Privacy policy

About this notice

Sussex Sofas Limited is committed to safeguarding the privacy and security of your personal data. This privacy notice explains how we collect, use and store your personal information in line with data protection laws. Please read it carefully.

Data protection law requires that the personal information we hold about you must be:

  • Used lawfully, fairly and transparently.

  • Collected only for specific, valid purposes that we have clearly explained to you and not used in a way that is incompatible with those purposes.

  • Relevant and limited to what is necessary for the purposes we have told you about.

  • Accurate and kept up to date.

  • Retained only for as long as necessary for the purposes we have told you about.

  • Stored securely.

If you have any questions about this notice, or about how we collect and use your personal information, please contact us using the details on our “Contact Us” page.

1. Information about us

1.1 We are Sussex Sofas Limited and we operate sussexsofas.com. We are a limited company registered in England and Wales with company number 16648962. Our registered office is at 149 Tideswell Road, Eastbourne, East Sussex, BN21 3RT, BN21 3RT, United Kingdom.

2. Contract information and other correspondence

2.1 If you are an individual customer, when you place an order with us we will collect personal information relating to that contract. This includes your name, contact details, order details, delivery information, and any correspondence with us about the order.

2.2 If you are an individual, certain information is required so that we can process and fulfil your order. You must provide this information to enter into, and comply with, our contract. If you do not provide it, we may not be able to fulfil your order. Mandatory fields will usually be indicated when you place an order, but in particular we will need:

2.2.1 Your name and contact details.
2.2.2 Your delivery address.
2.2.3 Your payment details.

2.3 Any other communications or interactions between you and us (for example by email, telephone, post, SMS, via our website or through our social media channels) will also contain personal information such as your name and contact details. This may include enquiries, reviews, follow-up comments, complaints made by or about you, and any disputes involving you or your organisation.

2.4 Social media: If we interact with you via social media, we may use information you share with us (including your social media handle or profile), or information visible from your account, to help us manage our communications with you.

2.5 Facebook: If you visit our Facebook or Instagram page, Facebook may act as a joint controller with us in relation to data that Facebook collects about your visit to, or interaction with, our page or its content. Facebook provides us with Page Insights, which are aggregated statistics to help us understand how users engage with our page. Page Insights do not identify individual visitors. For more details about how responsibilities are divided between Facebook and us in relation to our Facebook page, please see:
https://www.facebook.com/legal/terms/information_about_page_insights_data
For information on how Facebook uses your data, please see:
https://en-gb.facebook.com/privacy/explanation

2.6 Call information: We may collect details of the telephone numbers used to call our organisation and the date, time and duration of calls. If we record calls to or from us, we will tell you at the start of the call.

2.7 We will retain and use this information to perform our contract with you (where applicable), to comply with our legal obligations (for example, record-keeping or verification requirements, including anti-money-laundering checks), and/or for our legitimate interests in preventing fraud, dealing with complaints or enquiries, managing your (or your organisation’s) account or order and any services we provide, and to review and improve our products and services (including troubleshooting, data analysis, testing, research, statistics and surveys).

2.8 Where the information relates to a contract, we will generally keep it for up to 7 years from the date of your order (or, if later, the end of any warranty or after-sales issue), to allow us to handle any after-sales queries or claims and to meet tax and other legal requirements.

2.9 Payment details are collected by our payment card processing providers and are retained by them in line with their own privacy policies.

2.10 If your information is stored on social media platforms, it will be retained according to the relevant platform’s policies. Any other information described above (such as initial enquiries or correspondence not relating to a customer order) is usually kept for up to 7 years after the relevant matter is concluded.

3. Marketing

3.1 We may collect your name and contact details (such as your email address, phone number or postal address) so that we can send you information about products and services that we think may be of interest to you.

3.2 You always have the right to opt out of receiving marketing from us. You can do this at any time by contacting us. If we send marketing emails, we will always include an unsubscribe option so you can stop receiving further marketing emails. If you opt out of marketing, we will add your details to a suppression list to help ensure you do not receive further marketing messages from us. We may still need to contact you for administrative or operational reasons, but these communications will not include direct marketing.

