT OF THE EEA
We may transfer your personal information outside the United Kingdom and the European Economic Area (EEA) if any of our group companies, selected third parties or data processors are located outside the EEA.
Whenever we transfer your personal data out of the United Kingdom and/or the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
(a) we will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission.
(b) contracts approved by the European Commission which give personal data the same protection it has in Europe.
(c) where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between Europe and the US.
5. COOKIES AND SIMILAR TECHNOLOGIES
We would like to send you information about products and services which may be of interest to you. Where we have your consent or it is in our legitimate interests to do so, we may do this by post, email, telephone, text message (SMS) or automated call.
We would also like to share your information with selected third parties with whom you wish to share data so that they may send you information about their products and/or services, depending on what you agree with us.
We will only ask whether you would like us and other businesses to send you marketing messages when you tick the relevant boxes when you register on this Website.
If you have previously agreed to being contacted in this way, you can unsubscribe at any time by:
- contacting us at email@example.com;
- using the ‘unsubscribe’ link in emails or ‘STOP’ number in texts;
- updating your marketing preferences in your account settings
7. YOUR RIGHTS
Under the General Data Protection Regulation you have a number of important rights free of charge. In summary, those include rights to:
- fair processing of information and transparency over how we use your use personal information;
- require us to correct any mistakes in your information which we hold;
- require the erasure of personal information concerning you in certain situations;
- receive the personal information concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party in certain situations;
- object at any time to processing of personal information concerning you for direct marketing;
- object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you;
- object in certain other situations to our continued processing of your personal information; and
- otherwise restrict our processing of your personal information in certain circumstances.
For further information on each of those rights, including the circumstances in which they apply, see the guidance provided by the UK Information Commissioner’s Office (the “ICO”) on individuals rights under the General Data Protection Regulation which can be found on their website at www.ico.org.uk.
If you would like to exercise any of those rights, please:
- email, call or write to us;
- let us have enough information to identify you;
- let us know the information to which your request relates, including any account or reference numbers, if you have them.
8. DATA RETENTION
We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.
To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.
9. KEEPING YOUR PERSONAL INFORMATION SECURE
We have appropriate security measures in place to prevent personal information from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
10. HOW TO COMPLAIN
You have the right to make a complaint at any time to the Information Commissioner’s Office, the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.
12. HOW TO CONTACT US
If you wish to contact us, please send an email to firstname.lastname@example.org or write to us at 1-3 Brixton Road, Kennington Business Park, London SW9 6DE.