Privacy Policy

WHO WE ARE AND HOW TO CONTACT US

We are LC Flooring (referred to in this document as ‘we’ or ‘us’).

We are committed to doing the right thing when it comes to how we collect, use and protect your personal data; in this policy we explain how we handle your personal data.

Please read this privacy policy carefully to understand how our views and practices and your rights regarding your personal data. Our Data Protection Officer can be contacted at lee@lcflooring.co.uk , and is referred to throughout this document as the DPO.

Alternatively, you can write to us at LC Flooring, 4 Mill Hill, Shoreham By Sea, West Sussex BN43 5TH.

Should you have any issues, concerns or problems in relation to your data, or wish to notify us of data, which is inaccurate, please let us know by contacting us. In the event that you are not satisfied with our processing of your personal data, you have the right to lodge a complaint with the relevant supervisory authority, which is the Information Commissioner’s Office (ICO) in the UK, at any time. The ICO’s contact details are available at: https://ico.org.uk/concerns/.

CHANGES TO THIS PRIVACY POLICY

We will update this privacy policy when necessary. When we post changes to this policy, we will revise the “last updated” date at the top of the policy and highlight what has changed. If there are any changes in how LC Flooring will use your personal data, we will notify you by directly sending you a notification. We encourage you to periodically review this privacy policy to learn how LC Flooring is protecting your information.

THE LEGAL BASIS THAT WE RELY ON

Data Protection law sets out several different reasons why a company can collect and process your personal data. The bases that we use as a company are:

CONTRACTUAL OBLIGATIONS

Where we have a contract with you, we will use your personal data to fulfil the contract, for example we collect your address details in order to measure and fit the products that you wish to buy from us.

LEGAL COMPLIANCE

In some cases, the law requires us to collect and pass on your data, for example we pass on details of people involved in fraud or other criminal activity affecting us, to law enforcement.

LEGITIMATE INTEREST

In specific situations, we need your data to pursue our legitimate interests in a way which might reasonably be expected as part of running our business and which does not materially impact your rights, freedom or interests. For example, we will use your purchase history to send you direct marketing information about products and services that are available, and that we believe are of interest you.

WHAT PERSONAL DATA IS

Under GDPR and the Data protection Act 2018 personal data is defined as ‘any information relating to an identified or identifiable living individual’. This will include facts and opinions about that person and any other information that we use to form an opinion or judgement about them.

For example, your name, address, and telephone number are your personal data as they are facts about you as a person, as are notes made about you. Your flooring measurements are not your personal data as they are facts about your floor, not about you, and we do not use them to form an opinion about you.

HOW AND WHY WE USE PERSONAL DATA

We want to give you the best possible customer experience. One way to achieve that is to get the richest picture we can of who you are by combining the data we have about you. We then use this to offer you promotions, products and services that are most likely to interest you.

The data privacy law allows this as part of our legitimate interest in understanding our customers and providing the highest levels of service. If you wish to change how we use your data, you will find details in the ‘What are your rights?’ section below.

If you choose not to share your personal data with us, or refuse certain contact permissions, we might not be able to provide some services you have asked for.

If we intend to use your personal data for any purposes not set out below, we will notify you beforehand.

TO CONFIRM YOUR APPOINTMENT DATE AND TIME

To pursue our legitimate interests to allow you to book appointments, we will contact you to confirm your appointment details. This may be via email, SMS, or telephone.

TO PROVIDE YOU WITH THE GOODS AND SERVICES THAT YOU HAVE ORDERED FROM US

We need your personal data to comply with our contractual obligations so that we can manage your customer account and provide you with the goods and services you want to buy, including sending any relevant and necessary documentation and communications regarding the product or service and help you with any orders and refunds you may ask for. Sometimes we may need to share your details with a third party who is providing a service (such as delivery couriers or a fitter visiting your home). We do this to be able to fulfil our contract with you.

TO ALLOW YOU TO PAY FOR THE GOODS AND SERVICES THAT YOU HAVE RECIVED

To pursue our legitimate interests, we may need to contact you to take payment or pass your details onto third parties for debt collection purposes.

MANAGE AND IMPROVE OUR DAY-TO-DAY OPERATIONS

As a business we have a legitimate interest to ensure that you can safely use our services. To do this we will use your personal data to detect and prevent fraud and other crimes. If we discover or suspect criminal activity through this monitoring, we may pass your personal information to law enforcement to help protect individuals from criminal activities.

PERSONALISE YOUR SHOPPING EXPERIENCE

We may want to provide you with marketing communications, including online advertising, that may be relevant to your interests as part of our
legitimate interests. To achieve this, we may measure your responses to marketing communications relating to products and services we offer, which also means we can offer you products and services that better meet your needs as a customer. You can change your marketing choices at any time, for details of how to do this see the ‘your rights’ section below. For information concerning your choices when it comes to cookies, and how you can control your online behavioural advertising preferences please visit www.lcflooring.co.uk/cookie-information.