3.3 We may use your contact details for our legitimate interests in sending you marketing communications and maintaining a database of potential customers, particularly where these details were collected during a sale or negotiation for a sale. In other circumstances (for example, if you are not a customer and we have not discussed a sale with you), we will only send marketing emails or texts with your consent.

3.4 We do not sell or pass your name or contact details to third parties for their own marketing purposes unless you have expressly agreed that we may do so. We do use third-party providers to distribute our marketing communications, but they may only use your information on our instructions and must keep it secure and confidential.

3.5 We will keep your details on our marketing list until you opt out, at which point we will add your information to our suppression list. We keep the suppression list indefinitely to comply with our legal obligations and to ensure you do not receive further marketing from us.

4. Website information

4.1 We may collect information about you and your use of our website by technical means such as cookies, web beacons, counters and analytics tools. This may include your IP address, login information, browser type and version, time zone setting, approximate location, browser plug-in types and versions, operating system and platform, and other technology used on the devices you use to access our site. We use this information for our legitimate interests in administering and improving our website and its content, ensuring it functions properly and securely, and to help develop our business and inform our marketing strategy. We may also create aggregated statistics (such as the total number of visitors) which do not identify you personally.

4.2 We, or third-party advertisers, may also use this information to show you adverts. Where adverts are targeted, this may involve using website information and data we (or third-party advertisers) have obtained from other sources, together with automated decision-making based on inferred interests or status. This does not include details such as your name or direct contact information. Where adverts are shown to you using your information, we rely on our legitimate interests in marketing to you or (where relevant) on any consent you have provided on our or a third party’s website.

4.3 The website usage information described above may also be collected and used by third-party advertisers and analytics providers through cookies. When you use our website, you will have the choice to accept or reject these cookies. If you accept them, your data may be collected and used by those third parties for their own advertising and analytics purposes. For more information, please refer to their privacy policies.

4.4 Sharing or “Like” buttons: If you click a “share”, “like” or similar social media button on our website, the relevant social media platform may act as a joint controller with us in relation to information sent to them about your interaction with that button (which may include some of the technical information described above). Any data sent to a social media platform will be used by them in accordance with their own privacy policy. They will be primarily responsible for informing you about any joint processing and enabling you to exercise your rights under data protection law. For more information on how social media platforms and we share responsibilities in relation to these buttons, please see the relevant platform’s privacy notice.

4.5 For more detailed information about the cookies we use on our site and the purposes for which we use them, please see our Cookie Notice.

4.6 We keep this website-related information about you for up to 12 months from collection or until the relevant cookie expires, whichever is later.

4.7 Third-party websites: Our website may contain links to third-party websites, plug-ins and applications. Clicking those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy practices. When you leave our website, we recommend that you read the privacy notice of every website you visit.

Facebookhttps://www.facebook.com/policy.php
Sussex Sofas works with Facebook to display personalised adverts to users on Facebook and Instagram. If you do not wish to see these adverts, you can adjust your advertising preferences within your Facebook account.

Googlehttps://policies.google.com/privacy
Google provides Sussex Sofas with tools to track and analyse customer behaviour on our website. This helps us understand key metrics, such as website traffic. You can change your preferences at any time in your Google settings.

Trustpilothttps://uk.legal.trustpilot.com/for-reviewers/end-user-privacy-terms
To help improve our customer service, we invite customers to review our products and service. Our partner Trustpilot sends out email invitations for reviews. Sussex Sofas only shares the necessary information with Trustpilot, securely, so they can request feedback about your experience.

Shopifyhttps://www.shopify.co.uk/legal/cookies
Shopify explains in this document the types of cookies and tracking technologies it may place on your device either when you visit our web properties or when you visit a storefront hosted on the Shopify platform.

5. Photos, content and promotional material

5.1 This includes information you provide to us (through our website or otherwise), and any images or recordings of you which you permit us (or someone acting for us) to take (including at our premises or events) for use in publications or promotional materials. This may include reviews, comments, testimonials, photographs (including stock images and advertising materials) and videos.

