Privacy notice
Last updated: 1 October 2020
​
('Website') is provided by Natalia Sutherland ('we'/'us'/'our'). In doing so, we may
be in a position to receive and process personal information relating to you. As the controller of this
information, we are providing this Privacy Notice ('Notice') to explain our approach to personal information.
This Notice forms part of our Terms&Conditions, which governs the use of this Website.
​
We intend only to process personal information fairly and transparently as required by data protection law
including the General Data Protection Regulation (GDPR) Directive (EU) 2016/680 and supplemented by the
Data Protection Acts 1988 to 2018. In particular, before obtaining information from you (including through use
of cookies) we intend to alert you to this Notice, let you know how we intend to process the information
(including through use of cookies) and (unless processing is necessary for at least one of the 5 reasons
outlined in clause 2 below) we will only process the information if you consent to that processing. The GDPR
also defines certain 'special categories' of personal information that's considered more sensitive. These
categories require a higher level of protection, as explained below.
​
Of course, you may browse parts of this Website without providing any information about yourself and
without accepting cookies. In that case, it is unlikely we will possess and process any information relating to
you.
​
We will start this Notice by setting out the conditions we must satisfy before processing your data. However,
you may wish to start with this table at clause 4, which summarises what we intend to collect, or this table at
clause 8.5, which summarises our use of cookies. The Notice also explains some of the security measures
we take to protect your personal information, and tells you certain things we will or won't do. You should read
this Notice in conjunction with the Terms&Conditions.
​
​
Sometimes, when you take a new service or product from us, or discuss taking a new service or product but
decide against, we might wish to provide you with further information about similar services or products by
email or other written electronic communication. In that situation, we will always give you the opportunity to
refuse to receive that further information and if you change your mind please let us know. We will endeavour
to remind you of your right to opt-out on each occasion that we provide such information.
​
​
1. Identity and contact details
​
1.1 Place of business: 1 St. Mary's Road, Ballsbridge, Dublin D04N6C0
​
1.2
​
2. When we are allowed to collect information from you
We will only collect personal information relating to you if one of the following conditions have been
satisfied:
​
2.1 You have clearly told us that you are content for us to collect that information for the certain
purpose or purposes that we will have specified.
​
2.2 The processing is necessary for the performance a contract that we have with you.
​
2.3 The processing is necessary so that we can comply with the law.
​
2.4 The processing is necessary to protect someone's life.
​
2.5 The processing is necessary for performance of a task that's in the public interest.
​
2.6 The processing is necessary for our or another's legitimate interest - but in this case, we will
balance those interests against your interests.
​
3. How to consent
​
3.1 At the point of collecting the information, we will endeavour to explain how we intend to use the
information and which of these purposes apply. If we rely on consent, we will provide you with the
opportunity to tell us that you are happy to provide the information.
​
3.2 If at any point in time you change your mind and decide that you do not consent, please let us
know and we will endeavour to stop processing your information in the specified manner, or we
will delete your data if there is no continuing reason for possessing it.
​
3.3 If you do not consent to a particular bit of processing, we will endeavour to ensure that the
Website and our service continue to operate without the need for that information.
​
4. Information we expect to collect from you
​
4.1 We envisage asking for the following types of information from you:
Information type
​
Name, email and phone number
​
Purpose and related details
​
We ask for this to Say hello when you log in, save
order information and to contact you regarding
orders.
​
Justification
​
We'll ask for your consent
​
4.2 We may collect personal information about you from a number of sources, including the following:
​
4.2.1 From you when you agree to take a service or product from us, in which case this may
include your contact details, date of birth, how you will pay for the product or service
and your bank details.
​
4.2.2 From you when you contact us with an enquiry or in response to a communication from
us, in which case, this may tell us something about how you use our services.
​
4.2.3 From documents that are available to the public, such as the electoral register.
​
4.2.4 From third parties to whom you have provided information with your consent to pass it
on to other organisations or persons - when we receive such information we will let you
know as soon as is reasonably practicable.
​
4.3 If you refuse to provide information requested, then if that information is necessary for a service
we provide to you we may need to stop providing that service.
​
4.4 At the time of collecting information, by whichever method is used, we will endeavour to alert you
and inform you about our purposes and legal basis for processing that information, as well as
whether we intend to share the information with anyone else or send it outside of the European
Economic Area. If at any point you think we've invited you to provide information without
explaining why, feel free to object and ask for our reasons.
​
5. Using your personal information
​
5.1 Data protection, privacy and security are important to us, and we shall only use your personal
information for specified purposes and shall not keep such personal information longer than is
necessary to fulfil these purposes. The following are examples of such purposes. We have also
indicated below which GDPR justification applies, however it will depend on the circumstances of
each case. At the time of collecting we will provide further information, and you may always ask for
further information from us.
​
5.1.1 To help us to identify you when you contact us. This will normally be necessary for the
performance our contract.
​
5.1.2 To help us to identify accounts, services and/or products which you could have from us
or selected partners from time to time. We may do this by automatic means using a
scoring system, which uses the personal information you've provided and/or any
information we hold about you and personal information from third party agencies
(including credit reference agencies). We will only use your information for this purpose
if you agree to it.
