D&R Furnishers safeguards your information through a data protection regime that is effective and adheres to GDPR compliance. Our procedures are summarised in this statement.
Our managerial staff are responsible for adhering to this policy.
Data Controller – Camilla Dible
In accordance with GDPR compliance, we confirm the only personal information we hold is;
-Current and delivered sales orders – accessed by sales, production and accounts staff for administration purposes.
-Sales invoices – accessed by accounts staff for administration purposes and our accountants for tax purposes.
External workshops, suppliers and accountants’ firms we use are GDPR compliant and our own staff know of our strict adherence.
Emails – kept on a secure server and archived after one year. Depending on subject matter, deleted after 1-5 years. Only accessed by administration and sales staff.
Letters – kept as hard copy and on PC. Depending on subject matter, shredded in the appropriate manner after 1-5 years. Only accessed by administration and sales staff.
Orders – kept in accordance with HMRC recommendations for 5 years on as hard copy. Then shredded/deleted in the appropriate manner. Only accessed by sales and accounts staff.
Invoices – kept in accordance with HMRC recommendations for 5 years on our computers and as hard copy. Then shredded/deleted in the appropriate manner. Only accessed by sales and accounts staff and our accountants firm.
Access to our computers is by passwords. Two directors and 4 members of staff have access to the computer system and all have knowledge of current GDPR legislation. We use up to date firewalls and anti-corruption systems. Our computers are regularly checked to ensure their security has not been compromised. Back-ups are via One Drive and 1 external hard drive.
Our IT Support company is GDPR compliant.
We will never give any personal information we hold for you to any third parties without your permission.
Occasionally it is necessary for us to provide your information for goods to be sent direct to you from a supplier. If this is the case we will seek your permission first.
Upon request, and with 30 days’ notice, we are happy to let you know of any information we hold on you, how we use it and how we intend to keep/delete it. Subject to any tax implications, we would be happy to up-date, correct or delete such details.
You have the right to request erasure or restrict processing in accordance with data protection laws. You also have the right to lodge a complaint or seek judicial remedy if our systems are found to be unfit for purpose.
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
While you visit our site, we’ll track:
When you purchase from us, we’ll ask you to provide information including your name, billing address, shipping address, email address, phone number, credit card/payment details and optional account information like username and password. We’ll use this information for purposes, such as, to:
If you create an account, we will store your name, address, email and phone number, which will be used to populate the checkout for future orders.
We generally store information about you for as long as we need the information for the purposes for which we collect and use it, and we are not legally required to continue to keep it. For example, we will store order information for 5 years for tax and accounting purposes. This includes your name, email address and billing and shipping addresses.
We will also store comments or reviews, if you choose to leave them.
Members of our team have access to the information you provide us. For example, both Administrators and Shop Managers can access:
Our team members have access to this information to help fulfil orders, process refunds and support you.
We accept payments through PayPal and Stripe. When processing payments, some of your data will be passed to PayPal and Stripe, including information required to process or support the payment, such as the purchase total and billing information.