DIA Dream Design

+000 0000000
info@diadreamdesign.co.uk
LOGIN
0

Privacy Policy

Home / Privacy Policy

This Privacy Policy describes how DIA DREAM DESIGN, incorporated and registered in England and Wales with company number 10827792 Whose registered office is at  (hereinafter referred to as the “CONTROLLER”), collects, uses, stores, and protects personal data of users of the website info@diadreamdesign.co.uk (hereinafter referred to as the “Site”).

By accessing and using our Site and/or by providing us with your personal data, you  consent to the collection and processing of your personal data by the CONTROLLER. You also confirm the accuracy and truthfulness of the data provided. Furthermore, you declare that you have been informed about the types of personal data that the CONTROLLER collects and processes, the purposes for which they are used, and your rights of access, correction, or deletion of collected personal data.

1. Definitions

In this privacy policy, the following terms are used:

Personal Data
Personal data means any information relating to an identified or identifiable natural person (“data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data, online identifier, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.

Data Subject
A data subject is any identified or identifiable natural person whose personal data is processed by the controller responsible for the processing.

Processing of Personal Data
Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.

Restriction of Processing
Restriction of processing is the marking of stored personal data with the aim of limiting their processing in the future.

Profiling
Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements.

Pseudonymization
Pseudonymization is the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data is not attributed to an identified or identifiable natural person.

Controller
A controller is a natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.

Processor
A processor is a natural or legal person, public authority, agency, or other body which processes personal data on behalf of the controller.

Recipient
A recipient is a natural or legal person, public authority, agency, or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law are not considered recipients.

Third Party
A third party is a natural or legal person, public authority, agency, or body other than the data subject, controller, processor, and persons who, under the direct authority of the controller or processor, are authorized to process personal data.

Consent
The data subject’s consent is any freely given, specific, informed, and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

2. Collected Personal Data
The term “Personal Data” refers to any information by which an individual can be identified, directly or indirectly. According to the General Data Protection Regulation (GDPR), personal data may include name, email, address, telephone number, bank account details, health information, etc.
We do not collect personal data from children under the age of 14. In the event that we have collected personal information about a child under the age of 14, we will take steps to delete this information as soon as possible.
When using our online store, we may collect the following categories of personal data:

  • First and last name
  • Telephone number
  • Email address
  • Delivery address
  • Company information (if applicable)
  • Payment information (e.g., for online transactions – via secure external platforms)
  • IP address and device/browser information
  • Order history

3. Purposes of Personal Data Processing
Your data is processed for the following purposes:

  • Acceptance, processing, and delivery of orders
  • Issuance of invoices and other accounting documents
  • Communication via email or phone related to orders
  • Responding to inquiries via the contact form
  • Sending information about new products, promotions (only with explicit consent)
  • Improving the functionality and security of the website

4. Legal Basis for Processing
We process your personal data based on:

  • Performance of a contract (Art. 6(1)(b) of the GDPR) – when you place an order
  • Legal obligation (Art. 6(1)(c)) – for example, for accounting purposes
  • Consent (Art. 6(1)(a)) – for marketing/newsletters
  • Legitimate interest – for fraud protection, service improvement, etc.

5. Automated Decision-Making, Including Profiling
The website administrator does not engage in automated decision-making or profiling.

6. Automated Decision-Making

There is no automated decision-making, including profiling, that produces legal effects concerning you or similarly significantly affects you, as per Article 22 of the GDPR.

7. Storage Period of Your Data

Unless specifically stated otherwise, we store personal data only as long as necessary to fulfil the purposes pursued or as required by law.

If the processing is based on consent, the data will only be stored as long as you have not revoked your consent.

In the case of contractual relationships, the data is stored as long as it is necessary for the performance of the contract or to comply with statutory retention obligations.

8. Data Subject Rights

You have the following rights under the General Data Protection Regulation:

  • Right to access (Art. 15 GDPR): You have the right to obtain confirmation as to whether personal data concerning you is being processed, and where that is the case, access to the personal data and information such as the processing purposes, categories of personal data, etc.
  • Right to rectification (Art. 16 GDPR): You have the right to request the correction of inaccurate personal data concerning you and the completion of incomplete data.
  • Right to erasure (Art. 17 GDPR): You have the right to request the erasure of your personal data without undue delay, provided that certain conditions apply.
  • Right to restriction of processing (Art. 18 GDPR): You have the right to request restriction of processing of your personal data under certain conditions.
  • Right to data portability (Art. 20 GDPR): You have the right to receive your personal data, which you provided to us, in a structured, commonly used, and machine-readable format and to transmit it to another controller without hindrance.
  • Right to object (Art. 21 GDPR): You have the right to object at any time to the processing of personal data concerning you that is based on legitimate interests, including profiling.
  • Right to withdraw consent (Art. 7(3) GDPR): You have the right to withdraw your consent at any time with effect for the future.
  • Right to lodge a complaint with a supervisory authority (Art. 77 GDPR): You also have the right to lodge a complaint with a supervisory authority, especially in the Member State of your habitual residence, place of work, or the place of the alleged infringement.

9. Data Security

We take appropriate technical and organizational security measures to protect your data against manipulation, loss, destruction, or unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.

10. Cookies
The website uses “Cookies”. “Cookies” are small text files that are stored in the computer system via an internet browser.
A cookie ID is a unique identifier of the cookie. It consists of a string of characters that allows internet pages and servers to be assigned to the specific internet browser in which the cookie is stored. This enables visited websites and servers to distinguish the individual browser of the data subject from other internet browsers that store different cookies. A specific internet browser can be recognized and identified by the unique cookie ID.

By using cookies, the WEBSITE ADMINISTRATOR can provide users of the Website with more user-friendly services that would not be possible without the cookie settings.
The visitor to the website can prevent the setting of cookies at any time by adjusting the settings of the internet browser used, thereby permanently refusing the use of cookies. If the data subject disables cookie settings in the used browser, not all functions of our website may be fully operational.

We may use cookies for:

  • User interface functionality
  • Analysis of user behavior (e.g., Google Analytics)
  • Improving marketing campaigns

You can control cookies through your browser settings.

Cookies we use:

Cookie namePurposeExpires
Strictly Necessary cookies
sbjs_current_addStores information about the current source of the user (e.g., UTM referrer, campaign).Session cookie (these are deleted when you finish browsing a website and are not stored on your computer longer than this).
sbjs_current_addStores additional metadata about the traffic source of the current session, such as timestamps (e.g., time of visit), landing page, or additional UTM parameters.Session cookie (these are deleted when you finish browsing a website and are not stored on your computer longer than this).
sbjs_firstRecords the first source through which the user accessed the website.Session cookie (these are deleted when you finish browsing a website and are not stored on your computer longer than this).
sbjs_first_addStores additional metadata about the first visit – e.g., timestamps, campaign details, and more.Session cookie (these are deleted when you finish browsing a website and are not stored on your computer longer than this).
sbjs_migrationsUsed internally for version control or migration status of the tracking library.Session cookie (these are deleted when you finish browsing a website and are not stored on your computer longer than this).
sbjs_sessionStores data about the source for the current session, e.g. medium, source, campaign.Session cookie (these are deleted when you finish browsing a website and are not stored on your computer longer than this).
Sbjs_udataCollects and stores data related to the user and browser information associated with the user’s source.Session cookie (these are deleted when you finish browsing a website and are not stored on your computer longer than this).

11. Contact Options Through the Site
The site contains a contact form for quick electronic communication with us, as well as email addresses for correspondence with us. If a data subject contacts the administrator via email or through the contact form, the personal data transmitted by the data subject is stored automatically. Such personal data, voluntarily provided by the data subject to the data controller, is stored for the purpose of processing or communicating with the data subject. There is no transfer of this personal data to third parties.

12. Links to Third Parties
This Site includes integrated components from the company Facebook. Facebook is a social network.
The operating company of Facebook is Meta Platforms, Inc., headquartered in Menlo Park, California.

Whenever a page of this Site containing a Facebook component is accessed, the web browser of the data subject is automatically prompted to download and display the respective Facebook component. An overview of all Facebook plugins can be found at https://developers.facebook.com/docs/plugins/. During this technical process, Facebook is informed about which page the data subject has visited.

If the data subject is simultaneously logged into Facebook, Facebook detects, with each call to our website by the data subject—and for the entire duration of their stay on our internet site—which specific subpage of our internet site was visited by the data subject. This information is collected through the Facebook component and associated with the corresponding Facebook profile of the data subject. If the data subject clicks on one of the Facebook buttons integrated into our website, e.g., the “Like” button, or submits a comment, Facebook matches this information with the personal user account of the data subject and stores the personal data.

Facebook always receives information about the visit to our website by the data subject via the Facebook component, whenever the data subject is simultaneously logged into Facebook during the access to our website. This happens regardless of whether the data subject clicks on the Facebook component or not. If such transmission of information to Facebook is undesirable for the data subject, he or she can prevent this by logging out of their Facebook account before visiting our website.

The data protection guidelines published by Facebook, available at https://facebook.com/about/privacy/, provide information about the collection, processing, and use of personal data by Facebook. In addition, they explain what settings Facebook offers to protect the privacy of the data subject. Moreover, there are various configuration options available that allow the blocking of data transmission to Facebook, such as the Facebook blocker from the provider Webgraph, which can be found at http://webgraph.com/resources/facebookblocker/. These applications can be used by the data subject to prevent data transmission to Facebook.

13. Changes to the Privacy Policy

We reserve the right to change this privacy policy at any time in compliance with applicable data protection laws. The current version is available on our website

14. Contact with the Data Controller
If you have any questions regarding the processing of personal data, please contact us:
• DIA DREAM DESIGN
• Email: info@diadreamdesign.co.uk
• Phone: 07503046722

• Address: 52 The Ridgeway ,Croydon, England  ,CR0 4AE