Who we are
ICO Registration number: ZA504939
Purpose of the Policy
Maintaining the security of your data is a priority at Rose and Grey Ltd and we are committed to respecting your privacy rights. We pledge to handle your data fairly and legally at all times. We are also dedicated to being transparent about what data we collect about you and how we use it.
This policy, which applies when you visit us online, via your mobile device or physically in our store, provides you with information about:
- How we collect and use your information
- Who do we share it with
- Marketing messages
- Seeing adverts online
- How we protect your data
- How long we keep your data
- Your rights
- How to contact us
How we collect and use your information.
We process your personal data to meet our legal, statutory and contractual obligations and to provide you with our products and services. You do not have to give us any personal information but if you decide not to you may not be able to buy from our site and you are unlikely to receive our optimal customer experience.
We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
- Where we need to perform the contract we are about to enter into or have entered into with you.
- Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
- Where we need to comply with a legal or regulatory obligation.
- Legitimate Interest means the interest of our business in conducting and managing our business to enable us to give you the best service/product and the best and most secure experience. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where the impact on you is not justifiable (unless we have your consent or are otherwise required or permitted to by law).
- Performance of Contract means processing your data where it is necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract.
- Comply with a legal or regulatory obligation means processing your personal data where it is necessary for compliance with a legal or regulatory obligation that we are subject to.
The personal data we collect is as follows:
- Your on-site browsing behavior, including the products and pages you have viewed, IP address and browser details etc.
- Your name, email and telephone.
- Your organisation details, if provided.
- Your addresses, payment details and any other data you provide as required for processing your orders and returns. Please note we do not store your payment details from online transactions.
- Communication between us, including emails, text messages and telephone calls.
- Gift card details.
- Other data entered into our site for specific purposes, for example the creation of wish lists.
- Marketing and communications data – your preferences in receiving marketing from us and our third parties and your communication preferences
Any other data collection is detailed at the point it is collected in a separate notice.
How we use your data
We use your name and contact details to:
- Process orders you have placed on-line or in store and deliver your purchases to you. If we don't collect your personal data during checkout, we won't be able to do this and comply with legal obligations. For example, your details may need to be passed to a third party to supply or deliver the product or service that you ordered, and we may keep your details for a reasonable period afterwards in order to fulfil any contractual obligations such as refunds and guarantees.
- Send you service messages by text, e-mail or through social media, such as order updates to ensure a smooth customer experience and fulfil our contractual obligations
- Send you relevant communications by email or post in relation to updates, products and services and to send fabric swatches you have requested. We'll do this on the basis of our legitimate business interest and where you have opted in to receive these. You are free to opt out of hearing from us by email or post at any time. Email us at email@example.com
- Prevent and detect fraud- We'll do this on the basis of our legitimate business interest and to protect our customers
- Show you adverts as you browse the web - We'll do this on the basis of our legitimate business interest.
- Find out what you and our other customers like - We'll do this on the basis of our legitimate business interest.
We use your payment information to:
- Take payments and give refunds
- Prevent and detect fraud
We do this on the basis of our legitimate business interests
We use external payment systems such as SAGE Pay, PayPal, Klarna and Stripe to process all our online payments. All these systems have their own security. We do not store your credit card details and we do not store your card’s security/CVV code.
Klarna Payment Method
In order to be able to offer you Klarna’s payment options, we will pass to Klarna certain aspects of your personal information, such as contact and order details, in order for Klarna to assess whether you qualify for their payment options and to tailor the payment options for you.
We use your contact history with us (phone, email, post) to:
- Provide customer service and support
- Process refunds and maintain guarantees
We use your purchase history and saved basket items to:
- Sell you things
- Provide customer service and support and handle returns/exchanges
- Find out what you and our other customers like
We use information when you browse our website using your phone or computer to:
- Improve our website by noting your IP address and device type
- Protect our website
- Show you products that are relevant to you via a personalisation engine
We use information from accounts you link to us through Facebook and Twitter to:
- Provide you with product recommendations
- Show you adverts for relevant products
We use your responses to surveys, competitions and promotions to:
- Run the survey, competition or promotion
- Improve our customer service to you
- Improve our product range
Sharing your information
We may have to share your personal data with the parties set out below for the purposes described above. We do not, and will not, sell any of your personal data to any third party. This includes your name, address, email address or credit card information.