Cookies can be blocked by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our site.

CONTRACT AND INTERACT WITH YOU

We want to serve you better as a customer so we use personal data to provide clarification or assistance in response to communications you have sent to us, including social media posts that you have directed at us as part of our legitimate interests to interact with our customers and improve their experience.

UNDERSTAND AND IMRPROVE SERVICE LEVELS

To pursue our legitimate interests as a company, we want to improve the service that we provide to our customers and understand the cause of any issues that might have arisen during the order process.

To do this we may process your personal data to monitor the status and outcome of your order and to generate a range of internal analysis aimed at identifying any areas of improvement.

TO COMPLY WITH OUR LEGAL OBLIGATIONS

In some cases, we will need to process your personal data to comply with our legal obligations. For example, we sometimes need you to verify your identity before responding to your requests.

To send you communications required by law, or which are needed to inform you about changes to products or services that have been provided to you. For example, updates to this Privacy policy, product recall notices or information we are legally required to communicate to you regarding your order. These messages will not include any marketing content.

We will need to comply with any legal obligations to share data with law enforcement, for example if a court order is submitted to us requiring that we share your personal data.

TO ENSURE YOUR SAFETY AND DETECT AND PREVERNT CRIME

To pursue our legitimate interests as a company, we have installed CCTV at our premises. This allows us to monitor the safety of visitors, assists in day to day management, and acts as a deterrent against crime, vandalism, and disruption.

WHEN WE COLLECT PERSONAL DATA, AND WHAT DATA WE COLLECT

This section lets you know under what circumstances we may collect personal information from you, and what personal data we may collect.

WHEN YOU CONTACT US TO REQUEST A BROCHURE, ORDER SAMPLES OR BOOK AN APPOINTMENT, YOU MAY PROVIDE US WITH:

Your personal contact details, including your name, postal address, email address and telephone number.

WHEN YOU PURCHASE PRODUCTS FROM US, YOU MAY PROVIDE US WITH:

Your personal contact details, including your name, postal address, email address and telephone number.

Information about your purchase, for example what you have bought, when you bought it, what the installation address is and financial information relating to how you paid for it.

WHEN YOU BROWSE OUR WEBSITES, WE MAY COLLECT:

  • Information gathered using cookies in your web browser.
  • Information about the device you have used to access the Website (including the make, model and operating system, IP address, browser type and mobile device identifiers)
  • Your IP address is a unique identifier used to identify the computer or device that you are using to access the internet.
  • Information about your online browsing behaviour on our Website, including which site you came from and products that you are interested in, and information about when you click on one of our adverts, including those shown on other organisations’ websites.

WHEN WE CONTACT YOU WE MAY COLLECT:

  • Details of the emails and other digital communications we send to you that you open, including any links in them that you click on

WHEN YOU CONTACT US (INCLUDING VIA SOCIAL MEDIA) WE MAY COLLECT:

  • Personal data you provide about yourself any time you contact us about our Services (for example, your name, social media username and contact details), including by phone, email or post or when you speak with us through social media.
  • Details of your interactions with us. For example, we may collect notes of conversations with you, details of any complaints or comments you have made and copies of emails that you have sent us.

WHEN YOU COMMENT ON OR REVIEW OUR PRODUCTS AND SERVICES ONLINE

  • Your comments and product reviews if posted online.

WHEN YOU VISIT OUR PREMISES, WE MAY COLLECT:

  • Images of you during your visit.

It is important that personal data we hold about you is accurate and up to date. Please keep us informed if your personal data changes during your relationship with us. Our contact details can be found at the end of this privacy notice or at the ‘Contact Us’ tab of our website.

HOW WE PROTECT YOUR DATA

We take the security of your data seriously. We have internal policies and controls in place to ensure that your data is not lost, accidentally destroyed, misused or disclosed, and is not accessed except by our employees in the performance of their duties.

We regularly monitor our system for possible vulnerabilities and attacks, and we carry out penetration testing to identify ways to further strengthen security.

Where we engage with third parties to process personal data on our behalf, we do so, on the basis of written instructions, are under a duty of
confidentiality and are obliged to implement appropriate technical and organisational measures to ensure the security of data.

HOW LONG WE KEEP YOUR DATA FOR

We will not keep your personal data for longer than is necessary for the purpose or purposes that it was initially collected. At the end of that retention period, your data will either be securely deleted or anonymised, for example by aggregation with other data so that it can be used in a non-identifiable way for statistical analysis and business planning.

