1. Introduction

1.1 At Furniture Outlet, we are committed to protecting the privacy of our website visitors and customers. This policy outlines how we handle personal data in accordance with UK GDPR regulations.

1.2 As a data controller, we determine the purposes and methods by which personal data is processed to ensure transparency and security.

1.3 Our website includes privacy settings, typically accessible within your account, that allow you to manage your personal data preferences, including marketing communications and data sharing. You can also manage cookie preferences through your web browser settings as detailed in Section 8.

1.4 We use cookies to enhance your Browse experience. Non-essential cookies will only be used with your consent, which can be managed when you first visit our website.

1.5 References to “we,” “us,” or “our” in this policy refer to Essex Furniture Outlets Limited, trading as Furniture Outlet. Further details about our company can be found in Section 14.

2. Personal Data We Collect

2.1 This section outlines the types of personal data we process, including information collected directly from you, data generated from your interactions with our website, and data processed through our trusted third-party service providers (such as payment platforms and analytics tools).

2.2 Contact Information – We collect details such as your name, email address, phone number, and postal address to facilitate communication and customer service. This data is provided directly by you.

2.3 Account Information – If you create an account on our website, we process details like your account ID, name, email, (where provided) business name, account preferences, and marketing settings. Some of this data is generated by our website based on your interactions.

2.4 Transaction Data – When you make a purchase, we process details related to your order, including your name, contact information, (where provided) business name and address, payment details, and transaction history. This data comes from you and our payment service providers.

2.5 Communication Data – We process information related to messages exchanged between you and us, including email content and metadata associated with communications.

2.6 Usage Data – We collect information about how you interact with our website, such as your IP address, location, browser type, operating system, referral sources, time spent on pages, and navigation patterns. This data is gathered through analytics tools like Google Analytics, Google Ads, and Facebook Pixel.

3. Purpose of Data Processing & Legal Basis

3.1 This section explains why we collect and process personal data, along with the legal basis for doing so.

3.2 Website & Order Management – We process personal data to manage our website, fulfil orders, provide services, and handle invoicing and payments. The legal basis for this is our legitimate interest in ensuring smooth business operations and performance of a contract with you.

3.3 Content & Publications – If you provide content for publication on our website, we may process your account data as per your instructions. This processing is based on our legitimate interest in displaying user-generated content.

3.4 Customer Support & Communication – We use contact, account, transaction, and communication data to maintain relationships, answer queries, provide support, and resolve complaints. This includes contacting you to make delivery arrangements. The legal basis for this is our legitimate interest in effective customer engagement and administration, and performance of a contract with you.

3.5 Marketing & Promotions – We use personal data for direct marketing to keep you informed about our products, services, and promotions via email.

  • For marketing communications via email, we rely on your consent where required by law (e.g., for new subscribers who have explicitly opted in to receive marketing).
  • For existing customers, we may send marketing communications about similar products and services based on our legitimate interest in promoting our business, provided your contact details were obtained in the context of a previous sale or negotiations for a sale, and you were given a clear opportunity to opt out at the time of collection and in every subsequent communication.

You can manage your marketing preferences in your account settings or by using the unsubscribe link provided in every marketing communication.

3.6 Research & Analytics – We analyse usage and transaction data to improve website performance, user experience, and service quality. This processing relies on our legitimate interest in optimising business operations.

3.7 Security & Fraud Prevention – We process personal data to maintain security, prevent fraud, and protect our website and customers. The legal basis is our legitimate interest in safeguarding our digital infrastructure.

3.8 Risk & Legal Compliance – We may process personal data to assess risks, obtain legal advice, or maintain insurance coverage. This is necessary for protecting our business and ensuring compliance with regulations.

3.9 Legal Claims – If needed, we may process personal data for legal proceedings, whether in court or via administrative processes, to protect and assert rights.

3.10 Regulatory Obligations & Vital Interests – Some personal data is processed to comply with legal obligations or protect individual interests in critical situations.

4. Sharing Your Personal Data

4.1 We may share personal data with our legal advisors and insurance providers when necessary for risk management, professional consultation, or maintaining business coverage.