5.2 We may display and publish this content (and, where appropriate, credit it to you) on our platforms for our legitimate interests in providing engaging content and promoting our business, or in some cases on the basis of your consent. We will keep and display or publish this material for as long as we consider it relevant for these purposes. You may ask us to remove or delete your content at any time (subject to any contractual rights we may have to use it) by contacting us. If we rely on your consent to publish or display the information, you can withdraw that consent at any time.

6. Professional information

6.1 If you work for one of our customers, suppliers or business partners, we may collect information about you such as your contact details, your role, and details of our dealings with you. This may be collected directly from you or via your organisation. Your organisation should have informed you that your information would be shared with us and directed you to this privacy notice. We use this information for our legitimate interests in managing our relationship with your organisation. Where we have a business relationship with you or your organisation, we may receive additional information about you from your organisation.

6.2 We will usually keep this information for up to 7 years after our relationship with your organisation has ended.

7. Information collected at our premises

7.1 Visitor information: We collect information about visitors to our premises. This may include your name, contact details, employer, and the date and time of your visit. If you have an accident on our premises, we may record details of the incident. Visitor information is generally retained for up to 5 years. Accident records are also kept for up to 5 years.

7.2 CCTV: We may use CCTV at our premises, which may capture images of you and your activities. Signs will be displayed to show which areas are covered. We only release footage in response to a warrant or formal law-enforcement request, or where it is necessary in connection with a dispute. CCTV recordings are normally retained for up to 90 days unless an incident occurs that requires us to keep the footage for longer.

7.3 Wi-Fi: If you use Wi-Fi provided at any of our offices or showrooms, we will record the unique identifier (MAC address) of your device and usage details (such as when and for how long you connected, and how much data you used). This does not include information that directly identifies you personally. We do not actively monitor your browsing activity. This information will only be accessed if we become aware of illegal activity or misuse of our Wi-Fi. We only disclose this information if requested by law enforcement or where necessary in relation to a dispute. We use this information for our legitimate interests in maintaining network security and complying with legal obligations related to Wi-Fi provision. The information is kept for [number] days from collection unless an incident requires us to retain specific data for longer.

8. Applications, referees and emergency contacts

8.1 We collect and store information about job applicants (including those applying for work experience or internships). This includes details you provide in your application, information supplied by recruitment agencies, and information from any referees you nominate. We may also review professional information you make publicly available, such as on LinkedIn or your employer’s website.

8.2 We use this information to decide whether to enter into an employment contract with you, for our legitimate interests in assessing candidates and documenting our recruitment processes, and to meet our employment law obligations and rights. If you voluntarily provide special category information (such as details of your race, health or sexual orientation), we will store it as part of your application on the basis that you have chosen to share it with us for this purpose and to ensure our records are accurate so we can comply with (and demonstrate compliance with) employment law.

8.3 If your application is successful, your information will be used and retained in line with our internal employee privacy notice. If you currently work for us, or have worked for us in the past, you can ask us for a copy of that notice. If you are not successful, we will generally keep your information for up to 6 months after the relevant recruitment process has finished.

8.4 You must provide certain information (such as your name, contact details, and details of your professional and educational background) so that we can properly consider your application. If you do not provide all of this information, we may contact you to request it. If you choose not to provide it, we may not be able to fully assess your application.

8.5 If you are named as a referee by an applicant, we will store your name, contact details, professional information (such as your job title and employer) and details of your relationship with the applicant. We use this for our legitimate interests in assessing candidates and to meet our employment law obligations and rights. Your information will be kept with the applicant’s records.

8.6 If you are listed as an emergency contact for one of our employees or workers, we will hold your name, contact details and your relationship to that person. We use this information to contact you if needed to meet our employment law obligations, protect that person’s vital interests, and for our legitimate interests in managing our workforce. Your information will be kept until it is updated by the staff member, or until we no longer need to contact them after they leave our employment.

9. Legal claims

Where we believe there is a possibility that we may need to bring or defend legal claims, we may retain your personal information for our legitimate interests in being able to do so properly. We may also share this information with our insurers or legal advisers. How long we keep this information will depend on the nature of any claim and how long we consider there to be a risk of legal action.