We do however share your data with the following categories of companies as an essential part of being able to provide our services to you:
- Companies that require information to get your purchases to you, such as delivery companies, finance providers and payment service providers
- IT companies who support our website and other business system
- Professional service providers such as marketing agencies, advertising partners, Feefo review site and website hosts, who help us run our business
- Credit reference agencies, law enforcement and fraud prevention agencies, so we can help tackle fraud
- External payment providers where you choose to use their payment service (SAGE PayPal, Stripe etc)
- Our catalogues are delivered by a mailing house, so we need to share your name and address with them. We have ensured that our chosen mailing house will treat your personal data with as much respect as we do.
If you have agreed we will send you marketing messages by email, and post to keep you aware of what we’re up to and to help you see and find our products.
How to stop marketing messages from us
You can stop receiving marketing messages from us at any time. You can do this through your account settings, by clicking on the ‘unsubscribe’ link in any email or by contacting us directly at firstname.lastname@example.org or see our Contact Us page.
Once you do this, we will update your profile to ensure that you don’t receive further marketing messages but please be aware that it may take a few days for all our systems to be updated and that you may receive messages from us while we process your request.
Stopping marketing messages will not stop service communications such as order updates or customer service messages.
Seeing adverts online
We engage in online advertising to keep our customers aware of what we are up to and to help you see and find our products more easily.
We target advertising banners and ads to you when you are on other websites and we do this using a variety of digital marketing networks and ad exchanges. We may use a range of advertising technologies and mobile identifiers, as well as specific services offered by some sites and social networks.
The banners and ads you see will be based on information we hold about you.
How we protect your data
We take your privacy and data security seriously and we take every reasonable measure and precaution to protect and secure your personal data. We work hard to protect your information from unauthorised access, alteration, disclosure or destruction and have several layers of security measures in place
We secure access to all transactional areas of our websites and apps using 'http' technology.
We regularly monitor our system for possible vulnerabilities and attacks using security metrics.
Your data outside the EEA
Please note that Epsilon Abacus who provide us with a data profiling service may transfer data outside the EEA. The transfer will take place in the presence of appropriate safeguards, including standard data protection clauses adopted by the EU commission. If you would like more information, please contact us.
Keeping your information
We will hold on to your information for as long as you have your account or for as long as it is needed to be able to provide the services to you.
If for any reason we are required to meet legal or regulatory requirements, resolve disputes, prevent fraud and abuse or enforce our terms and conditions, we may keep hold of some of your information as required, even after you have closed your account, or it is no longer needed to provide the services to you.
Regarding your personal information you have:
- The right to be informed about how your personal information is being used
- The right to access the personal information we hold about you
- The right to request the correction of inaccurate personal information we hold about you
- The right to request that we delete your data, or stop processing it or collecting it
- The right to stop direct marketing messages and to withdraw consent for other consent-based processing at any time
- The right to request that we transfer or port elements of your data either to you or another service provider
- The right to complain to your data protection regulator (the Information Commissioner’s Office in the UK) but we hope you would contact us first so we can resolve any issues for you
You also have the right not to be subject to a decision that is based solely on automated processing, including profiling. Our communications both via email and post are designed to give you relevant offers and we may use the information we have about you to tailor our content and ensure we are staying relevant to your needs. Rose and Grey therefore undertake some profiling on our customers, but we do not believe these to have a legal or other significant effect on you.
If you do not wish us to use your data for this purpose please email us at email@example.com
- Site functionality cookies: these cookies allow you to navigate the site and use our features such as “Add to Basket”
- Site analytics cookies: these cookies allow us to measure and analyse how our customers use the site and therefore improve both its functionality and your shopping experience
- Targeting or advertising cookies: these cookies are used to deliver ads relevant to you and to show you products that you have looked at previously on our site. They also limit the number of times that you see an ad and help us measure the effectiveness of our marketing campaigns
By using our site, you agree to us placing these sorts of cookies on your device and accessing them when you visit the site in the future. If you want to delete any cookies that are already on your computer, the “help” section in your browser should provide instructions on how to locate the file or directory that stores cookies. Further information about cookies can be found at http://ico.org.uk/for-organisations/guide-to-pecr/cookies-and-similar-technologies/ . Please note that by deleting or disabling future cookies, your user experience may be affected, and you might not be able to take advantage of certain functions of our site.
How to contact us
If you would like to contact us for any of the following reasons:
- Have any questions or feedback about this notice
- Would like us to stop using your information
- Want to exercise any of your rights as set out above, or have a complaint
Then please do so via post at
Rose and Grey Ltd
Unit 4, 31 Atlantic Street
By phone on 0161 926 8763
or by email at firstname.lastname@example.org