FurnitureRoots, a brand of Desert Furnish Design Hub Private Limited, (hereinafter referred to as “Company,” “FR,” or “We”) respects your privacy and is committed to protecting it through our compliance with this policy and any applicable laws when you use the website at www.furnitureroots.com and any related website or domain operated by FR (the ?Sites?), or any Services (defined in the next paragraph) accessed from any Sites, or both of the Sites and Services.
FR offers businesses and individuals access to products, services, resources, and ancillary products, services, and resources it currently provides or may provide in the future (hereinafter collectively referred to as ?Services?) for interior design, décor, furnishings, furniture and other products and services it currently provides or may provide in the future.
This policy applies to information we collect:
- On the Sites.
- Under GDPR, this policy also applies to Personal Data to the extent that you as a Data Subject under GDPR provide that Personal Data to or it is collected from you on the websites of certain FR partners who provide a service registering you for FR events and those partners in their capacity as Data Controllers share any event attendee/participant Personal Data with FR.
- In email, text, and other electronic messages between you and the Sites.
- Through mobile and desktop applications you download from the Sites or in connection with the Services, which provide dedicated non-browser-based interaction between you and the Sites.
- From third parties, whether they are partners or vendors.
This policy may change from time to time. Your continued use of these Sites or Services after we make changes is deemed to be acceptance of those changes, so please check the policy periodically for updates.
Our Sites are not intended for children under 13 years of age. No one under age 13 may provide any information to or on the Sites. We do not knowingly collect personal information from children under 13. If you are under 13, do not use or provide any information on the Sites or on or through any of its features/register on the Sites, make any purchases through the Sites, use any of the interactive or public comment features of the Sites, or provide any information about yourself to us, including your name, address, telephone number, email address, or any screen name or user name you may use. If we learn we have collected or received personal information from a child under 13 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 13, please contact us at firstname.lastname@example.org.
- In order to perform pursuant to one or more legal agreements (contracts) with you,
- With your consent, and
- Pursuant to a Legitimate Interest, in which FR considers the purpose it has for Processing your Personal Data, whether the Processing is necessary for that Purpose, and whether your own personal interests as a Data Subject outweigh FR?s purpose in Processing your Personal Data.
(As a reminder, if you are not a Data Subject providing your Personal Data to FR from within the European Union, GDPR does not apply to you.)
We collect several types of information from and about users of our Sites and Services, including information:
- By which you may be personally identified, such as name, postal address, email address, or telephone number (“personal information”);
- That is about you but individually does not identify you, such as your company name and job title; and/or
- About your Internet connection, the equipment you use to access our Sites, and usage details.
(Under GDPR, FR collects Personal Data from Data Subjects from within the EU, and Personal Data is considered to be broader and to include more categories of information than how we generally refer to ?personal information? in this policy. We will be specific when we are discussing GDPR and activities we undertake related to Personal Data under GDPR.)
- Directly from you when you provide it to us.
- Automatically as you navigate through the site using cookies and other tracking technologies defined and discussed with more detail below. Information collected automatically may include usage details, email address, IP addresses, and information collected through cookies and other tracking technologies.
- From third parties, for example, our business partners and third-party service providers who we believe in good faith are providing or sharing with us data in compliance with applicable laws or with whom you have authorized either these third parties or us or both to collect and use the data.
The information we collect on or through our Sites or Services may include:
- Information that you provide by filling in forms on our Sites. This includes without limitation information provided at the time of subscribing to the Services, and when you report a problem with our Sites.
- Records and copies of your correspondence (including email addresses), if you contact us.
- Your responses to surveys that we might ask you to complete for research purposes.
- Details of transactions you carry out through our Sites and of the fulfillment of your orders. You may be required to provide financial information before placing an order through our Sites.
- Your search queries on the Sites.
- Information you enter into our Sites about your marketing activities so that we can provide Services to you.
