Last updated 14th November 2024
We are Porta Romana Limited, registered at Companies House under number 3950316. We are based at Northbrook Business Park, Farnham, Surrey GU10 5EU.
We are registered as a fee payer with the ICO under registration number ZA013947.
Porta Romana acts as a Data Controller. Being a Controller means that we are trusted to look after and deal with your personal information in accordance with this notice. We determine the ways and means of processing your data and must therefore be accountable for it. We act as a Data Processor on behalf of our distributors where they provide your details ask us to fulfil your order on their behalf.
You have rights in respect of our processing of your personal data. The relevant rights are:
If you want to exercise any of these rights, please contact us on sales@portaromana.com or call +44 1420 23005
You also have the right to log a complaint about our processing with a supervisory authority — in the UK that is the ICO whose details are HERE.
Data that we hold and how we use it
As a Trade Customer, we hold your contact details and who you work for as they are required to carry out our contract with you, manage our relationship and keep you up to date with changes and improvements to our services.
As a Prospective Trade Customer, we process your name, corporate email address, corporate phone number, company you work for, geographic location and goods of interest. We would have sourced this data from you completing a form on our website, attending a showroom, or talking with us directly. We use the data to contact you about our goods and services. We may also track when you open and interact with marketing emails we send. If you wish to stop receiving emails from us please just let us know.
Lawful basis for processing
As a Trade Customer, our lawful basis for processing your data is Contract when the data is used to enable us to fulfil our contract with you (i.e. to complete a transaction) and manage our relationship. Our lawful basis for processing your data is Legitimate Interest when data is used to send you marketing about goods and services that we believe will be of interest to you.
As a Prospective Trade Customer, our lawful basis for processing your data is a Legitimate Interest for marketing purposes.
As you are a corporate entity, we also abide by the Privacy and Electronic Communications Regulations (PECR). We give you the chance to opt out of all marketing on anything that we send you. We only share details of our own goods and services in our marketing. If your data was not sourced directly from you, then we contact you once we have the data to let you know that we have your data and give you the chance to opt out. Our legitimate interest balancing test indicates that this is a legitimate purpose: you would not be surprised to hear from us based on the nature of your job role, and our processing does not cause any harm or risk to you as a data subject.
Retention Periods
As a Trade Customer, we store your data for indefinitely in case of dispute.
As a Prospective Trade Customer, we will process your data until such a time when we are aware that you are no longer a Potential Trade Customer (either you have become a Trade Customer because you made a purchase, or you have told us that you have no interest in our services now or in the future). We hold data on Prospective Trade Customers indefinitely, or until the point at which you opt out of communications. At this point you are added to a suppression list so we do not contact you again.
Data that we hold and how we use it
If you act as a Sales Agent to Porta Romana, you are acting as our processor and we hold the following data on you: name, contact details, geographical location, company you work for, and any personal data exchanged in correspondence.
This data would have been sourced from you directly. We use this data to manage our relationship and to share with you details of any goods or services that you or our clients may be interested in.
Lawful basis for processing
Our lawful basis for processing your data is Contract when the data is used to enable us to fulfil a contract with you (i.e. to complete a transaction) and manage our relationship.
Retention Periods
We store your data for as long as you are active as a Sales Agent, then another seven years in case of dispute.
End Customer (via one of our trade clients or sales agents)
Data that we hold and how we use it
Data that we hold about end customers (both Trade and Retail) include your name, email address, phone number, shipping address, payment details, purchase details.
This data would have been provided to us by our Trade Client or Sales Agent acting on our behalf.
We use the data to manage the sale and shipping process, and to contact you about our goods and services. We may also track when you open and interact with marketing emails we send. If you wish to stop receiving emails from us please just let us know.
Lawful basis for processing
We process your data to ensure we can fulfil our contract with you. Our lawful basis for processing your data is Contract when the data is used to enable us to fulfil our contract with you (i.e. to complete a transaction) and manage our relationship.
Our lawful basis for processing your data is Legitimate Interest when data is used to send you marketing about goods and services we believe will be of interest to you. You will have the chance to opt out of marketing when we or our Client or Agent first collects your details, and in every message we send.
Retention Periods
We store your data indefinitely, in case of dispute.
Data that we hold and how we use it
Like many businesses, at our Head Office we use CCTV for the purpose of ensuring the safety and security of our property, employees and visitors.
Lawful basis for processing
Our lawful basis for processing CCTV data is Legitimate Interest. Our use of CCTV is proportionate and visitors would reasonably expect its use.
Retention Periods
Our CCTV footage is deleted after 30 days unless there is a legitimate reason identified to keep it longer, such as for the investigation of a crime. It is shared with law enforcement or other Third Parties only when we have a lawful basis to do so.
Data that we hold and how we use it
Data that we hold about direct customers include your name, email address, shipping address, payment details, purchase details.
We use the data to manage the sale and shipping process, and to contact you about our goods and services. We may also track when you open and interact with marketing emails we send. If you wish to stop receiving emails from us please just let us know.
Lawful basis for processing
Our lawful basis for processing your data is Contract when the data is used to enable us to fulfil our contract with you (i.e. to complete a transaction) and manage our relationship.
Our lawful basis for processing your data is Legitimate Interest when data is used to send you marketing about goods and services we believe will be of interest to you. You will have the chance to opt out of marketing when we first collect your details and in every message we send.
