Our Privacy Notice describes the categories of personal data that we process and for what purposes.
We understand that your privacy is important to you and that you care about how your personal data is used.
We respect and value the privacy of our customers and suppliers and will only collect and use such data fairly and in accordance with the requirements of the General Data Protection Regulations (GDPR).
We are what is known as the ‘data controller’ of personal information we gather and use.
We require information about you in order to provide our products to you and make payment for the goods and services you provide to our businesses.
When we say ‘we’ or ‘us’ in this Privacy Notice, we mean Belfield Group Limited and our subsidiary companies which include Westbridge Furniture Design Ltd, Tetrad Ltd and Duflex Foam Ltd.
For the purpose of the General Data Protection Regulations 2018, the data controller is Belfield Group limited, Company number 10061567 of:
Belfield Group Limited
Personal data is defined by the General Data Protection Regulation (GDPR) as ‘any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier’.
Personal data is, in simpler terms, any information about you that enables you to be identified. Personal data covers obvious information such as your name and contact details, but it also covers less obvious information such as identification numbers, electronic location data, and other online identifiers.
The personal data that we use is set out in Part 5.
Under the GDPR you have the following rights, which we will always work to uphold:
- You have the right to be informed about our collection and use of your personal data.
- The right to access the personal data we hold about you.
- The right to have your personal data rectified if any of your personal data held by us is inaccurate or incomplete. Please contact us using the details in Part 12 to find out more.
- The right to be forgotten, i.e. the right to ask us to delete or otherwise dispose of any of your personal data that we have provided that the personal data is no longer necessary for the purposes for which it was collected, you withdraw consent (if the legal basis for processing is consent), you exercise your right to object, set out below, and there are no overriding legitimate ground for processing, the data is unlawfully processed or the data needs to be erased to comply with a legal obligation.
- The right to restrict (i.e. prevent) the processing of your personal data if the accuracy of that data is contested, the processing is unlawful, the personal data is no longer necessary for the purposes for which it was collected or you exercise your right to object (pending verification of whether there are legitimate grounds for processing).
- The right to object to us using your personal data for a particular purpose or purposes where it is processed on the basis of legitimate interests provided that there are no compelling reasons for that processing. You also have the right to object to processing of your personal data for marketing purposes. We will inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes.
- The right to data portability. You may request that we provide the personal data that we hold about you to another data controller in a structured, commonly used and machine-readable format.
- Rights relating to automated decision-making and profiling. We do not use your personal data in this way.
For more information about our use of your personal data or exercising your rights as outlined above, please contact us using the details provided in Part 12.
Similarly, should you have any issues, concerns or problems in relation to your data, or wish to notify us of data which is inaccurate, please let us know by contacting us using the contact details in Part 12.
In the event that you are not satisfied with our processing of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office at www.ico.org.uk. Further information about your rights can also be obtained from the Information Commissioner’s Office.
Personal data is information that you give to us when communicating with us by phone, email, post, social media or in person when visiting one of our sites, entering a request for a call back from the Company via our website or requesting a sample or making a purchase through our company websites or through the sharing of business cards.
We may collect some or all of the following personal data about you, the data we do collect about you may vary depending on our relationship with you.
- Email address
- Telephone number including mobile telephone number(s)
- Business/ company name
- Job title
- Credit card information/payment card details
- Billing and delivery address
- Car registration details
- Your communication and marketing preferences, your interests, preferences and feedback
- Purchases and orders history made by you
We obtain personal information:
- Directly from you, for example when you complete an online purchase/ order from us
We may obtain some personal information through the use of CCTV. We use CCTV on our premises to ensure the safety and security of our staff, customers and suppliers.
We may also collect information about you from other sources, and combine such information with information we hold about you – including where:
- You provide information to us through other publicly available personal data, including any which you have shared via a public platform (such as a Twitter feed or public Facebook page).
Information we may collect when visiting our website(s)
- Technical information, including the Internet Protocol (IP) address used to connect your computer to the Internet, browser type and version, time zone setting, the country and telephone area code where your computer is located, browser plug-in types and versions, operating system and platform;
- Information about your visit, including password(s), the full Uniform Resource Locators (URL) clickstream to, through and from our sites (including date and time); products you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks and mouse-overs), methods used to browse away from page, and any phone number used to call our customer service number.
Under the GDPR, we must always have a lawful basis for using personal data. The information that we collect and store relating to you is primarily used to enable us to provide our products and services to you. This may be because the data is necessary for our performance of a contract with you, because you have consented to our use of your personal data, because it is in our legitimate business interests to use it or to meet our legal obligation. Your personal data will be used for the following purposes in relation to an agreement to supply our products or services to you:
- Providing and managing your account.
- Entering into a contractual arrangement with you.
- Supplying our products to you. Your personal details are required in order for us to enter into a contract with you.
- Communicating with you. This may include responding to emails or calls from you.
- To administer payments from you for our products.
In addition, we may use the information for the following purposes in our legitimate interests to improve our products and services:
- To respond to any complaint that you may make.
- To administer our site and telephone services, and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes.
- To improve our site and telephone services to ensure that information is provided in the most effective manner for you (and for your computer).
- As part of our efforts to keep our site and telephone services safe and secure.
We may also process the information to comply with legal requirements relating to:
- The provision of products and services.
- Data protection.
- Health and safety.
- Anti-money laundering and fraud investigations.
- Assisting law enforcement.
- Any other legal obligations placed on us from time to time.
With your permission we may also use your personal data for marketing purposes, which may include contacting you by email or post with information, news, and offers on our products. You will not be sent any unlawful marketing or spam. We will always work to fully protect your rights and comply with our obligations under the GDPR. Where we have your consent, you have the right to withdraw it. We will let you know how to do that at the time we obtain your consent.
In limited circumstances we may need to share your personal data with some of our service partners. These include our third-party IT providers, payment processing companies and delivery companies.
Belfield Group only allows its service providers to handle your personal data when we have confirmed that they apply appropriate data protection and security controls. We also impose contractual obligations on service providers relating to data protection and security, which mean they can only use your data to provide services to Belfield Group and to you, and for no other purposes.
We will share personal information within our Group and with others outside Belfield Furnishings Group Ltd, where we need to do that to make products and services available to you, market products and services to you, meet or enforce a legal obligation or where it is fair and reasonable for us to do so. We will only share your personal information to the extent needed for those purposes.
In addition, we will disclose your personal information to the relevant third party in the event that we sell or buy any business or assets or are acquired, in which case we will disclose your personal data to the prospective seller or buyer as appropriate in order to maintain service and business continuity.
Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access. We will only store or transfer your personal data in the UK. This means that it will be fully protected under the GDPR. If in future we do need to transfer your data outside the European Economic Area, we will only do so if adequate protection measures are in place in compliance with data protection legislation.
If you want to know what personal data we have about you, you can ask us for details of that personal data and for a copy of it (where any such personal data is held). This is known as a “subject access request”.
We ask that you please make your subject access request either verbally or in writing please use the contact details which are set out in Part 12.
There is not normally any charge for a subject access request. If your request is ‘manifestly unfounded or excessive’ (for example, if you make repetitive requests) a fee may be charged to cover our administrative costs in responding.
We will respond to your subject access request within one month of receiving it. Normally, we aim to provide a complete response, including a copy of your personal data within that time.
In some cases, however, particularly if your request is more complex, more time may be required up to a maximum of three months from the date we receive your request. You will be kept fully informed of our progress.
To contact us about anything to do with your personal data and data protection, including subject access requests, please use the following details:
Data Protection Officer
0115 907 1700