This Privacy Policy sets out how Furnishing Packs UK (“we”, “us”, or “our”) collects, uses, shares, and protects your personal data when you visit our website at https://furnishingpacks.co.uk (the “Website”), interact with our services, make purchases, or otherwise communicate with us. We are committed to protecting your privacy and ensuring compliance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and other relevant UK data protection laws.
We are the data controller for the personal data we process about you. Our contact details are:
- Email: in**@****************co.uk
- Telephone: 0113 870 1057
This policy was last updated on 21 September 2025. We may update it from time to time to reflect changes in our practices or for legal reasons. Any changes will be posted on this page, and where appropriate, we will notify you by email. We encourage you to review this policy periodically.
By using our Website or services, you consent to the practices described in this policy. If you do not agree, please do not use our Website or services.
What Personal Data Do We Collect?
We collect personal data that you provide to us directly, as well as information collected automatically when you use our Website. The types of personal data we may collect include:
Information You Provide Directly
– Contact and Account Information: Name, email address, telephone number, postal address, and any other details you provide when you contact us via our contact form, create an account, place an order, or subscribe to our communications (e.g., newsletters, if applicable).
– Payment Information: Billing address, payment method details (such as credit/debit card number, expiry date, and security code), processed through secure third-party payment providers. We do not store full payment card details on our servers.
– Order and Delivery Information: Details related to your purchases, such as product preferences, delivery instructions, and any customisation requests.
– Correspondence: Any information you include in messages, enquiries, feedback, or reviews you send to us.
– Marketing Preferences: Your preferences for receiving marketing communications from us.
Information Collected Automatically
– Device and Usage Data: IP address, browser type, operating system, referring URLs, pages visited, time and date of visits, and other technical information collected via cookies, web beacons, or similar technologies (see our Cookies section below).
– Location Data: Approximate location based on your IP address, unless you provide more precise location data (e.g., for delivery purposes).
We do not intentionally collect sensitive personal data (e.g., data revealing racial or ethnic origin, political opinions, religious beliefs, health, or sexual orientation) unless you voluntarily provide it in communications with us.
How Do We Collect Your Personal Data?
– Directly from You: When you fill out forms on our Website (e.g., contact form, checkout process), make a purchase, or communicate with us via email or phone.
– Automatically: Through cookies and similar tracking technologies when you browse our Website.
– From Third Parties: We may receive information from service providers, such as payment processors, delivery partners, or analytics providers, to facilitate our services.
How Do We Use Your Personal Data?
We use your personal data for the following purposes:
– To Provide Our Services: Process orders, manage deliveries and installations, handle returns or refunds, and respond to your enquiries.
– To Communicate with You: Send order confirmations, updates, and responses to your messages. If you opt in, we may send marketing emails about our products, promotions, or news.
– To Improve Our Website and Services: Analyse usage patterns to enhance user experience, troubleshoot issues, and develop new features.
– For Legal and Compliance Purposes: Comply with legal obligations, prevent fraud, enforce our terms, and protect our rights or those of others.
– For Security: Monitor and secure our Website against unauthorised access or malicious activity.
Legal Basis for Processing Your Personal Data
Under UK GDPR, we process your personal data based on the following legal grounds:
– Contractual Necessity: To fulfil our contract with you (e.g., processing orders and deliveries).
– Consent: Where you have given explicit consent (e.g., for marketing emails or non-essential cookies).
– Legitimate Interests: For purposes such as improving our services, fraud prevention, or direct marketing (where not overridden by your rights).
– Legal Obligation: To comply with laws, such as tax or accounting requirements.
You can withdraw consent at any time by contacting us, though this may affect our ability to provide certain services.
Who Do We Share Your Personal Data With?
We may share your personal data with:
– Service Providers: Third parties who assist us, such as payment processors (e.g., Stripe or PayPal), delivery companies (e.g., couriers), IT providers, and marketing tools. These providers are contractually required to protect your data and use it only for the services they provide to us.
– Professional Advisors: Accountants, lawyers, or auditors as needed for legal or business purposes.
– Authorities: If required by law, such as in response to a court order, or to prevent harm.
– Business Transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred to the new owner.
We do not sell your personal data to third parties.
International Data Transfers
If we transfer your personal data outside the UK (e.g., to service providers in the EU or US), we ensure appropriate safeguards are in place, such as UK International Data Transfer Agreements (IDTAs) or adequacy decisions, to protect your data to UK standards.
How Do We Secure Your Personal Data?
We implement reasonable technical and organisational measures to protect your personal data from unauthorised access, loss, or disclosure. This includes encryption, access controls, and secure servers. However, no system is completely secure, and we cannot guarantee absolute security.
In the event of a data breach, we will notify you and the Information Commissioner’s Office (ICO) where required by law.
How Long Do We Retain Your Personal Data?
We retain your personal data only as long as necessary for the purposes outlined in this policy, or as required by law. For example:
– Order data: Up to 7 years for accounting purposes.
– Contact enquiries: Up to 2 years after resolution.
– Marketing data: Until you unsubscribe or withdraw consent.
After this period, we securely delete or anonymise the data.
Your Data Protection Rights
Under UK GDPR, you have the following rights regarding your personal data:
– Access: Request a copy of the data we hold about you.
– Rectification: Correct inaccurate or incomplete data.
– Erasure: Request deletion in certain circumstances (e.g., if no longer needed).
– Restriction: Restrict processing in specific cases.
– Objection: Object to processing based on legitimate interests or for direct marketing.
– Data Portability: Receive your data in a structured, machine-readable format.
– Withdraw Consent: Where processing is based on consent.
To exercise these rights, contact us at in**@****************co.uk. We will respond within one month, though this may be extended for complex requests. There is no fee unless the request is manifestly unfounded or excessive.
If you are unsatisfied with our response, you can complain to the ICO at www.ico.org.uk or by calling 0303 123 1113.
Cookies and Tracking Technologies
Our Website uses cookies to enhance functionality and user experience. Cookies are small text files stored on your device.
– Essential Cookies: Necessary for the Website to function (e.g., maintaining your cart).
– Analytics Cookies: Help us understand how visitors use the site (e.g., via Google Analytics).
– Marketing Cookies: Used for targeted advertising, if applicable.
You can manage cookies through your browser settings. For more details, see our Cookie Policy (if separate; otherwise, incorporate here). By continuing to use our Website, you consent to essential cookies. For non-essential cookies, we will seek your consent via a banner.
Children’s Privacy
Our Website and services are not intended for children under 16. We do not knowingly collect data from children. If we become aware of such data, we will delete it.
Third-Party Links
Our Website may contain links to third-party sites. We are not responsible for their privacy practices. We encourage you to review their policies.
Contact Us
If you have questions about this Privacy Policy or our data practices, please contact us at:
- Email: in**@****************co.uk
- Telephone: 0113 870 1057