Verano Interiors (“we”, “us”, “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose and protect your personal data under UK law (including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018), when you use our Site or engage our Services.

1. Data Controller & Contact Details

We are the data controller in respect of your personal data.
Company Name: Verano Interiors
Registered Address: [Insert Full Registered Address]
Contact Email: [Insert Email]
If applicable: Contact for Data Protection Officer (DPO): [Insert DPO Name / Contact]

2. Personal Data We Collect

We may collect the following categories of personal data:

  • Identity & Contact Data: your name, email address, telephone number, postal address.

  • Project Information: details about your home, preferences, design style, images, floor plans, measurements.

  • Payment & Billing Data: payment method, billing address, transaction information (if applicable).

  • Usage & Technical Data: device type, IP address, browser, operating system, referring URLs, pages visited, time and date stamps.

  • Marketing Data: preferences for receiving marketing (if you opt in).

3. Lawful Basis for Processing

We rely on one or more of these lawful bases under UK GDPR for processing your personal data:

  • Performance of a contract with you;

  • Your consent (especially for marketing communications);

  • Legal obligations;

  • Legitimate interests (e.g. to improve our website, operate our business, prevent fraud), provided these are not overridden by your rights.

4. How We Use Your Personal Data

We may use your data for:

  • Providing our Services, fulfilling our obligations under contracts with you.

  • Communicating with you: responding to enquiries, scheduling, updates about your project.

  • Processing payments.

  • Managing and improving our Site, including analytics, technical performance monitoring.

  • Marketing communications, if you have opted in.

  • Complying with legal obligations, enforcing our Terms.

5. Sharing Your Data

We may disclose your personal data to:

  • Third-party service providers who help deliver our Services (e.g. contractors, suppliers, installers), under confidentiality and data protection obligations.

  • Payment processors.

  • IT/hosting/website maintenance service providers.

  • Authorities or other parties when required by law (e.g. regulatory or legal processes).

  • In the event of a sale, merger, or restructure of business, your data may be part of that transaction (with required protections).

6. Cookies & Tracking; Other Tools

  • We use cookies and similar technologies (analytics, tracking, etc.) to understand site usage, improve performance, personalise user experience, etc.

  • Where cookies are non-essential (for example analytics or marketing cookies), we will obtain your consent in accordance with Cookies/PECR regulations.

7. Data Retention

We retain your personal data only as long as necessary for the purposes for which it was collected, including fulfilling our contractual obligations, complying with legal obligations, or resolving disputes. Once no longer needed, data will be securely deleted or anonymised.

8. Your Rights under UK Data Protection Law

You have rights in relation to your personal data, including:

  • Right of access: to request a copy of personal data we hold about you.

  • Right to rectification: to have inaccurate or incomplete data corrected.

  • Right to erasure: to request deletion of your personal data, subject to legal or contractual constraints.

  • Right to restrict processing: in certain circumstances.

  • Right to object: especially where processing is based on legitimate interests or for direct marketing.

  • Right to data portability: where applicable.

To exercise any of these rights, please contact us at the contact details above.

9. Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised or unlawful processing, accidental loss, destruction, damage, or disclosure. However, no system is perfect; we cannot guarantee absolute security.

10. Children’s Data

Our Site and Services are not intended for use by children under 13 (or other relevant minimum age). We do not knowingly collect personal data from children. If we become aware we have collected data from someone under the lawful age, we will take steps to delete it.

11. Changes to this Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal obligations, or service offerings. When we do, we will post the revised policy here with the “Last Updated” date. Your continued use of the Site or Services after changes indicates your acceptance.

12. Complaints / Supervisory Authority

If you believe we have not handled your data in accordance with this policy or applicable law, you may contact us (using the contact details above). You also have the right to lodge a complaint with the UK’s supervisory data protection authority:

Information Commissioner’s Office (ICO)