​
5.1.3 To help us to administer and to contact you about improved administration of any
accounts, services and products we have provided before, do provide now or will or
may provide in the future. This will often be necessary, but sometimes the
improvements will not be necessary in which case we will ask whether you agree.
​
5.1.4 To allow us to carry out marketing analysis and customer profiling (including with
transactional information), conduct research, including creating statistical and testing
information. This will sometimes require that you consent, but will sometimes be exempt
as market research.
​
5.1.5 To help to prevent and detect fraud or loss. This will only be done in certain
circumstances when we consider it necessary or the law requires it.
​
5.1.6 To allow us to contact you by written electronic means (such as email, text or
multimedia messages) about products and services offered by us where:
​
5.1.6.1 these products are similar to those you have already purchased from us,
​
5.1.6.2 you were given the opportunity to opt out of being contacted by us at the
time your personal information was originally collected by us and at the
time of our subsequent communications with you, and
​
5.1.6.3 you have not opted out of us contacting you.
​
5.1.7 To allow us to contact you in any way (including mail, email, telephone, visit, text or
multimedia messages) about products and services offered by us and selected partners
where you have expressly consented to us doing so.
​
5.1.8 We may monitor and record communications with you (including phone conversations
and emails) for quality assurance and compliance.
​
5.1.8.1 Before doing that, we will always tell you of our intentions and of the
specific purpose in making the recording. Sometimes such recordings will
be necessary to comply with the law. Alternatively, sometimes the recording
will be necessary for our legitimate interest, but in that case we will only
record the call if our interest outweighs yours. This will depend on all the
circumstances, in particular the importance of the information and whether
we can obtain the information another way that's less intrusive.
​
5.1.8.2 If we think the recording would be useful for us but that it is not necessary
we will ask whether you consent to the recording, and will provide an option
for you to tell us that you consent. In those situations, if you don't consent,
the call will either automatically end or will not be recorded.
​
5.1.9 When it is required by law, we will check your details with fraud prevention agencies. If
you provide false or inaccurate information and we suspect fraud, we intend to record
this.
​
5.2 We will not disclose your personal information to any third party except in accordance with this
Notice, and in particular in these circumstances:
​
5.2.1 They will be processing the data on our behalf as a data processor (where we will be
the data controller). In that situation, we will always have a contract with the data
processor as set out in the GDPR. This contract provides significant restrictions as to
how the data processor operates so that you can be confident your data is protected to
the same degree as provided in this Notice.
​
5.2.2 Sometimes it might be necessary to share data with another data controller. Before
doing that we will always tell you. Note that if we receive information about you from a
third party, then as soon as reasonably practicable afterwards we will let you know;
that's required by the GDPR.
​
5.2.3 Alternatively, sometimes we might consider it to be in your interest to send your
information to a third party. If that's the case, we will always ask whether you agree
before sending.
​
5.3 Where you give us personal information on behalf of someone else, you confirm that you have
provided them with the information set out in this Notice and that they have not objected to such
use of their personal information.
​
5.4 In connection with any transaction which we enter into with you:
​
5.4.1 If you provide false or inaccurate information to us and we suspect fraud, we will record
this and may share it with other people and organisations. We, and other credit and
insurance organisations, may also use technology to detect and prevent fraud.
​
5.4.2 We may need to transmit the payment and delivery information provided by you during
the order process for the purpose of obtaining authorisation from your bank or from
PayPal.
​
5.5 We may allow other people and organisations to use personal information we hold about you in
the following circumstances:
​
5.5.1 If we, or substantially all of our assets, are acquired or are in the process of being
acquired by a third party, in which case personal information held by us, about our
customers, will be one of the transferred assets.
​
5.5.2 If we have been legitimately asked to provide information for legal or regulatory
purposes or as part of legal proceedings or prospective legal proceedings.
​
5.5.3 We may employ companies and individuals to perform functions on our behalf and we
may disclose your personal information to these parties for the purposes set out above,
for example, for fulfilling orders, delivering packages, sending postal mail and email,
removing repetitive information from customer lists, analysing data, providing marketing
assistance, providing search results and links (including paid listings and links),
processing credit and debit card payments and providing customer service. Those
parties will be bound by strict contractual provisions with us and will only have access to
personal information needed to perform their functions, and they may not use it for any
other purpose. Further, they must process the personal information in accordance with
this Notice and as permitted by the GDPR. From time to time, these other people and
organisations to whom we may pass your personal information may be outside the
European Economic Area. We will take all steps reasonably necessary to ensure that
your personal information is treated securely and in accordance with this Notice and the
GDPR.
​
6. Protecting information
​
6.1 We have strict security measures to protect personal information.
​
6.2 We work to protect the security of your information during transmission by using Secure Sockets
Layer (SSL) software to encrypt information you input.
​
6.3 We reveal only the last five digits of your credit card numbers when confirming an order. Of
course, we transmit the entire credit card number to the appropriate credit card company during
order processing.
