Privacy Policy

Wood Finishes Direct Ltd is committed to protecting your privacy and will only use the information that we collect about you lawfully and in accordance with the Data Protection Act (2018) and the UK General Data Protection Regulations (UK GDPR).

Please note that this privacy policy forms part of our digital terms of use, which you can read here.

About this privacy policy

This privacy policy explains what information we may collect about you, how we may use it, and the steps we take to ensure that it is kept secure. We also explain your rights in respect of your personal data. By submitting your personal data to us you are agreeing to this document and how we manage your personal data.

What Personal Information do we ask for and how do we use it?

All personal information that we collect about you will be recorded, used, and protected by us in accordance with applicable data protection legislation and this privacy policy.

In broad terms, we use your data for the following purposes

  • To answer any questions you may have or information you may have requested
  • To process your order or manage your account
  • Keeping track of transactions and enquiries
  • Sending you marketing material about products, services, and promotions
  • For market research purposes to help improve our products and services, to let you know of any significant changes or developments about our products, services and to our website
  • To administer and provide products and services you request or have expressed an interest in
  • To communicate with you if any products or services you have requested are unavailable
  • For record keeping purposes
  • To track your activity on our digital platforms
  • To personalise and tailor any communications that we may send you
  • For profiling purposes to enable us to personalise and/or tailor any marketing communications that you may consent to receive from us
  • To send basket abandonment emails, to remind you if you have left products in your basket
  • The use of information on previous orders to assist with the purchasing of future orders and repeat orders to ensure product comparability

When we provide you with products or services we may collect and store any personal information that you provide to us. We may, for example, keep a record of your name, address, delivery address, email address & telephone number.

When you sign up with us for an online account, register to receive marketing communications from us (and/or our sponsors and partners), enter one of our competitions, fill in one of our forms (whether online or offline) or otherwise expressly provide us with your personal information, we may collect and store any personal information that you provide to us and may use it to personalise and improve your experience on our digital platforms, provide products and services you request from us, and carry out profiling and market research. We may also use other platforms to contact you, this is so you receive only the best marketing emails and transactional emails.

We will ask for information such as your name, postal address, email address and payment details. When placing an order through our online shop, we will need your credit/debit card details (including card number, cardholder name and expiry date) for us to take payment and confirm the order online. We will never store your bank details on our servers. We may also ask you for your telephone number so that, if needed, you can be contacted regarding your order.

This information will be kept accurate and up to date. It is held securely in accordance with our internal security policy and the law.

You can check the information that we hold about you by emailing us. If you find any inaccuracies, we will delete or correct it promptly. We advise that you contact us if you wish to make any changes to the information we hold about you.

How we protect your information entered onto our website

All the information you give us is protected by a secure server. The secure server software TLS (Transport Layer Security) encrypts the information you enter before it is sent to our web site, and whenever it is sent to our payment gateway for processing. You can tell our site is secure as a small locked padlock will appear in your browser's status bar to show that you can safely send sensitive information (such as credit card details) to our website. Another indicator is that our secure pages will not display a 'security alert' message. You should also check the browser's address bar and make sure the address begins with 'https://'. We have a secure hardware firewall in place on our server to further protect the information we store.

When do we collect information from you?

When you interact with our digital platforms we collect information, such as when you make a purchase or agree to our marketing. If you call us to make an enquiry or to purchase over the phone, we collect your personal data to enable us to provide the services, that you request. When you come into our shop, we may also ask for some personal details so we can record your purchase.

We may also automatically collect information about your visit using cookies, this is primarily to help us better understand how our customers use our digital platforms to enable us to create better content.

Lawful Basis

We use different lawful basis to collect and process your personal data, these are defined in the UK GDPR. The following explains the legal basis that we rely on to process your data:

  • Where you create an order with us on our website, over the phone or in person we rely on the legal basis of contract
  • For direct marketing we rely on your consent
  • For all other processes we rely on legitimate interest

Other legal basis may apply such as legal obligation or vital interest.

We make use of the Privacy and Electronic Communications Regulation concept of Soft Opt-In. This enables us to inform you of related products to those that you have purchased using the data we gathered from when you made a purchase or expressed an interest in. This also enables us to inform you of incomplete purchases on our website.

Data Retention

We will only hold your personal information for as long as necessary for business purposes or if required to keep it by law. We have a data retention policy that we use to manage how long we keep data for. Generally, we keep data for the following durations:

We retain...

  • marketing contact details for two years after our last contact with you, or sooner if you remove your consent.
  • Sales orders and purchases are retained to enable us to manage our products and provide the best possible service to you.
  • Enquiries over the phone or email. We will only keep the details of enquiries for as long as needed to service your request.

Where we can, we will delete information as soon as it is no longer required and before the retention period has been reached.

Sharing Your Data

We assure you that we will only exchange your data with another organisation where we have your express permission (consent) to do so; Or it is necessary in order to honour a contract between you. This includes sharing your data with our data processors. We use data processors who are third parties who provide elements of services for us. We have contracts in place with our data processors. This means that they cannot do anything with your personal information unless we have instructed them to do it; Or we are required by law, or in defence of legal claims to share the information.

We will never sell your personal data to any external organisation

Transferring your data outside of the UK

The personal data we process is predominantly in the UK or in the European Economic Area (EEA). We do use data processors that are based outside of the UK and possibly outside of the EEA including the United States. Where this is the case, we have contracts in place and ensure there are safeguards in place to protect your personal data. By submitting your personal information, you agree to this transfer, storing or processing at a location outside the EEA.

News, offers and opportunities from us

If you agree to receive marketing communications, we will keep you informed of new products, offers, competitions, discounts etc from across our companies under our group. If you would prefer not to receive marketing material from us, you can update your preferences in Email Preferences under your account details. Or using the unsubscribe feature in our communications to you.

If you have not subscribed to our marketing, we may still communicate to you to keep you informed of products, services (including special offers, discounts, etc) which we consider may be of interest to you, as they relate to your previous purchase(s) by email. You can limit how we communicate to you in this way by using contact us.

Monitoring

We may monitor or record telephone calls for security purposes and to improve the quality of services that we provide to you.

Please note that for your safety and security, CCTV is in operation in all of our premises.

Does the Wood Finishes Direct Ltd web site use cookies?

Our web site uses temporary 'session' cookies to uniquely identify you so that we can operate your shopping basket. To use our shopping basket, you must set your browser to allow temporary 'session' cookies. Temporary cookies are deleted from your computer as soon as you close your browser window. We may also use technology to track the patterns of behaviour of our visitors to our site to improve the overall customer experience.

Your rights

Under UK GDPR you have rights regarding the personal data we hold, these are:

  1. The right to be informed

    This is your right to be informed about the collection and use of your personal data that we hold. The purpose of this document is to fulfil our obligation to you in this respect.

  2. The right of access

    This is your right to see your personal data and supplementary information that we hold.

  3. The right to rectification

    This is your right to have inaccurate personal data we hold corrected, or completed if it is incomplete

  4. The right to erasure

    This is your right to have some, or all, of your personal data erased that we hold, this is also known as ‘the right to be forgotten.’

  5. The right to restrict processing

    This is your right to request that we restrict the use of your personal data.

  6. The right to data portability

    This is your right to data portability; this allows you to obtain and reuse for your personal data for your own purposes across different services.

  7. The right to object

    You have the right to object to how we process and use your personal data.

  8. Rights in relation to automated decision making and profiling

    You have the right to remove your consent for any automated decision making (making a decision solely by automated means without any human involvement).

These rights are not absolute and there may be circumstances where they do not apply. If this is the case, we will explain this to you and include our justification for why we are not able to complete your request in part or fully. We have one calendar month to respond to your request in most circumstances. If you are not satisfied you can make a complaint about the way we process your personal information to the ICO using their website - ico.org.uk.

If you would like to know more about how we manage your personal data, please contact us.

Changes to this policy

We may change this policy from time to time. Laws, regulations, and industry standards evolve, which may make those changes necessary, or we may make changes to our services or business. We will post the changes to this page and encourage you to review our Privacy Policy to stay informed.

If we make changes that materially alter your privacy rights, we will provide additional notice, such as via email or through our platform. Your continued use of our platform or services after we publish or send a notice about the changes to the policy will mean that you accept and agree to the updated policy.