4.2 Personal data collected through our website is securely stored on servers managed by third-party hosting and development providers, who adhere to GDPR regulations.

4.3 Payment transactions made through our website are processed by trusted third-party payment providers. We only share relevant transaction details necessary for facilitating payments, refunds, and dispute resolution.

4.4 To manage and send marketing emails, we use secure third-party email service providers. You can opt out of promotional emails at any time via the unsubscribe link or by contacting us (see Section 14).

4.5 Our website uses Google Ads and Meta (Facebook/Instagram) advertising and analytics tools to improve website performance and ensure relevant ad targeting. These platforms help us analyse customer interactions, optimise marketing strategies, and enhance your Browse experience.

4.6 In addition to the outlined practices, we may disclose personal data when required by law or when necessary to protect our business, customers, and third parties.

4.7 No Sale or Purchase of Personal Data – We do not sell, rent, or trade your personal data to any third parties. Any sharing of data with third parties, as outlined in this policy, is strictly for the purpose of providing our services to you, improving our website and marketing efforts, or fulfilling our legal obligations.

4.8 Data Processors – When we share your personal data with third-party service providers, such as hosting, payment, email, or analytics providers, they act as our ‘data processors’. This means they process data on our behalf and solely for the purposes we define. We ensure that these data processors are bound by strict contractual agreements (known as Data Processing Agreements or DPAs) that commit them to comply with UK GDPR data protection standards and implement appropriate security measures to protect your data.

5. Personal Data Storage & Processing

5.1 All personal data we collect, including payment details, is processed and stored exclusively within the United Kingdom in compliance with UK GDPR regulations.

5.2 Payments made through our website are securely processed by Paymentsense, PayPal, or V12 Retail Finance, all of whom adhere to GDPR standards for data protection.

5.3 We do not transfer customer data internationally. If any changes occur regarding data storage or processing locations, we will update this policy accordingly to maintain full compliance.

6. Retaining & Deleting Personal Data

6.1 We retain personal data only for as long as necessary to fulfill the purposes outlined in this policy, comply with legal obligations, and protect our business interests.

6.2 Customer Account & Transaction Data – We store account and transaction records for a minimum of six years, in line with UK tax and financial regulations.

6.3 Marketing Preferences – If you opt out of marketing communications, we retain a record of your preference to ensure compliance with data protection laws.

6.4 Website Analytics & Usage Data – Non-identifiable website usage data is retained for analysis and performance improvements, typically for up to two years.

6.5 Deletion Requests – You can request the deletion of your personal data where legally permitted. Some records may need to be retained for regulatory or contractual reasons.

6.6 When personal data is no longer required, we securely delete or anonymise it to prevent unauthorised access or misuse.

7. Your Rights Under Data Protection Laws

7.1 As a UK resident, you have rights under UK GDPR regarding the personal data we collect and process.

7.2 Access & Rectification – You can request a copy of the personal data we hold about you and ask us to correct any inaccuracies.

7.3 Erasure (Right to Be Forgotten) – You may request the deletion of your personal data, provided we are not legally required to retain it.

7.4 Restriction of Processing – You can ask us to limit how we use your data in certain circumstances.

7.5 Data Portability – You may request a structured, machine-readable copy of your personal data for use with another service.

7.6 Objection to Processing – You have the right to object to the processing of your data for direct marketing or other purposes.

7.7 Automated Decision-Making – We do not currently engage in fully automated decision-making processes that produce legal or similarly significant effects concerning individuals without human involvement.

7.8 You can exercise any of these rights by contacting us (see Section 14 for details). We will respond to requests in accordance with UK GDPR timeframes.

8. Cookies & Tracking Technologies

8.1 Our website uses cookies and similar tracking technologies to improve your Browse experience, analyse site traffic, and support marketing activities.

8.2 What Are Cookies? Cookies are small text files stored on your device when you visit our website. They help us recognise your preferences, enhance functionality, and improve performance.

