Privacy Policy

We use your personal data for the following purposes listed in this section. We are allowed to do so on certain legal bases (please see section 4 for further detail).

User Account Data

• Use the data for audience targeting as part of our digital marketing
• Contract, Legitimate Interest

Purchase Data

• Complete a purchase that you have requested. Note that if you do not provide us with this data, we will not be able to complete your purchase.
• Provide you with updates and information about products and services you have purchased from us.
• Use the data for audience targeting as part of our digital marketing
• Contract, Legitimate Interest

Warranty Data

• Use the data for audience targeting as part of our digital marketing
• Contract

Marketing Data

• To send you information about our products and services
• Consent, Legitimate Interest

General Enquires

• Respond to your request for information about our products and services
• Legitimate Interests

Furthermore, we will process your personal data for the following purposes:

• Comply with any procedures, laws, and regulations which apply to us; and
• Establish, exercise, or defend our legal rights where it is necessary for our Legitimate Interests or the Legitimate Interests of others.

We are allowed to process your personal data based on the following legal bases for the purposes explained in section 3:

Legitimate Interests

• We are permitted to process your personal data if it is based on our ‘Legitimate Interests’ i.e. we have good, sensible, practical reasons for processing your personal data which is in our interests. To do so, we have considered the impact on your interests and rights, and have placed appropriate safeguards to ensure that the intrusion on your privacy is reduced as much as possible. The table in section 3 explains the personal data processed on this basis. You can object to processing that we carry out on the grounds of legitimate interests. See section 7 to find out how.


Contract

• It is necessary for our performance of the contract you have agreed to enter with us. If you do not provide your personal data to us, we will not be able to carry out our obligations under the terms of your contract.


Legal obligation

• We are subject to legal obligations to process your personal data for the purposes of complying with applicable regulatory rules (e.g. product recall-related regulations) and to make mandatory disclosures to government bodies and law enforcement agencies.


Consent

• Sometimes we want to use your personal data in a way that is entirely optional for you, such as when you sign up to our newsletter. On these occasions, we will ask for your consent to use your information. You can withdraw this consent at any time by following the instructions in the marketing communication (e.g. clicking ‘Unsubscribe’ in the marketing email) or reaching out to us using the information in section 8.

The following categories of personal data will be kept for the following periods:

User Account

• Held whilst account is active and deleted after more than 3 years of inactivity.


Purchase Data

• 7 years from purchase period. (For select products where the warranty period is longer than 7 years, retention period is warranty period + 1 year).

Warranty Data

• Warranty period of each specific product + 1 year.

Marketing Data

• Until you tell us that you no longer wish to receive marketing material.

General Enquires

• 1 month after enquiry is resolved.

We use external providers that act as our processors who provide typical services required by all organisations such as website development, data storage, email service providers, and IT hosting. These providers process your personal data as part of the services they offer to us. We take steps to ensure that our service providers process your data in accordance with the Data Protection Laws, only use it in accordance with our contract with them, and keep it secure. If you would like more information about our processors, please contact us using the details in section 8.

We also use external providers that act as separate controllers of your personal data. In order to complete your purchases of our products and services, we share your Purchase Data with the payment service provider you choose to complete your purchase with. For our digital marketing purposes, we share your Purchase Data and User Account Data with social media platforms. Please refer to their respective privacy policies for more information on how they process your personal data.


International Transfer of Data


Your personal data is transferred outside of the UK and the EEA in order for our affiliate which is located in Australia, to perform software development, marketing, and product development activities. Any transfer of your data outside the UK and the EEA will be carried out in accordance with the law to safeguard your privacy rights and give you remedies in the unlikely event of a security breach or to any other similar approved mechanisms.


We strive to implement appropriate technical and organisational measures in order to protect your personal data against accidental or unlawful destruction, accidental loss or alteration, unauthorised disclosure or access, and any other unlawful forms of processing. We aim to ensure that the level of security and the measures adopted to protect your personal data are appropriate for the risks presented by the nature and use of your personal data. We follow recognised industry practices for protecting our IT environment and physical facilities.

As a data subject, you have the following legal rights under the Data Protection Laws in relation to your personal data. You can exercise these rights free of charge by contacting us (please see section 8). We will respond to any rights that you exercise within a month of receiving the request unless the request is particularly complex, in which case we will respond within three months.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

Please be aware that there are exceptions and exemptions that apply to some of these rights, which we will apply in accordance with the Data Protection Laws.

Right of access

You have the right to obtain access to your personal data we process and certain other information (similar to that provided in this Privacy Policy). To help us find the information, please give us as much information as possible about the type of personal data you would like to see.

Right to rectification

You are entitled to have your information corrected if it is inaccurate or incomplete.

Right to ask us to stop contact you with direct marketing

You can ask us to stop contacting you for direct marketing purposes.

Right in relation to automated decision making

These rights are not applicable as we do not carry out any automated decision making.

Right to erasure

This is also known as the ‘right to be forgotten’ and enables you to request the deletion or removal of your information where:

• You do not believe that we need your data in order to process it for the purposes set out in this Privacy Policy;
• If you had given us consent to process your data, you withdraw that consent and we cannot otherwise legally process your data;
• You object to our processing and we do not have any legitimate interests that mean we can continue to process your data; or
• Your data has been processed
unlawfully or has not been erased when it should have been.

Right to restrict processing

You have rights to ‘block’ or suppress further use of your information. When processing is restricted we can still store your information, but may not use it further. You may request that we stop processing your personal data temporarily if:

• You do not think your data is accurate. We will start processing again once we have checked whether or not the data is accurate;
• The processing is unlawful but you do not want to erase your data;
• We no longer need the personal data for our processing, but you need the data to establish, exercise, or defend legal claims; or
• You have objected to the processing because you believe that your interests should override [the companies] legitimate interests.

Right to Data portability

You have rights in certain circumstances to obtain and reuse your personal data for your own purposes across different services.

Right to object to processing

You have the right to object to certain types of processing, including processing based on our legitimate interests and processing for direct marketing.

Right to withdraw consent

If you have given your consent to anything we do with your personal data, you have the right to withdraw your consent at any time (for example, by clicking ‘Unsubscribe’ at the bottom of the email newsletter).

What if your rights are breached?

You may be entitled to compensation for damage caused by contravention of the Data Protection Laws.

Complaints to the regulator

It is important that you ensure you have read this Privacy Policy. If you do not think that we have processed your data in accordance with this Privacy Policy, you should let us know as soon as possible. You also have the right to complain to the Information Commissioner’s Office. Information about how to do this is available on its website at www.ico.org.uk.

If you would like this Privacy Policy in another format (for example: audio, large print, braille) please contact us at the details below:

Company

ABI Interiors International Limited

Company number

12954559

VAT Number

369 5909 37

Email

[email protected]