You also may provide information to be published, displayed, or transmitted (hereinafter “posted”) on public areas of the Sites, or transmitted to other users of the Sites or third parties (collectively, “Interactive Content”). Your Interactive Content is posted on and transmitted to others at your own risk; we cannot control the actions of other users of the Sites with whom you may choose to share your Interactive Content. Therefore, we cannot and do not guarantee that Interactive Content will not be viewed by unauthorized persons.
As you navigate through and interact with our Sites and Services, we may automatically collect certain information about your equipment, browsing actions, and patterns, including without limitation:
- Details of your visits to our Sites, including traffic data, location data, logs, and other communication data and the resources that you access and use on the Sites.
- Information about your computer and Internet connection, including your IP address, operating system, and browser type.
The information we collect automatically is statistical data and does not identify any individual*. It helps us to improve our Sites and Services and to deliver better and more personalized future services by enabling us to do things such as:
- Estimate our audience size and usage patterns.
- Store information about your preferences, allowing us to customize our Sites according to your individual interests.
- Speed up user searches.
- Recognize you when you return to our Sites.
- Provide better services in the future.
(*The information referred to above may still constitute Personal Data under GDPR even though more generally FR does not try to identify any individuals beyond recognizing them when they return to the Sites in order to provide and/or to enhance the experience described in 2. to 5. above; however, to the extent this information is not anonymized or pseudonymized to the extent that it no longer qualifies as Personal Data, FR will comply with GDPR with respect to Processing any such Personal Data.)
- Flash cookies. Certain features of our Sites may use local stored objects (or Flash cookies) to collect and store information about your preferences and navigation to, from, and on our Sites. Flash cookies are not managed by the same browser settings as are used for browser cookies. For information about managing your privacy and security settings for Flash cookies, see Choices About How We Use and Disclose Your Information.
- Web beacons. Pages of our the Sites and our emails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit us, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).
We do not collect personal information automatically, but we may tie this information to personal information about you that we collect from other sources or you provide to us. However, to the extent the information we collect by automatic means constitutes Personal Data under GDPR either before or after we collect it, our processing of that Personal Data will comply with GDPR.
We use information that we collect about you or that you provide to us, including any personal information:
- To present our Sites and their content to you.
- To provide you with information, products, or services that you request from us.
- To fulfill any other purpose for which you provide it.
- To provide you with notices about your subscriptions to the Services, including expiration and renewal notices.
- To carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection.
- To notify you about changes to our Sites or any products or services we offer or provide though it.
- To allow you to participate in interactive features on our Sites.
- In any other way we may describe when you provide the information.
- For any other purpose with your consent.
We never sell your personal information or provide it to others for their own and exclusive marketing purposes.
- We share your personal information with trusted third parties who are our technology suppliers and partners where we have agreements to provide services with or in conjunction with FR Services that our marketing research indicates you have sought if not actually requested, such as Google Analytics, worldwide business location map and other location-specific software as a service offerings, and reliable keyword data services for SEO. FR is committed to working with suppliers and partners who comply with similar and equally protective undertakings of privacy and confidentiality.
- We share your personal information with third parties who perform functions on our behalf and who also provide services to us, such as professional advisors, IT consultants carrying out testing and development work on our business technology systems, research and mailing houses and function coordinators, including software systems for customer relationship management (customer relationship management/sales force automation, e.g. Salesforce.com), customer service and support solutions (e.g. Intercom), email campaign marketing (e.g. Marketo and HubSpot). These third parties comply with similar and equally protective undertakings of privacy and confidentiality.
- We do not currently have very limited affiliated companies. However, as we grow our business, we will likely share your personal information with our other affiliated (?Group?) companies for internal reasons, primarily for business and operational purposes. As we continue to develop our business, we may sell or purchase assets. If another entity acquires us or merges with us, your personal information will be disclosed to such entity. Also, should any bankruptcy or reorganization proceeding ever be brought by or against us, all such information will be considered an asset of ours and as such it is possible they will be sold or transferred to third parties.
- To fulfill the purpose for which you provide it. For example, if you give us an email address to use the “email a friend” feature of our Sites, we will transmit the contents of that email and your email address to the recipients.
- For any other purpose disclosed by us when you provide the information.
- With your consent.
When we share Personal Data under GDPR with our partners, we will do so pursuant to GDPR appropriate Data Processing Addendum or Data Sharing Agreements as appropriate given the nature of the parties? respective roles under GDPR (i.e. Data Controllers to Data Processors versus co-Data Controllers).
We may also disclose your personal information:
- If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of FR, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.
We strive to provide you with choices regarding the personal information you provide to us.For those users of our Services and Sites Outside of the European Union and for which GDPR does not apply, we have created the following mechanisms and practice to provide you with the following control over your information:
Promotional offers from the company. If you do not wish to have your contact information used by the Company to promote our own or third parties’ products or services, as an account holder or subscriber at any other time you can make changes by logging into the Sites and adjusting your user preferences in your account profile by checking or unchecking the relevant boxes. For forms on which we collect information or data from non-account holders, we will switch our practice to the extent applicable law requires (e.g. GDPR) so that by default you are opted-out and can opt-in only by checking the relevant box located on the form on which we collect your information or data. If you find that you are receiving communications that you do not believe you have provided consent, you can alert us to your concerns by sending us an email stating your request to email@example.com. If we have sent you a promotional email, you may send us a return email asking to be omitted from future email distributions. This opt out does not apply to information provided to the Company as a result of a product purchase, warranty registration, product service experience, or other transactions.
For those users of our Services and Sites from within the European Union and for which GDPR applies, we have created the following mechanisms and practices to provide you with the following control over your personal information that comprises GDPR Personal Data:
We only retain your personal information/Personal Data for as long as is necessary for us to use your information as described above or to comply with our legal obligations and legitimate interests. Please be advised that this means that we may retain some of your personal information/Personal Data after you cease to use our Services. For instance, we may retain your data as necessary to meet our legal obligations, such as for tax and accounting purposes.
When determining the relevant period in which we retain or establish/revise periods for retaining personal information/Personal Data, we will take the following factors into account:
- Our contractual obligations and rights in relation to the information involved;
- Legal obligation(s) under applicable law to retain data for a certain period of time or with respect to pending or anticipated legal actions;
- Our legitimate interest where we weigh your interest in controlling your Personal Data and against our lawful purpose in processing your Personal Data;
- Statutes of limitations under applicable law(s);
- If you have made a request to have your information deleted; and
- Guidelines issued by relevant data protection authorities.
Otherwise, pursuant to GDPR, we will securely erase your personal information/Personal Data once there is no lawful basis or legal obligation to store or process it.
Other helpful information about FR, the Sites and the Services, and GDPR is available from FR?s GDPR FAQ located at www.furnitureroots.com.
California Civil Code Section § 1798.83 permits users of our Sites that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please send an email to firstname.lastname@example.org.
We have implemented measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration, and disclosure. All information you provide to us is stored on our secure servers behind firewalls. Any payment transactions will be encrypted using SSL technology.
The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of our Sites, you are responsible for keeping this password confidential. We ask you not to share your password with anyone. We urge you to be careful about giving out information in public areas of the Sites like message boards. The information you share in public areas may be viewed by any user of the Sites.
Unfortunately, the transmission of information via the Internet is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to our Sites or via our Services. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Sites or via the Services.
What are your rights?
By law, if any of your personal information/Personal Data provided to FR is subject to GDPR in the European Union, you have a number of rights when it comes to your personal information/Personal Data. Further information and advice about your rights can be obtained from the data protection regulator in your country.
IMPORTANT: When you contact FR to exercise your rights described below, it is very important for security verification and other purposes that you use any email address that you know is associated with the personal information/Personal Data about which you are contacting FR.
You have the right to object to certain types of processing, including processing for direct marketing (i.e. if you no longer want to be contacted with potential opportunities).
HOW TO EXERCISE YOUR RIGHT: If you want to object to certain types of processing, please direct your communication to email@example.com providing specific and detailed information regarding your objection and requested action.
This is so you are aware and can check that we are using your information in accordance with GDPR or any other applicable data protection laws.
