Oriental Carpets and Rugs Limited

Trading as Think Rugs

This Privacy Policy explains in detail the types of personal data we may collect when using this website. It also outlines how we store and handle that data, plus the measures we have in place to keep it safe.

We are committed to safeguarding the privacy of our website visitors and service users. We hope the details on this page will answer any questions you have regarding Personal Data or Security but if not, please do get in touch with us.

The term ‘Think Rugs’ or ‘us’ or ‘we’ refers to the owner of the website – Oriental Carpets and Rugs Limited

The term ‘you’ refers to the user or viewer of our website.

This Privacy Policy sets out how Think Rugs uses and protects any information that you give when you use thinkrugs.co.uk, referred to as ‘this website’ or ‘the website’ throughout this policy.

Oriental Carpets and Rugs Limited

Registered address: Unit F2 Fenton Trade Park, Dewsbury Road, Stoke-on-Trent ST4 2TE

Company registration number: 07413940

Our role as the Data Controller

The Data Controller is a person or organisation who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal data are, or are to be, processed.

We are the sole Data Controllers for this website. With respect to the personal data of our website users; we determine the purposes and means of the processing of that data.

Intended Website Users

This website is directed at trade customers, to inform them about our products and services. The site and it’s content are directed at adults over the age of 16. While those under 16 can view the site and it’s content, users of our services are consumers above this age.

Collected Information

Any Personally Identifiable Information (PII) given to us while using our website is only shared with our trusted data processors. The data may be processed for the purposes of operating our website, providing our services, marketing (if consent is given), analysis, security, back-ups and communicating with you.

The content on this website does not require a user account to be viewed, so we do not collect profile information or registration information by default. Data is collected from active customers in the following ways:

Trade Accounts

To order items from this website, you first must have a Think Rugs Trade Account. During this process we collect the following information:

  • Company name
  • Trading name
  • Name of buyer / contact
  • Business address
  • Invoicing address
  • Delivery address
  • Telephone number
  • Fax number
  • Email address
  • Type of business
  • Number of years established
  • VAT reg number
  • Partnership details
  • References x2

Once a Trade Account is approved, you can order directly from Think Rugs using the contact details found here. This data may be processed for the purposes of providing our services and communicating with you.

Online Customer Accounts

Once a trade account is approved, if you would like to use this website to place an order, you then must register for an Online Customer Account. If you choose to create an online customer account, the following profile information will be collected:

  • Company name
  • Telephone number
  • Website address
  • Email address
  • Invoicing address
  • Shipping address

This data may be processed for the purposes of operating our website, providing our services, ensuring the security of our website and services, maintaining back-ups of our databases and communicating with you.

You can update the details held from the My Account Page on this website.

Email Marketing

The following data may be collected and used for email marketing purposes when consent is given by the user.

  • First name
  • Last name
  • Email address
  • Geographic location

Contact Forms

Any information submitted through our contact forms will be held securely on our servers. Clear consent must be given to this Policy when submitting any data through our contact forms. All data will be stored for up to 24 months and used to contact you regarding your enquiry.

Site Backups

User account information and contact form information may also be held in a backup of the website. Backups are stored for 30 days, after which they are deleted permanently.

Analytics & Tracking

To deliver the best possible web experience, we collect technical information about your internet connection and browser as well as the country and telephone code where your computer is located, the web pages viewed during your visit, the buttons clicked on, and any search terms you entered. This is done with the use of Cookies that are stored within your web browser (find out more about how we use cookies).

How we use the data we collect

We require the data to understand clearly about the legitimacy of your business and provide you with a better service, in particular for the following reasons:

  • To provide our products and services.
  • Internal record keeping.
  • We may use the information to improve our products and services.
  • We may periodically send promotional emails about new products, special offers or other information which we think you may find interesting using the email address which you have provided. You are free to unsubscribe from any of our marketing lists by simply clicking the unsubscribe link at the bottom of any of the emails sent from us.
  • From time to time, we may also use your information to contact you for market research purposes. We may contact you by email, phone, fax or mail.

Data Processors

We will sometimes be required to share data with trusted Third Parties who act as Data Processors on our behalf. Data will only be processed for the purposes of operating our website, providing our services, marketing (if consent is given), security, back-ups and communicating with you.

Data Processors are a person or organisation who deals with personal data as instructed by the controller for specific purposes and services offered to the controller that involve personal data processing.

To keep your data safe and protect your privacy, we have a strict policy with these organisations:

  • The only data given to the Processor will be what they need to perform their specific services.
  • We only give them permission to use the data for the exact purposes we agree in our contract with them.
  • We only use trusted Data Processors with clear terms and conditions and policies to ensure full compliance with privacy legislation.
  • If we stop using any of our Data Processors, all of the data held by them will either be deleted or rendered anonymous.

We will never share your data with third parties for their own purposes unless you have given explicit consent for us to do so.

Data Location

This website is hosted on servers located in London, United Kingdom, where the website data is held.

Data Transfers Outside the EEA

Our trusted Data Processors may be required to transfer data outside of the EEA when acting on our behalf to provide services. We will regularly check that the organisations are all GDPR compliant for data transfer outside the EEA.

Site Security

This website is scanned daily for Malware, which is removed immediately if found.

  • All security is handled at server level, rather than relying on third-party security plugins
  • Secure password best practices are enforced on the site for Administrators
  • Login attempts are limited at both site and server level, to protect against brute-force attacks
  • Intelligent IP blocking detects intruders and blocks them across all sites on the servers within seconds
  • All core updates are handled automatically by our hosting provider to ensure the site is running the most up-to-date and secure version of the system

User Rights and Choices

If you wish to access, transfer or delete the data held about you, please contact us. Once notified we can then initiate the process required.

Your data can be removed from our Email Marketing system by unsubscribing via the link at the bottom of any of our marketing emails.

Your data may also be held within a site backup. Backups are stored for 30 days, after which they are deleted permanently

Email Marketing

We will only send email marketing to customers that have given consent. Registration for the Email Marketing list can be given via the form in the footer of this website. All email addresses submitted to our marketing list will receive a confirmation email, once accepted this acts as consent and you will receive Newsletters and Marketing from us.

You are free to unsubscribe from our Email Marketing List by clicking the unsubscribe link at the bottom of any of the emails that have been sent to you.

Remarketing

With your consent, we may use Cookies (find out more about how we use cookies) to track your interactions with this website. This data may be shared with our Digital Marketing providers and Data Processors to present you with the most relevant advertisements when browsing third party websites.

Contact us with any questions

If you have any questions about this policy, your data, how it is used and protected or deletion of this data, please contact us using the details on this page.


Changes to this Policy

This Policy was last updated on 24/04/2018

If there are any changes made to this Privacy Policy, we will communicate this via our Email Subscriber list.