8.3 Types of Cookies We Use:

  • Essential Cookies – Necessary for website operation, such as enabling secure payments and account login.
  • Performance Cookies – Help us analyse website usage to enhance functionality and user experience.
  • Marketing Cookies – Used for ad targeting and tracking interactions with marketing campaigns.

8.4 Managing Cookies – You can adjust your cookie preferences via your browser settings. Most browsers allow you to block or delete cookies, but doing so may affect website functionality.

8.5 More details on how we use cookies can be found in Section 10 (Analytics & Advertising).

9. Third-Party Links & Services

9.1 Our website may contain links to third-party websites or services. These platforms operate independently and have their own privacy policies.

9.2 If you choose to interact with third-party links or services, we recommend reviewing their privacy policies before providing any personal data.

9.3 We are not responsible for the privacy practices of external websites or third-party services, as they are beyond our control.

10. Analytics & Advertising

10.1 We use analytics tools to understand website traffic, improve user experience, and optimise our marketing strategies.

10.2 Google Ads & Meta (Facebook/Instagram) – We utilise Google Ads and Meta advertising services to deliver relevant promotions and measure campaign effectiveness. These platforms may use tracking technologies to personalise ads based on your Browse behaviour, such as for remarketing, interest-based advertising, and audience targeting to improve the relevance of the advertisements you see.

10.3 Managing Ad Preferences – You can manage your ad preferences directly through Google and Meta settings within your account.

10.4 More details on data collection by these platforms can be found in their respective privacy policies.

11. Data Security

11.1 We take data security seriously and implement appropriate technical and organisational measures to protect personal information from unauthorised access, loss, or misuse.

11.2 Website Security – Our website uses secure encryption protocols (such as SSL/TLS) to safeguard data transmission, ensuring a protected Browse experience.

11.3 Access Controls – Customer data is only accessible to authorised personnel and service providers who require it for legitimate business purposes.

11.4 Payment Security – Transactions are securely processed by Paymentsense, PayPal, or V12 Retail Finance, all of whom comply with UK data protection regulations.

11.5 While we take all reasonable steps to secure personal data, no online platform can guarantee absolute security. If you suspect any unauthorised access to your information, please contact us immediately (see Section 14).

12. Data Breach Procedures

12.1 We have security measures in place to detect and respond to potential data breaches, ensuring personal information remains protected.

12.2 If we become aware of a data breach that poses a risk to individuals, we will:

  • Investigate the breach to identify the cause and impact.
  • Notify affected individuals if required by law.
  • Inform the Information Commissioner’s Office (ICO) within legally required timeframes if the breach meets reporting criteria.
  • Take corrective action to prevent future breaches.

12.3 If you suspect any unauthorised access or misuse of your personal data, please contact us immediately (see Section 14).

13. Changes to This Policy

13.1 We may update this privacy policy from time to time to reflect changes in legal requirements, business practices, or data protection regulations.

13.2 If we make significant updates, we will notify customers via our website or other appropriate channels.

13.3 We encourage you to review this policy periodically to stay informed about how we protect your personal data.

13.4 This privacy policy was last updated on 5 June 2025.

14. Our Details

14.1 Company Information

This website is owned and operated by Essex Furniture Outlets Limited, trading as “Furniture Outlet”.

14.2 Registration & Business Details

  • Company Name: Essex Furniture Outlets Limited
  • Trading Name: Furniture Outlet
  • Company Registration Number: 08980266 (Registered in England)
  • VAT Registration Number: 186593948
  • Head Office Address: Furniture Outlet, Suite 3, 1st Floor, Phoenix House, Christopher Martin Road, Basildon, Essex SS14 3EZ
  • Information Commissioner’s Office (ICO) Registration Number: ZB665995

14.3 Contact for Privacy Policy Enquiries

For further information or enquiries regarding our privacy policy, please contact our Data Protection Officer via:

  • Email: online@furnitureoutletstores.co.uk
  • Postal Address: Data Protection Officer, Furniture Outlet, Suite 3, 1st Floor, Phoenix House, Christopher Martin Road, Basildon, Essex SS14 3EZ

Please note: We are unable to assist with privacy policy enquiries over the phone – email or postal enquiries only.