Some examples of retention periods are below:

  • When you call our contact number, we may record the conversation, if we do this will be held for a maximum of 12 months unless the call is required for the resolution of an ongoing dispute.
  • If you place an order with us, we must retain the details of the order, including your personal data, for 10 years to comply with our legal and contractual obligations. If the order included a warranty which was for a longer period than this, and you have registered that warranty with us, we will keep details of the warranty period and any associated personal data for the duration of the warranty period.

WHO WE SHARE YOUR PERSONAL DATA WITH

We will share your personal information with third parties.

PARTNERS AND SERVICE PROVIDERS

  • We apply the following policy when we share your personal information with external organisations.
  • We provide only the information they need to perform their specific services.
  • They may only use your data for the exact purposes we specify in our contract with them.
  • We work closely with them to ensure that your privacy is always respected and protected.
  • If we stop using their services, any of your data held by them will either be deleted or rendered anonymous.

We work with carefully selected Service Providers that carry out certain functions on our behalf. These include, for example, companies that help us with technology services, storing and combining data, processing payments, and delivering orders. We only share personal data that enable our Service Providers to provide their services.

Some of the Service Providers we work with operate online media channels, and they place relevant online advertising for our products and services, as well as those of our suppliers and our Retail Partners, on those online media channels on our behalf. For example, you may see an advert for our services as you use a particular social media site.

In addition to our use of Service Providers, we may also disclose your personal data to our suppliers or subcontractors in order to provide you with the Services you have requested from us.

We may disclose your personal data on the basis of our legitimate interests to our insurers and/or professional advisers insofar as reasonably
necessary for the purposes of obtaining or maintaining insurance coverage, managing risks, obtaining professional advice, or the establishment, exercise or defence of legal claims, whether in court proceedings or in an administrative or out-of-court procedure.

See Appendix 1 for more information.

OTHER ORGANISATIONS

We may share personal data with other organisations not included in the list in the previous section in the following circumstances:

  • if the law or a public authority says we must share the personal data.
  • if we need to share personal data in order to establish, exercise or defend our legal rights (this includes providing personal data to others for the purposes of preventing fraud and reducing credit risk).
  • to an organisation we sell or transfer (or enter negotiations to sell or transfer) any of our businesses or any of our rights or obligations under any agreement we may have with you to. If the transfer or sale goes ahead, the organisation receiving your personal data can use your personal data in the same way as us; or
  • to any other successors in title to our business.
  • Additionally, we will disclose your personal information to the relevant third party:
  • In the event that we sell or buy any business or assets, in which case we will disclose your personal data to the prospective seller or buyer of such business or assets.
  • If we are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets; or
  • If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms of use and other agreements; or to protect the rights, property, or safety of our customers, our regulator, or others. [This includes exchanging information with other companies and organisations for the purposes of fraud protection and prevention of money laundering and credit risk reduction].

INTERNATIONAL TRANSFERS OF YOUR PERSONAL DATA

At LC Flooring we take your safety and security very seriously and we are committed to protecting your personal and financial information. All
information kept by us is stored on our secure servers.

We do not transfer your data outside the European Economic Area (“EEA”). If in future we do need to transfer your data outside the EEA, we will only do so if adequate protection measures are in place in compliance with data protection legislation.

WHAT ARE YOUR RIGHTS?

Under General Data Protection Regulation (GDPR) you have a number of rights. Some of these are complex and not all of the details have been
included in our summaries below. Please read the relevant guidance from the Information Commissioner’s Office on their website at https://ico.org.uk/for-the-public/

You have the right:

  1. To ask us not to process your personal data for marketing purposes. We will inform you if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes.
  2. To ask us not to process your personal data where it is processed based on legitimate interests provided that there are no compelling
    reasons for that processing.
  3. To request from us access to personal information held about you.
  4. To ask for the information we hold about you to be rectified if it is inaccurate or incomplete.
  5. To ask for data to be erased provided that the personal data is no longer necessary for the purposes for which it was collected, you withdraw consent (if the legal basis for processing is consent), you exercise your right to object, set out below, and there are no overriding legitimate ground for processing, the data is unlawfully processed, the data needs to be erased to comply with a legal obligation or the data is children’s data and was collected in relation to an offer of information society services;
  6. To ask for the processing of that information to be restricted if the accuracy of that data is contested, the processing is unlawful, the
    personal data is no longer necessary for the purposes for which it was collected or you exercise your right to object (pending verification of whether there are legitimate grounds for processing); Where use of your personal data is based on consent, you can withdraw that consent at any time.for a full explanation of these rights.

APPENDIX 1 – LIST OF DATA PROCESSORS

We may share your personal data with the following categories of service providers:

  • App developers
  • Courier services
  • Government bodies
  • HMRC and the courts
  • Insurance providers
  • IT consultants
  • IT service providers
  • Legal Advisors
  • Payment providers
  • Postal services
  • Supplier
  • Tracing and tracking agents