At Global Retail Brands UK Limited, trading as House UK (“we” “us”) (registered office C/O Pkf Littlejohn 2nd Floor, 1 Westferry Circus, Canary Wharf, London, United Kingdom, E14 4HD, company number 10642380 and VAT number 282 2904 01), your privacy is important to us. We are committed to protecting your privacy when managing your personal information. We have policies and procedures to ensure that all personal information is handled carefully and securely in accordance with all applicable data protection law, including the General Data Protection Regulation (EU) (the “GDPR”). By visiting www.houseuk.com (our “Site”) you are accepting and consenting to the practices described in this policy.
- what kind of personal information we may gather about you and for what purpose;
- how we may use that information, who may receive it and the choices you have regarding our use of such information;
- how long we may keep your personal information and whether we disclose it to anyone;
- how you may inquire, access and/or seek correction of your personal information and our access and correction handling procedure; and
- how you may alert us about an alleged breach of the GDPR and our complaint handling procedure.
This website is not intended for children and we do not knowingly collect data relating to children.
2. Collection of information
The types of information that we collect from you will depend on the circumstances of collection and on the service that we are providing to you.
Personal information, or personal data, means any information from an individual which can be identified. It does not include data where the ability to identify an individual has been removed (anonymous data). The type of personal information collected will be directly related to the specified purpose it has been collected for. How much of your personal information that you choose to disclose to us is completely up to you. The only way we know something about you personally is if you provide it to us. However, failure to provide certain information may result in us being unable to provide you with the relevant product or service. We will make you aware of the purpose for which we collect the personal information and, where possible, the consequences of not providing it at the time of collection.
We may collect, use, store and transfer different kinds of personal data. For example:
- If you request products or services from us, we may collect information about your identity (such as your name, gender and date of birth), your contact details (ie billing and/or postal address, phone number(s) or email address).
- If you log on to our website we may collect technical information about your computer such as your IP address, geographical location, browser type and referral source.
- If you sign up to use a particular service such as our newsletter(s) and e-newslettters, mail outs (about product updates and developments, special events or promotions), loyalty or rewards program(s) or enter into a competition operated by us, we may collect information about your profile such as your interests, preferences and any other information required to provide that service to you (in addition to your name and contact details).
- If you participate in any surveys we, or a third party service provider acting on our behalf, may conduct from time to time on our website, personal information relating to your survey responses.
- If you make an inquiry, provide feedback or make a complaint to us, we may collect your name and contact details.
- If you are applying for employment with us, we may collect any information that is relevant to such employment including:
- your name and contact details (ie residential address, phone number(s) and/or email address); and
- any other information relevant to the recruitment process (including any information contained in the application form and your resume).
You acknowledge that the personal information we collect from you is your own information or information which you have been authorised to provide us.
We do not generally collect any special categories of personal data about you, such as racial or ethnicity information, religious or philosophical beliefs, sex life or sexual orientation, political opinions or associations, information about your health and genetic and biometric data, nor do we collect any information about criminal records. However, we may collect sensitive information from you in the course of considering an application for employment in such circumstances such data would be held in accordance with GDPR, if applicable.
We may also collect aggregated data about visitors to our website(s). For example, we may collect:
- statistical information about the number of visitors to the websites and the date, time and duration of visits;
- the name of the domain/URL from which you access our websites; and
- the internet protocol address.
3. Method of collection
Personal information will only be collected through lawful and fair means.
We collect your personal information when you deal with us directly, including via our website(s) or our social media pages, via forms or correspondence (ie by mail or email), over the phone or in person.
We may also collect personal information through our related bodies corporate and our third party service providers (such as data relating to survey responses) so that we may provide a better or more relevant product to you.
4. Use of information
Use of personal information
We will use the personal information you have chosen to provide us for the specific purpose for which you provided it or a related secondary purpose which is not incompatible with the original purpose. We will not use it for any other purpose without your consent, unless permitted or required by law.
Generally, we will use your personal information for the following purposes:
- providing the products and/or services you have requested from us including for example:
- to process sales transactions (whether in store or online);
- to deliver the products or services to you;
- to register you for a service requested by you, such as our newsletter(s) and e-newslettters, mail outs, rewards program(s) or competitions and administering such services;
- to manage warranty claims;
- to process refunds; and
- to respond to any inquiries, feedback or complaints made by you;
- direct marketing of products and services which we believe may interest you, including product updates and developments, special events or promotions;
- assisting us to improve our products and services and making them more relevant to you;
- assisting us to improve our website(s) or social media pages;
- processing and assessing employment applications for current and future positions; and
- otherwise managing our internal business operations and processes.
We will only use your personal information for the purpose of direct marketing activities where we have obtained your consent to do so, or in circumstances where we have collected the information directly from you and are contacting you in relation to your order or about products/services similar to those you have purchased in the past.
We will provide you with the opportunity to “opt out” of receiving marketing materials at any time by either unsubscribing from the email service or contacting our Privacy Officer via the contact details provided at paragraph 14 below.
5. Purpose and lawful basis
Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data. Please contact us if you need details about the specific legal ground we are relying on to process your personal data where more than one ground has been set out in the table at paragraph 15 below.