​
6.4 We maintain physical, electronic and procedural safeguards in connection with the collection,
storage and disclosure of personally identifiable customer information. Our security procedures
mean that we may occasionally request proof of identity before we disclose personal information
to you.
​
6.5 It is important for you to protect against unauthorised access to your password and to your
computer. Be sure to sign off when you finish using a shared computer.
​
7. The internet
​
7.1 If you communicate with us using the internet, we may occasionally email you about our services
and products. When you first give us personal information through the Website, we will normally
give you the opportunity to say whether you would prefer that we don't contact you by email. You
can also always send us an email (at the address set out below) at any time if you change your
mind.
​
7.2 Please remember that communications over the internet, such as emails and webmails
(messages sent through a website), are not secure unless they have been encrypted. Your
communications may go through a number of countries before they are delivered - this is the
nature of the internet. We cannot accept responsibility for any unauthorised access or loss of
personal information that is beyond our control.
​
8. Cookies and other internet tracking technology
​
8.1 When we provide services, we want to make them easy, useful and reliable. This sometimes
involves placing small amounts of information on your computer, which is sent back to us at a later
time. These are called 'cookies'. These cookies are listed in the table at clause 8.5. Some
websites don't use cookies but use related technology for gaining information about website users
such as JavaScript, web beacons (also known as action tags or single-pixel gifs), and other
technologies to measure the effectiveness of their ads and to personalise advertising content.
Multiple cookies may be found in a single file depending on which browser you use.
​
8.2 Where applicable, this section of the Notice also relates to that technology but the term 'cookie' is
used throughout.
​
8.3 Some of these cookies are essential to services you've requested from us, whereas others are
used to improve services for you, for example through:
​
8.3.1 Letting you navigate between pages efficiently
​
8.3.2 Enabling a service to recognise your computer so you don't have to give the same
information during one task
​
8.3.3 Recognising that you have already given a username and password so you don't need
to enter it for every web page requested
​
8.3.4 Measuring how many people are using services, so they can be made easier to use and
that there is enough capacity to ensure they are fast
​
8.4 To learn more about cookies, you may wish to visit: www.allaboutcookies.org,
www.youronlinechoices.eu or www.google.com/policies/technologies/cookies/
​
8.5 This Website uses, or allows use of, the following cookies:
Cookie name Cookie qualities Consent
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
8.6 The distinctions referred to in the above table are as follows:
​
8.6.1 First party versus third party cookies - we set first party cookies ourselves; third party
cookies are set by other entities via our Website.
​
8.6.2 Session versus persistent cookies - session cookies only persist for the duration of that
visit; persistent cookies last for longer
​
8.6.3 Identifying information removed - just because we've done this, they will still be personal
information if the relevant information can be reassembled
​
8.6.4 Categories 1-4 found in the ICC UK Cookie guide, as explained below. Category 1
cookies do not require the user's consent, though one must still tell them about the
cookies. Categories 2-4 do require their specific and informed consent.
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
8.7 As with any other information we may collect from you, we will work to protect the security of your
information during transmission by using by using Secure Sockets Layer (SSL) software to encrypt
information you input.
​
8.8 The Website may include links to third-party websites. We do not provide any personally
identifiable customer personal information to these third-party websites unless you've consented
in accordance with this privacy notice, however as to cookies please see above clause Cookies
and other internet tracking technology.
​
8.9 We exclude all liability for loss that you may incur when using these third-party websites.
​
9. Further information
​
9.1 If you would like any more information or you have any comments about this Notice, please either
write to us at Data Protection Manager, Sutherland Interiors, 1 St. Mary's Road, Ballsbridge, Dublin D04N6C0, or
email us at info@sutherlandinteriors.ie.
​
9.2 Please note that we may have to amend this Notice on occasion, for example if we change the
cookies that we use. If we do that, we will publish the amended version on the Website. In that
situation we will endeavour to alert you to the change, but it is also your responsibility to check
regularly to determine whether this Notice has changed.
​
9.3 You can ask us for a copy of this Notice by writing to the above address or by emailing us at
info@sutherlandinteriors.ie. This Notice applies to personal information we hold about individuals.
It does not apply to information we hold about companies and other organisations.
​
9.4 If you would like access to the personal information that we hold about you, you can do this by
emailing us at or writing to us at the address noted above. There may
be a nominal charge of up to €6.35 to cover administrative costs. You can also ask us to send the
personal information we hold about you to another controller.
​
9.5 We aim to keep the personal information we hold about you accurate and up to date. If you tell us
that we are holding any inaccurate or incomplete personal information about you, we will promptly
amend, complete or delete it accordingly. Please email us at or write to
us at the address above to update your personal information. You have the right to complain to the
Data Protection Commissioner if we don't do this.
​
9.6 You can ask us to delete the personal information that we hold about you if we relied on your
consent in holding that information or if it is no longer necessary. You can also restrict or object to
our processing of your personal information in certain circumstances. You can do this by emailing
us at or writing to us at the address noted above.
​
9.7 We will tell you if there is a breach, or a likely breach, of your data protection rights.
​
​
​
​
​
​


