This Privacy Policy sets out how seratrug.com (a UK companhy owned and operated by Serat Rug Ltd.) collects, uses and protects any personal data that you give us when using our website. When you are using seratrug.com, Serat Rug Ltd. (a limited liability company registered in England under registration no. 08032089) is the data controller.
We believe less is more and are committed to ensuring that we only request the absolute minimum amount of information we need to process your purchase (and inform you of any updates, delays or issues specifically relating to your order). Furthermore, we aim to ensure that the information you do provide to us is protected. When providing information for your rug(s) purchase(s), please be assured that it is only used in accordance with our Privacy Policy.
seratrug.com reserves the right to update and amend our applicable policies (incl. this Privacy Policy) from time to time. We aim to ensure that we process data in accordance with data protection principles set out in the General Data Protection Regulation (GDPR) and our customers are satisfied with the handling of their information. Please take a moment to review this page when shopping on our site to understand the currently applicable Privacy Policy.
What information we collect (and why)
Whilst face to face shopping can be done almost anonymously, online shopping requires a certain amount of information about you (the customer) to be provided to us (the online retailer) before we are able to process your order. When you create an account with us and/or during our “checkout” process you are required to complete various text boxes to finalise your order. We collect the following information as a result:
Your name (we need to know who our customer is and what to address you as)
You contact information incl. email address, landline and/or mobile number (we need your email address to send you order confirmation(s), invoice(s), updates and write to you if any issues or queries arise; your telephone number(s) may be used to contact you in relation to your order/its delivery)
Your billing address (we need this as part of the payment process (if paying by card) to verify the authenticity of your order with your card issuer)
Your shipping/delivery address (we need to know where you would like your rug(s) delivered)
Your credit/debit card details if you are paying for your order using a card (we need this to obtain your payment from your card of choice; please note that we use PayPal to process this information and our staff do not have access at any time to your full card details which are encrypted upon entry and and not accessible to us).
(When you use our helpdesk message/enquiry function to contact us (see Contact Us page for details), you provide us with your name and email address. That information is used only to respond to your query).
(When you use our subscribe to newsletter function (either by opting to within your account or via entering your email address in the pop up box), you provide us with your email address. Your email is added to a newsletter subscribers list and will be sent our occasional newsletter (if any). Should you wish to remove your email from the newsletter subscribers list, email us at [email protected] from the email address you have provided and we will do so.)
What is the lawful basis for us processing this information?
In most cases information is collected and processed on the basis of contract i.e. we require this information in order to, for example, respond to your pre-order queries, process your order and dispatch your rug(s) to you and respond to any post purchase queries or issues. We also store certain information on the legal obligation basis (e.g. we are legally required to keep records for tax purposes). In very few instances, we process your information on the basis of consent (for example, when you request to be added to a waiting list for a specific item and ask to be notified when that item is back in stock).
What we do with the information we collect
We require this information to process and deliver your order and to keep a record of the same for our record keeping and accounting purposes. In particular:
We pass your delivery details (i.e. name, delivery address, telephone number and email address) to our courier as part of order delivery or collection process;
Our professional advisers (e.g. accountant, technical support) have access to your order details as part of business and accounting processes;
To improve our customers’ experience, we may request feedback on your specific order using review services providers (e.g. Reviews.io, Trust Pilot etc);
As to credit/debit card information, please note that all our payments are processed by PayPal (see our Payment Options page for details) and our staff do not have access to your full card details.
What we will not do with the information we collect
We will not send you any promotional emails or messages or post.
We will not sell your information to anyone or permit anyone else to access it (except under our supervision for our internal business operations, accounting or record keeping purposes and to our courier/suppliers’ warehouse for your order(s) delivery/collection (see above)). We only provide your delivery information to our courier so that they can deliver it in accordance with your instructions and contact you (if there is an issue or a query in relation to your delivery).
We will not keep your order data longer than necessary under the GDPR. Currently we keep records for a period of up to 7 years from the date of your order/last contact with us.
Security
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure we have put in place suitable contractual, physical, electronic and managerial procedures to safeguard and secure the information we collect online.
How we use cookies
A cookie is a small file which asks permission to be placed on your computer. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.
We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website in order to tailor it to customers’ needs. We only use this information for statistical analysis purposes and then the data is removed from the system.
Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.
You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.
Links to other websites
Our website may contain links to enable you to visit other websites of interest easily. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this Privacy Policy. You should exercise caution and look at the privacy policy applicable to the website in question.
Controlling your personal information
The GDPR provides a number of rights, including the right to access, rectification, erasure, restrict processing, data portability and the right to object. Some of these rights can be exercised with regards to the information we collect from you. What can you do to exercise these rights (if applicable)? You can request details of your personal information and tell us what you would like to do by contacting us on [email protected]. We will promptly look into your request and respond in accordance with the GDPR guidelines.