There will be occasions where it will be necessary for us to disclose your personal information to third parties.
We may disclose your personal information to the following parties for the purposes set out in the table at paragraph 15 below:
- contractors and third party service providers on a confidential basis that we use in the ordinary course of our business to assist with the delivery of our products or services. This includes organisations such as marketing agencies, data processing companies, printing and mailing houses, delivery companies, data storage companies (which may use cloud computing storage systems which have the potential to make your personal information accessible by overseas entities) or finance agencies or debt collection agencies;
- other members of our corporate group for marketing purposes (subject to the Direct Marketing paragraph set out above);
- government authorities or other third parties as required by law; or
- any other purpose that you have consented to
7. Transfer of information outside the UK
- we will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission;
- where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe; and
- where we transfer to US group companies or use providers who are based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US.
Otherwise than stated above, we do not disclose personal information that you may give us to any organisation or person outside of us unless you have authorised us to do so.
8. No sale of personal information
Under no circumstances will we sell or receive payment for licensing or disclosing your personal information.
The security of your information is important to us. We operate secure data networks using the latest Secure Server Technology that are designed to protect your privacy and security. When we have collected information about you it cannot be seen or modified by anyone else. We have implemented generally acceptable standards of technology and operational security to ensure personal information (in both physical and electronic form) is protected against loss, misuse, interference and unauthorized access. You are responsible for keeping any passwords you have implemented secure.
Only authorised personnel and contractors are provided access to personal information and have agreed to ensure the confidentiality of this information. Reasonable steps are taken to destroy or permanently de-identify any personal information that is no longer required.
We review and update our security measures in light of current technologies. You should however be aware that the internet is not a secure environment and information sent via the internet (including email) cannot be guaranteed to be totally secure. Although we do our best to protect your personal information, we cannot guarantee the security of the information transmitted and any transmission is at your own risk.
10. Data retention
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
By law we have to keep basic information about our customers (including contact, identity, financial and transaction data) for six years after they cease being customers for tax purposes.
In some circumstances you can ask us to delete your data: see 11. Data Quality, access and correction: Correction below for further information.
In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
11. Data quality, access and correction
If you are a subscriber to one of our online services or products or loyalty programs, you may access your personal information by accessing your subscriber/account details via the relevant facility on our websites.
Otherwise, you may at any time, request access to personal information that we hold about you by making a request to our Privacy Officer at the address or email address below for a fee of £10, as specified by law.
We will endeavour to process any requests for access to personal information within a reasonable period of time. Where possible, we will provide you with access to that information either by providing you with copies of the information requested, allowing you to inspect the information requested, or providing you with a summary of the information held.
We will try to ensure that all information we collect, use or disclose about you is accurate, complete, up-to-date and relevant to the service being provided. If you are a subscriber to one of our online services or products, you may change your personal information by accessing your subscriber/account details via the relevant facility on our website(s).
Otherwise, if you discover or suspect that there is an error or information is missing or out of date, please forward your request for correction to our Privacy Officer in writing at the address or email address at paragraph 14 below. Our Privacy Officer will update your information free of charge.
You also have the right to:
- have personal information we hold about you erased from our systems;
- object to the processing of your personal information where we are relying on a legitimate interest;
- request the transfer of your data to you or to a third party;
- have the processing of your personal information restricted; and
- receive the personal information we hold about you transmitted to another party.
Please contact our Privacy Officer for further assistance.
13. Complaints about privacy and our complaint handling procedure
If you have any complaints relating to the management of your personal information or if you believe there has been a breach of the GDPR by us, please forward your complaint in writing to our Privacy Officer at the address or email address below.
If you are still not satisfied after lodging a complaint with us and giving us a reasonable time to respond, then we suggest that you contact the UK’s Information Commissioner’s Office (www.ico.org.uk), the UK supervisory authority for data protection issues, or the equivalent regulatory authority in your country.
14. Contact Privacy Officer
Please contact our Privacy Officer on the contact details below if you would like to:
- inquire about or request access and/or update your personal information;
- report an alleged breach of your privacy rights or make a complaint; or
15. Table of purpose(s) and lawful basis
|Purpose/Activity||Type of data||Lawful basis for processing including basis of legitimate interest|
|To register you for a service requested by you||
||Performance of a contract with you|
|To process sales transactions and deliver the products or services to you including:
|To manage our relationship with you which will include:
|To enable you to partake in rewards programs and competitions or to complete a survey||
|To administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)||
|To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you||
||Necessary for our legitimate interests (to study how customers use our products/services, to develop them, to grow our business and to inform our marketing strategy)|
|To use data analytics to improve our website, social media page(s), products/services, marketing, customer relationships and experiences||
||Necessary for our legitimate interests (to define types of customers for our products and services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy)|
|To make suggestions and recommendations to you about goods or services that may be of interest to you (i.e. direct marketing)||
||Necessary for our legitimate interests (to develop our products/services and grow our business)|
Comply with a legal or regulatory obligation means processing your personal data where it is necessary for compliance with a legal or regulatory obligation that we are subject to.
Legitimate interest means the interest of our business in conducting and managing our business to enable us to give you the best service/product and the best and most secure experience. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by contacting us.
Performance of contract means processing your data where it is necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract.