GDPR Policy
This GDPR Policy explains how personal data is handled in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. It outlines the principles applied to data processing and the rights available to individuals whose data may be processed through use of this website.
This policy should be read together with the Privacy Policy, which provides additional context on data collection and usage.
Legal Basis for Data Processing
Personal data is processed only where a lawful basis exists under UK GDPR. Depending on the interaction, this may include:
-
Processing necessary for order fulfilment or customer support
-
Processing required to comply with legal or regulatory obligations
-
Processing based on legitimate operational interests, where appropriate
-
Processing carried out with user consent, where such consent is requested
The applicable basis depends on the nature of the interaction and the type of data involved.
Principles of Data Handling
All personal data is handled in line with the core principles set out in UK GDPR, including:
-
Data is used in a fair and transparent manner
-
Collection is limited to what is relevant and necessary
-
Information is kept accurate and updated where reasonably possible
-
Storage is limited to periods appropriate for legal or operational needs
-
Appropriate safeguards are applied to protect data integrity and confidentiality
Individual Rights Under UK GDPR
Under UK GDPR, individuals have specific rights in relation to their personal data. These rights may include:
-
The right to access personal data held about them
-
The right to request correction of inaccurate or incomplete information
-
The right to request erasure, where legally applicable
-
The right to restrict or object to certain types of processing
-
The right to request data portability, where relevant
The exercise of these rights may be subject to legal conditions and verification requirements.
Data Retention
Personal data is retained only for as long as necessary to support legitimate business, legal, or regulatory purposes. Retention periods may vary depending on the nature of the data and applicable legal requirements.
Once data is no longer required, it is handled in accordance with applicable data protection standards.
Data Sharing and Transfers
Personal data may be shared with third parties involved in essential operational functions, such as payment processing, logistics, or technical services. Any such sharing is carried out in line with UK GDPR requirements.
Where data is transferred outside the United Kingdom, appropriate safeguards are applied in accordance with applicable data protection laws.
Security Measures
Reasonable technical and organisational measures are applied to reduce the risk of unauthorised access, loss, or misuse of personal data. Security practices are reviewed and adjusted as necessary to reflect operational and regulatory considerations.
Relationship to Other Policies
This GDPR Policy complements the Privacy Policy, Terms of Service, and other related policy pages. Together, these documents explain how data and transactions are managed across the website.
Nothing in this policy restricts rights granted under applicable UK data protection or consumer protection laws.
Updates to This Policy
This GDPR Policy may be updated to reflect changes in legal requirements, operational practices, or regulatory guidance. The version made available on the website represents the current applicable statement.
Contact
Requests or questions relating to data protection or GDPR rights may be submitted using the contact details provided on the Contact Us page.
Address: 215 BELL AVE,APPALACHIA,VA,24216-1503,US
Telephone: +1(205)603-8472
Online Service Hours: Monday to Friday 09:00 – 12:00 and 14:00 – 18:00 (UK Time)
Email: quickhelp@nordichomefurni.com