Privacy and Data Protection Policy

Effective Date: 18 September 2023

1. Introduction

The Furniture Practice ("we," "our," or "us") is committed to protecting the privacy and security of your personal data. This Privacy and Data Protection Policy explains how we collect, use, process, and protect personal data in compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR), the UK Data Protection Act, and relevant US data protection laws. We encourage you to read this Privacy and Data Protection Policy carefully to understand our practices.

2. Data Controller

The Furniture Practice, registered at:

31 Pear Tree Street,
London,
EC1V 3AG
United Kingdom

Registered Company Number: 03470956

3. Data Protection Officer

We have appointed a Data Protection Officer who is responsible for overseeing our data protection practices. If you have any questions, concerns, or requests regarding this Privacy and Data Protection Policy or our data practices, please contact our Data Protection Officer:

Mark Nicol

data.protection@thefurniturepractice.com

4. Personal Data Collection

We may collect and process the following types of personal data:

a. Identity Data: Name, title, and contact details (e.g., email address, phone number).
b. Employment Data: Role, job title, and company name.
c. Communications Data: Correspondence, inquiries, and other communications.
d. Technical Data: IP address, browser type, device identification, and other technical information collected automatically.
e. Usage Data: Information about your interaction with our website and services.

5. Purposes and Legal Basis for Data Processing

We use personal data for the following purposes and rely on the corresponding legal bases for processing:

a. Providing requested services and customer support: Contractual necessity.
b. Managing and administering business relationships: Legitimate interests and contractual necessity.
c. Communicating important updates and marketing materials: Consent and legitimate interests.
d. Analyzing website usage and improving our services: Legitimate interests.
e. Complying with legal and regulatory requirements: Legal obligations.

6. Third-Party Data Processors

We engage the services of third-party companies to process personal data on our behalf. These companies include:

a. Microsoft: Provides cloud-based services for data storage and processing.
b. BambooHR: Provides HR software and services.
c. Mimecast: Provides email security and archiving services.
d. Box.com: Provides cloud storage and file sharing services.
e. MailChimp: Email Marketing activities
f. Oracle NetSuite: Financial and CRM services
g. Monday.com: General Data processing and management services