10. Why else do we use your information?

10.1 Common reasons we use your information: We will only use your personal data where the law permits. Although there may be limited situations where we rely on your consent, we typically use your information for the reasons described in this notice because:

10.1.1 We need it to perform a contract we have with you.
10.1.2 We need it to comply with a legal obligation.
10.1.3 It is needed for our legitimate interests (or those of a third party) and your rights and interests do not override those interests.
10.1.4 We need to protect your vital interests (or those of another person) or it is required in the public interest (although this basis is rare).

10.2 Change of purpose: We will only use your personal information for the purposes explained in this notice unless we reasonably consider that we need to use it for another reason that is compatible with the original purpose. If we need to use your information for a purpose that is unrelated to the reason it was collected, we will notify you and explain the legal basis for doing so.

11. Information we receive from third parties

11.1 We may also receive information about you from:

11.1.1 Our service providers: We work with various third parties (including business partners, technical and payment service providers, delivery companies, advertising networks, analytics providers, search providers and credit reference agencies) who may provide us with information about you for the purposes outlined in this notice.

11.1.2 Businesses we acquire: If we purchase another business, or substantially all of its assets, and that business holds your data, we will use and store that information in accordance with this privacy notice. If we are considering acquiring a business (or its assets) that holds your personal data (for example, as a customer or employee of that business), we may receive limited personal data about you from that business or its professional advisers for our legitimate interests in evaluating the transaction. If we decide not to proceed, any such information will be deleted as soon as reasonably possible.

11.1.3 Finance information: If you use a third-party finance provider, they will share information with us so we can confirm and administer your finance arrangement.

Klarna – https://www.klarna.com/uk/privacy-notice/
ClearPay – https://help.clearpay.co.uk/hc/en-gb/articles/900006078786-Privacy-Policy

12. Sharing your information

12.1 We do not sell your personal data to third parties. However, we may share your information with third parties, including service providers and other companies in our group. These third parties are required to protect your personal information and handle it in accordance with the law.

12.2 We may share your personal information where we are legally obliged to do so, where we need to enforce or apply our agreements with you, to protect our rights, property or safety, or that of our customers or others, or where we have another legitimate interest. This may include sharing information with other companies and organisations for fraud prevention and credit-risk reduction.

12.3 We may share your personal data with third-party service providers (including contractors and designated agents) so they can deliver services on our behalf. These may include legal advisers, contract administrators, order fulfilment providers, delivery services, administrative support, IT services and payment processors.

12.4 We may share your information with other entities in our group as part of regular reporting, in the course of a business reorganisation or group restructuring, or for system maintenance, support and data hosting.

12.5 All third-party service providers and group companies are required to implement appropriate security measures to protect your personal data. Where third parties act as “data processors” on our behalf, they may only process your information according to our instructions and must keep it confidential and secure.

12.6 We may also share your personal information with other third parties, for example potential buyers or professional advisers, in connection with the possible sale or restructuring of the business, to the extent this is necessary in relation to the purposes for which your information was originally collected. We may also share data with regulators or other authorities where required by law.

13. Where we store your information

13.1 Our head office and main data centre are located in the UK. However, where necessary to fulfil our contract with you or for wider business purposes, your information may be transferred to, stored in, or accessed from locations outside the UK and the EU. It may also be processed by staff located outside the UK and EU who work for us or for one of our service providers.

13.2 We will take all reasonable steps to ensure that your personal information is handled securely and in accordance with this privacy notice.

13.3 Some countries or organisations outside the UK and EU have been granted an “adequacy decision”, meaning their data protection regime is considered adequate by the EU. A list of these can be found on the European Commission website:
https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu-countries_en

13.4 If we transfer data to countries or organisations outside the UK and EU that do not have an adequacy decision, we will ensure that appropriate safeguards (such as EU-approved standard contractual clauses or equivalent protections) are in place where required. For more details on these safeguards, please contact us.