HOW TO EXERCISE YOUR RIGHT: If you have questions specific to your personal information/Personal Data and how FR is using it in accordance with GDPR or other applicable laws, please direct your communication to firstname.lastname@example.org and please be specific and detailed about your questions and FR will promptly address those questions.
You are entitled to have your information corrected if it is inaccurate or incomplete.
HOW TO EXERCISE YOUR RIGHT: If you believe your personal information/Personal Data processed by FR is incorrect and needs to be updated or otherwise corrected, please check your settings with respect to your account, and if you still believe your Personal Data is inaccurate, direct your communication to email@example.com.
This is also known as ?the right to be forgotten? and, in simple terms, enables you to request the deletion or removal of your personal information/Personal Data where there?s no compelling reason for us to keep using it. This is not a general right to erasure; there are exceptions.
HOW TO EXERCISE YOUR RIGHT: If you no longer want FR to have and process your personal information/Personal Data, please direct your communication to firstname.lastname@example.org.
(NOTE: Consistent with GDPR, FR may retain a trivial amount of information to keep a record of its compliance with your request.)
You have rights to ?block? or suppress further use of your personal information/Personal Data that FR processes. When processing is restricted, we can still store your personal information/Personal Data, but may not use it further. We keep lists of people who have asked for further use of their information to be ?blocked? to make sure the restriction is respected in future.
For clarity, if you do make these requests, it does not mean that anything we have done with your personal information/Personal Data with your consent up to that point is unlawful.
HOW TO EXERCISE YOUR RIGHT: If you no longer want to restrict FR from processing your personal information/Personal Data, please direct your communication to email@example.com.
If you have given your consent to anything we do with your personal information/Personal Data, you have the right to withdraw your consent at any time. This includes your right to withdraw consent to us using your personal information/Personal Data for marketing purposes.
HOW TO EXERCISE YOUR RIGHT: If you want FR to withdraw your consent to process your personal information/Personal Data, please direct your communication to firstname.lastname@example.org.
You have rights to obtain and reuse your personal information/Personal Data for your own purposes across different services. For example, if you decide to switch to a new provider of services like the Services from FR that you subscribed to, this enables you to move, copy, or transfer your personal information/Personal Data easily between our IT systems and theirs safely and securely, without affecting its usability.
HOW TO EXERCISE YOUR RIGHT: If you want FR to export your personal information/Personal Data for portability, please direct your communication to email@example.com.
(NOTE: FR will retain and continue to process your personal information/Personal Data unless you also request to be forgotten or request restricted or blocked processing.)
You have the right to lodge a complaint about the way we handle or process your personal information/Personal Data with your national data protection regulator. However, we hope you will contact FR first (firstname.lastname@example.org) so FR can try to address your complaint directly.
HOW TO EXERCISE YOUR RIGHT: If you want to lodge a complaint with FR, please direct your communication to email@example.com.
We usually act on requests and provide personal information/Personal Data free of charge, but may charge a reasonable fee to cover our administrative costs of providing the personal information/Personal Data for:
- Baseless or excessive/repeated requests, or
- Further copies of the same personal information/Personal Data. Alternatively, we also may be entitled to refuse to act on the request.
Please consider your request responsibly before submitting it. We will respond as soon as we can. Generally, this will be within one month from when we receive your request but, if the request is going to take longer to deal with, we will come back to you and let you know.
Importantly, please understand that if you are a paid/unpaid subscriber to a FR Service, many types of Personal Information/Personal Data are necessary for FR to maintain and continue your account, along with the subscription to any Services which that Personal Information/Personal Data is associated. If the Personal Information/Personal Data can no longer be used by FR for that purpose, it may necessitate terminating the account and/or subscription (without any refund) and discontinuing access to and the use of the Service and/or Sites to which the Personal Information/Personal Data is associated. We will use reasonable efforts to advise you of any such adverse consequences of restricting or removing our ability to maintain accounts and subscriptions by requests related to Personal Information/Personal Data, e.g. removal, restriction, blocking, etc.
Updated Mar 24, 2019