Privacy and cookie policy
ABOUT US
We CORT Business Services UK Limited (“CORT”, “We”, “Us” and “Our”), are a registered company in England (Company no. 06448915) and are committed to protecting your privacy and complying with applicable data protection and privacy laws. This Privacy Notice (“Notice”) is aimed at complying with the United Kingdom’s Data Protection Act 2018, the UK General Data Protection Regulation, and the EU’s General Data Protection Regulation 2016/679 (collectively, the “GDPR”) and is designed to help you to understand what kind of information we collect in connection with our products and services and how we process and use such information. It also sets out your legal rights under GDPR. In this respect, we are the data controller of data we hold about you. This Policy describes how CORT collects, uses, shares, retains and safeguards information.
INFORMATION WE COLLECT ABOUT YOU
In providing you with the services and when responding to your requests for information, we will collect information about you that is considered to be personal data under GDPR Personal data is information relating to an identified or identifiable natural person. Examples include your name, address, contact details, driving licence and national insurance number.
Personal data may also contain information which is called special categories of personal data. This may be information relating to an individual’s racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, health, sex life or genetic make-up. This information is not requested, nor required to enable us to provide furniture rental services.
We also collect personal data about you when you visit our website where we will collect your unique online electronic identifier. This identifier is commonly known as an IP address. We also collect electronic personal data when you first visit our website where we will place a small text file commonly known as a cookie on your computer. Cookies are used to identify visitors and to simplify accessibility, and to monitor visitor behaviour when accessing content, navigating the website and when using features.
If you object to the collection and use of your personal data, we may be unable to provide you with our services.
If you require further information on the personal data we collect, please contact our data privacy representative – Amanda Long, Commercial Manager, via privacy@roomservicebycort.com
WHY AND HOW WE COLLECT YOUR PERSONAL DATA?
We collect personal data from the below sources:
Directly From You – We collect personal data that you provide to us, for example, if you choose to contact us through our contact form or rent or purchase goods and services from us.
From Third Parties – We may collect personal data from third parties including, business partners, subcontractors, advertising networks, analytics providers, credit report agencies, and search information providers, who may provide us with personal data about you.
Through Online Tracking Technologies – We use cookies and similar technologies to collect personal data related to activity on our website.
Our legal basis for processing Personal Data depends on the Personal Data concerned and the context in which we process it. We process Personal Data from you where we need it to perform a contract with you, where the processing is in our legitimate interests (including the purposes described in this Privacy Notice), where the processing is necessary for us to meet our applicable legal obligations, or if we otherwise have your consent.
Special Category Data
CORT does not intend to collect any Special Category Data, which is any data that reveals your racial or ethnic origin, political opinions, religious, moral or philosophical beliefs, trade union membership, political views, the processing of genetic data, biometric data for the purpose of identifying a person, and data concerning health or a person’s sex life and/or sexual orientation. Please refrain from sending us any Special Category Data.
We will retain each category of your personal information for as long as necessary to fulfill the purposes described in this Privacy Notice, unless otherwise required by applicable laws. Criteria we will use to determine how long we will retain your personal information include whether we need your personal information to provide you with our Services you have requested; we continue to have a relationship with you; you have requested information or Services from us; we have a legal right or obligation to continue to retain your personal information; we have an obligation to a third party that involves your personal information; our retention or recordkeeping policies and obligations dictate that we retain your personal information; we have an interest in providing you with personal information about our Services; or we have another business purpose for retaining your personal information.
Please contact our data privacy representative if you object to the use of or you have any questions relating to the use and retention of your personal data. You can opt out of receiving marketing services by emailing privacy@roomservicebycort.com
INFORMATION WE SHARE AND RECEIVE
You should understand we will share and receive personal data relating to you from / with affiliated companies and other third parties. The sharing of information allows us:
• To process client requests which includes affiliated delivery partners where name, delivery address and contact telephone numbers are shared,
• To market our services when we may use a mailing house to mail brochures etc. providing your name and address
• To research and analyse our client base to provide the best possible service using past data of when/where and what and how our clients have used our services in the past.
Data Privacy Framework (DPF)
CORT Business Services Corporation (“CORT”) complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce.
CORT has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. CORT has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern.
Under the Data Privacy Framework, CORT is responsible for the processing of personal data we receive and subsequently transfer to a third party acting for or on our behalf, and CORT is liable for ensuring that the third parties we engage support our DPF commitments.
To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.
Data Privacy Framework Inquiries & Complaints:
In compliance with the EU-U.S. DPF, and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data DPF, CORT commits to resolve DPF Principles-related complaints about our collection and use of your personal data. Individuals with inquiries or complaints regarding our handling of personal data received in reliance on the EU-U.S. DPF, and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data DPF should first contact the CORT Privacy Team at: privacy@roomservicebycort.com
Transfers to Third Parties and Countries
Personal Data that we process may be transferred to third parties that are located outside of the EU, EEA, Switzerland or the UK, some of which applicable authorities may not consider to have an adequate level of protection for Personal Data. CORT will only transfer Personal Data to third parties in these locations when it has ensured appropriate safeguards for such Personal Data through use of the standard contractual clauses or other lawful and approved methods.
When purchasing our services and depending on your payment method, we may share your personal data with credit reference agencies. This is necessary to safeguard our commercial interests. These checks may use automated decision making technologies that will confirm financial status, place of residence, county court judgements and solvency. Please contact our data protection representative, Amanda Long at privacy@roomservicebycort.com if you object to the use of automated decision making technologies or you have encountered problems during previous credit searches.
If you require further information on the data we share, with whom we share it and the reasons why we share personal data, please contact our data protection representative, Amanda Long at privacy@roomservicebycort.com
YOUR RIGHTS
You are provided with legal rights governing the use of your personal data. These rights grant individuals the ability to gain an understanding on what personal data relating to them is being held, for what purpose, how it is collected and used, with whom it is
shared, where it is located, to object to its processing, to take copies of the data and to place restrictions on its processing. You may also request the deletion of your personal data.
These rights are known as data subject rights under the GDPR. The following list details these rights:
• The right to be informed on the personal data being processed
• The right of access to your personal data
• The right to object to the processing of your personal data
• The right to restrict the processing of your personal data
• The right to rectification of your personal data
• The right to erasure of your personal data
• The right to data portability (to receive an electronic copy of your personal data)
• Rights related to automated decision making including profiling
You also have the right to complain to the United Kingdom’s data protection supervisory authority, the Information Commissioner, on any aspect of the processing of your personal data or if dissatisfied with the response you received from us when exercising your Access Rights.
CHANGES TO THIS POLICY
We keep our privacy notice under periodic review. This Policy was last updated in April 2024
HOW TO CONTACT US
If you have any questions about this Policy, the use of your data and your Access Rights please contact our data protection representative, Amanda Long at privacy@roomservicebycort.com or by post at 28 Barwell Business Park, Leatherhead Road, Chessington, Surrey KT9 2NY or by telephone on 0208 397 9344