14. Data security

14.1 In addition to the safeguards described above for sharing your information, we have implemented internal security measures designed to prevent your personal data from being accidentally lost, used or accessed in an unauthorised manner, altered or disclosed. Access to your personal data is limited to employees, agents, contractors and other third parties who have a business need to know. They will only process your data on our instructions and are subject to a duty of confidentiality.

14.2 We have procedures in place to deal with any suspected data security breach and will notify you and any relevant regulator where we are legally required to do so.

15. How long will we keep your information?

15.1 Above, we have indicated typical retention periods for specific types of information. In some cases, it may be necessary to keep your data for longer than these periods to fulfil the purposes for which it was collected, or to meet legal, accounting or reporting requirements.

15.2 When deciding how long to retain personal data, we consider the amount, nature and sensitivity of the information, the potential risk of harm from unauthorised use or disclosure, the purposes for which we process it and whether those purposes can be achieved by other means, as well as applicable legal requirements.

15.3 In some circumstances, we may anonymise your personal information so that it can no longer be linked to you. In that case, we may use such information without further notice to you.

16. Your rights

16.1 Data protection law gives you several rights in relation to the personal data we hold about you. The main rights are summarised below. More detailed information is available from the Information Commissioner’s Office (ICO). In certain circumstances, and subject to legal requirements, you have the right to:

16.1.1 Be informed – to receive clear, transparent and easily understandable information about how we use your data and your rights, which is the purpose of this notice. If you need more details about how we use your information, please let us know.

16.1.2 Request access – to obtain a copy of the personal information we hold about you (a “data subject access request”) and to check that we are using it lawfully.

16.1.3 Request correction – to have any incomplete or inaccurate information we hold about you corrected.

16.1.4 Request erasure – to ask us to delete or remove your personal information where there is no good reason for us to continue processing it (for example, where we no longer need it for the purposes we collected it for). We may still need to retain some information to comply with legal obligations. You may also request erasure where you have exercised your right to object to processing (see below).

16.1.5 Object to processing – to object where we are relying on legitimate interests (ours or a third party’s) and there is something about your particular situation that makes you want to object, and we do not have compelling legitimate grounds that override your interests, rights and freedoms (for instance, if we need the information to defend a legal claim). You also have an absolute right to object where we are processing your personal information for direct marketing.

16.1.6 Request restriction of processing – to ask us to suspend processing your personal data, for example while you verify its accuracy or the reason we are processing it.

16.1.7 Request data portability – to ask us to transfer your personal data to you or another organisation where you provided the data to us, we are relying on your consent or a contract, and the data is processed by automated means.

16.1.8 Withdraw consent – where we rely on your consent (rather than another lawful basis) to process your personal data for a specific purpose, you can withdraw that consent at any time. Once you do so, we will stop processing your information for that purpose unless we have another lawful basis to continue.

16.1.9 Lodge a complaint – if you believe your data is being used in breach of data protection law, you can complain to your national supervisory authority. In the UK, this is the ICO.

If you wish to exercise any of these rights – for example, to access, correct or request erasure of your data, to object to processing, withdraw consent, or request a transfer – please contact us.

16.2 No fee usually required: You will not normally have to pay a fee to exercise your rights or access your personal data. However, we may charge a reasonable fee if your request is clearly unfounded or excessive, or we may refuse to comply in such circumstances.

16.3 What we may need from you: We may need to request specific information from you to help us understand your request, confirm your identity and ensure that you are entitled to exercise the right in question. This is an additional security measure to prevent personal data being disclosed to someone who is not entitled to receive it. If we ask for identification for this purpose, we do so to comply with our legal obligations and will only keep and use it until your identity has been verified.

16.4 Timescales: Please make your requests responsibly. We will respond as soon as we reasonably can. In most cases, this will be within one month of receiving your request. If your request is particularly complex or we have received a number of requests, it may take longer. If so, we will let you know.

17. Changes to this privacy notice

Any future updates or changes we make to this privacy notice will be posted on this page and, where appropriate, notified to you by email or by other suitable means. Please check this page regularly to stay informed of any updates or changes to our privacy notice.

Newsletter

Stay Updated, Stay Ahead

Join the Sussex Sofas community and receive exclusive offers, rewards and a host of other exciting benefits!