Retention Periods
We store your data indefinitely in case of dispute.
Data that we hold and how we use it
If you register for our newsletter then we will process your email address.
We use the data to stay in touch with you via our newsletter or emails about our goods and services. We may also track when you open and interact with marketing emails we send. You are given the chance to opt out of this at the point at which we collected the data, and then in every subsequent communication. If you wish to stop receiving emails from us please just let us know.
Lawful basis for processing
For businesses (B2B), our lawful basis for processing your data is a Legitimate Interest for marketing purposes. As you are a corporate entity, we also abide by the Privacy and Electronic Communications Regulations (PECR). We give you the chance to opt out of all marketing on anything that we send you. We only share details of our own goods and services in our marketing. If your data was not sourced directly from you, then we contact you once we have the data to let you know that we have your data and give you the chance to opt out. Our legitimate interest balancing test indicates that this is a legitimate purpose: you would not be surprised to hear from us based on the nature of your job role, and our processing does not cause any harm or risk to you as a data subject.
For individual consumers (B2C), our lawful basis for processing your data is Consent. We give you the chance to opt out of all marketing on anything that we send you. We only share details of our own goods and services in our marketing.
Retention Periods
We will hold your data indefinitely, or until the point at which you opt out of communications. If you ask to unsubscribe from our newsletter/ marketing, we will move your details to our suppression list to ensure that we don’t accidentally contact you again in the future. If you make a purchase and become a direct customer, then that Privacy Notice will apply.
Data that we hold and how we use it
When you browse our website, we collect information about the actions you take, using cookies. This data includes information such as your computer’s Internet Protocol (“IP”) address, browser type, browser version, the pages of our website that you visit, the time and date of your visit, the time spent on those pages and other usage statistics. In addition, we may use third party services that collect, monitor and analyse this data.
We use cookies to administer the online store, to gather information on IP addresses, to analyse trends, track your movements on our website and gather broad demographic information for aggregate use.
About Cookies
The UK Information Commissioner defines cookies as ‘small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site.’ Any browser visiting our site will potentially receive cookies from us or cookies from third parties such as our partners or service providers.
We use two types of cookies: persistent cookies and session cookies. A persistent cookie lasts beyond the current session and is used for many purposes, such as recognising you as an existing user, so any preferences you have added will be available the next time you visit. Session cookies last only as long as the session. Once you close the page, the cookie is deleted.
What Cookies Do We Use?
Functional Cookies
These cookies allow us to provide additional functionality, like the ability to have an online chat function, or to be able to show videos.
Strictly Necessary
These cookies are necessary for the website or application to function. Without them the site will not work. Or they provide functionality that the user expects to exist. Or the cookies enable us to adhere to the GDPR security requirements.
Performance Cookies
Performance cookies are used so we can collect information about how people use our website – for example, the number of users on a website, how long they stay on the site for, and what parts of the site they visit.
Advertising Cookies
These cookies are used to deliver adverts more relevant to our website visitors and their interests. They are also used to limit the number of times a visitors will see an advertisement as well as help measure the effectiveness of our advertising campaigns.
Social Media Cookies
Social media cookies allow users to interact more easily with social media, such as Facebook and Instagram. Where we provide social media links or interactions on our website, such as like or share buttons, and you interact with them, the social media organisation may drop cookies and they will be covered by the Privacy Policy of that organisation. We typically do not receive any personal data collected as a result of such interaction, although we may receive aggregated reports.
If you want to exercise any of these rights, please just contact us on sales@portaromana.com
or call +44 1420 23005
Consent for Cookies
When we want to use any cookie category other than “Strictly Necessary”, we will ask for your consent. This is done via our cookie banner. To find out how to update your preferences, click HERE.
Data that we hold and how we use it
If you are a Supplier to us, we hold the corporate contact and payment details required to carry out our contract with you and data to manage our relationship with you. This data would have been sourced from you directly, although your contact details may have been sourced from a recommendation or another source, with the intention of entering into a contact with you.
Lawful basis for processing
Our lawful basis for processing your data is Contract; all data is used to enable us to fulfil our contract with you, including paying you and managing our relationship with you.
We may also share your details if someone asks us to recommend a good Supplier. When this happens, our lawful basis is Legitimate Interest.
Retention Periods
We store your data for as long as you are a supplier with us or likely to be a Supplier in the future, plus seven years in case of dispute.
Data that we hold and how we use it
As a potential employee we hold the following data on you: contact details, CV, interview notes, and correspondence relating to a potential contract with us.
We also carry out pre-employment checks, as legally obligated to do so by HMRC and various visa requirement bodies.
If you applied for a role with us via any of the systems where we place our vacancies, then the data we hold will have come directly from you.
If you are successful in gaining employment with us then you will fall under the Employee Privacy Notice going forward; please then refer to SharePoint.
Lawful basis for processing
Our lawful basis for processing your data is a combination of Contract, Legitimate Interest, and Legal Obligation. When you applied for a job it was with a view to entering into an employment contract with us. If we decide not to go forward with your application then we use Legitimate Interest to retain the data should the chosen candidate not work out or another role become immediately available. For right-to work check evidence, our lawful basis for processing your data is Legal Obligation.
Retention Periods
If you are not successful in securing a role, then we will keep your details on our systems for a period of up to 12-months.
Thank you
for subscribing!
(popout)
