Privacy Policy Vernons Interiors A trading division of James Vernon Group Ltd. Effective Date: [Insert Date] ⸻ 1. Introduction Vernons Interiors (“we”, “us”, “our”) is a trading division of James Vernon Group Ltd. We are committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, engage our services, or interact with us in relation to our high-end furniture and interior solutions across the UK and Europe. We comply with the UK General Data Protection Regulation (UK GDPR) and the EU General Data Protection Regulation (EU GDPR) where applicable. ⸻ 2. Information We Collect We may collect and process the following types of personal data: a. Identity Data • Full name • Title b. Contact Data • Email address • Telephone number • Billing and delivery address c. Transaction Data • Details about purchases, orders, and payments • Project specifications and requirements d. Technical Data • IP address • Browser type and version • Device information • Website usage data e. Marketing and Communications Data • Preferences in receiving marketing from us • Communication history ⸻ 3. How We Use Your Information We use your personal data to: • Provide and manage our furniture and interior design services • Process and deliver orders • Communicate regarding projects, deliveries, and support • Manage payments and invoicing • Improve our website, products, and services • Send marketing communications (only where lawful) • Comply with legal obligations ⸻ 4. Legal Basis for Processing We process your data under the following legal bases: • Contractual necessity – to fulfil orders and services • Legitimate interests – to improve services and customer experience • Consent – for marketing communications where required • Legal obligations – for compliance with applicable laws ⸻ 5. Sharing Your Information We may share your data with: • Logistics and delivery partners • Payment service providers • IT and system service providers • Professional advisers (legal, financial) • Regulatory authorities when required All third parties are required to respect the security of your personal data and process it in accordance with the law. ⸻ 6. International Transfers As we operate across the UK and Europe, your data may be transferred outside your country of residence. Where data is transferred outside the UK or EEA, we ensure appropriate safeguards are in place, such as: • Standard Contractual Clauses (SCCs) • Adequacy decisions ⸻ 7. Data Retention We retain your personal data only as long as necessary to: • Fulfil the purposes we collected it for • Satisfy legal, accounting, or reporting requirements Typically, this includes retaining customer and transaction data for up to 6 years for legal and tax purposes. ⸻ 8. Your Data Protection Rights You have the right to: • Access your personal data • Request correction of inaccurate data • Request deletion of your data • Object to processing • Request restriction of processing • Request data portability • Withdraw consent at any time To exercise your rights, please contact us using the details below. ⸻ 9. Data Security We implement appropriate technical and organisational measures to protect your personal data, including: • Secure servers • Access controls • Encryption where appropriate However, no system is completely secure, and we cannot guarantee absolute security. ⸻ 10. Cookies Our website may use cookies to improve user experience and analyse website traffic. You can control cookie settings through your browser preferences. ⸻ 11. Third-Party Links Our website may contain links to third-party websites. We are not responsible for their privacy practices and encourage you to read their policies. ⸻ 12. Changes to This Policy We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated effective date. ⸻ 13. Contact Us If you have any questions about this Privacy Policy or your data, please contact: 14. Complaints You have the right to lodge a complaint with a supervisory authority: • In the UK: Information Commissioner’s Office (ICO) • In the EU: Your local data protection authority