Security + Privacy

Privacy Policy

twentytwentyone respects your privacy rights and recognises the importance of protecting the information we collect about you. Therefore we have adopted a Privacy Policy that informs how we collect, store and use the information that you provide us with. We only use this information lawfully and in accordance with the Data Protection Act 1998. (This policy applies only to sites maintained by twentytwentyone and not to websites maintained by other companies or organisations to which we provide links to.)

By using this website you acknowledge that you have been informed that we collect, use and disclose your personal information in accordance with this Policy.

This Policy should be read in association with the Terms and Conditions of use of the website. If you have any questions regarding this Policy, please contact our Privacy Officer at privacy@twentytwentyone.com.

To process your Personal Data lawfully we need to identify one or more valid legal grounds. The grounds we may use include:

If you are a customer, processing your Personal Data is necessary for the creation and completion of a contract.

If you consent to particular processing activities, for example, when you provide consent for us use your information for marketing purposes, eg. receiving our newsletter.

Our legitimate interest as a business, for instance, it is within our legitimate interests to use your Personal Data to identify or prevent fraud on our website.

Our compliance with a legal obligation, for example, we have a duty to investigate complaints made against us and may be required to process your Personal Data as part of these investigations.

The personal information we hold

twentytwentyone only collects personal information from our online visitors on a voluntary basis. Visitors purchasing goods and services online will need to provide a valid credit or debit card number and expiration date, in addition to their name, delivery and billing address, telephone number (your telephone number may be given to our courier), email address, location data and any other Personal Data collected via registration or placing an order on the website. Credit or debit card details are held by SagePay and are not visible to us.

We will store this data and hold it on computers or in manual files then use this information to process, fulfil and to let you know the status of your order. To provide some of our services, we may require further information from you.

We may also collect information about where you are on the internet (eg the URL you came from), your browser type, the country and telephone area code where your computer or devise is located, the pages of our website that were viewed, the advertisements you engaged with and search terms that you entered during your visit. We may collect this data even if you do not register with twentytwentyone.

How this information may be used

When you register with twentytwentyone for an account or for our newsletter you will be asked to provide personally identifiable information. We use this information to process your online orders, to send you marketing and promotional materials by e-mail, and to help us improve our website, products and services. All personal data is stored securely in accordance with the Data Protection Act 1998.

If you would prefer not to receive newsletters from twentytwentyone, please contact us on mail@twentytwentyone.com, alternatively, an unsubscribe link is included in every twentytwentyone email.

Your personal details will only be shared with other reputable third parties for the purpose of processing your order. twentytwentyone requires all such third parties to treat your personal data as fully confidential and to comply with all applicable UK Data Protection or Consumer Legislation.

Our website uses Google Analytics to collect information about how a visitor uses our website. This data is made anonymous at the point of collection. Please refer to their website to read their Privacy Policy: https://www.google.com/analytics/terms/gb.html

Sage Pay Europe Limited is used as our online payment gateway. Please refer to their website to read their Privacy Policy: https://www.sagepay.co.uk/policies/privacy-policy

Olark is used as a customer services live web-chat feature on our website. Olark is based in the United States and is therefore subject to the United States laws regarding Privacy and the use of Personal Data. Please refer to their website to read their Privacy Policy: https://www.olark.com/privacy-policy

Third Party Sites

Our site may contain links to and from the websites of other third parties. Please note that these websites have their own privacy policies that we recommend you read before submitting any personal information to their sites, as we do not accept any responsibility or liability for these policies.

Your rights in relation to your information

Data protection law provides you with various rights, including the right to access, rectify and object to the processing of your personal data. You also have the right to lodge a complaint with the relevant data protection authority if you believe your Personal Data is not being processed in accordance with the data protection law.

You may request full disclosure of the Personal Data held by our website. If you would like to make a Subject Access Request (SAR) please do so by writing to our Privacy Officer. The request should state that a SAR is being made. You may be required to provide proof of identity and a fee. You may also request that we update any inaccurate Personal Data that we hold. (Contact details are provided at the end of this policy).

You have the right to withdraw consent to the processing of your Personal Data at any time when consent is required. This withdrawal will not affect the lawfulness of data processing based on your previous consent. Please note that you may not be able to benefit from certain website functions for which the processing of Personal Data is fundamental. You also have the right to object to the processing of Personal Data and may request that we stop. You may request that we erase your Personal Data and we will comply unless there is a lawful reason not to.

If you wish to lodge a complaint in relation to the processing of your Personal Data, we would ask that you contact us, however, you have the right to contact the supervisory authority directly. To contact the Information Commissioner’s Office, please visit the ICO website for instruction.

Safeguarding personal information

We will only collect personal data to serve our legitimate business needs, and we will maintain safeguards to ensure the privacy and security of the information you have provided. We reserve the right to make changes to this policy (effective immediately on publication). Please check back from time to time to ensure you are aware of any changes.

Your Personal Data will be retained until your last use of the website and will be held for a period of seven years unless a longer retention is required by law or we have a legitimately lawful reason to do so. We will not hold your Personal Data beyond this period as long as it is no longer required for the purposes laid out in this policy. We may keep an unidentifiable version of your Personal Data for statistical purposes, that we have a legitimate and lawful interest in without time limits.

Cookies

This website uses cookies to collect information about how visitors use the site, we do this to better understand our customer, to ensure our content is relevant and it allows us to improve the website. A cookie is a small information file that is stored on your browser or hard drive of your computer or device if you agree to their use. It will recognise your device on future visits to our site, but please note it cannot harm your computer. We don’t store personally identifiable information such as credit card details, but we do use the encrypted information to help improve your experience.

Cookies can be first or third party cookies. First party cookies are set by the website you are visiting and placed on your computer or device. Third-party cookies are placed on your computer through the website by third parties, such as Google or social networks.

The cookies that we could use are defined by the following categories:

Strictly necessary cookies. These cookies are required for the operation of the website, they include cookies that enable you to log in to the website and remember the items in your shopping basket.

Analytical/performance cookies. These cookies collect anonymous information on how visitors use our site. They allow us to count the number of visitors and how they navigate the site and where they come from. For example, we use Google Analytics cookies to understand how customers browse our site and highlight areas for improvement. This data is collected via a JavaScript tag in the pages of our site, it does not collect or store personal information (eg name or address) so cannot be used to identify you. You can read Google Analytics privacy policy here: https://www.google.com/analytics/terms/gb.html

Functionality cookies. These cookies are used to recognise you when you return to our website. They allow us to remember preferences, such as username and allow us to provide more personalised content for you.

Targeting cookies. These cookies record your visit to the website, the pages you have visited and the links you have followed. They allow us and our advertisers to deliver more relevant content to you. These are persistent cookies which will be stored on your device until their expiration or they are manually deleted.

Social media cookies. These cookies allow you to connect with social media networks such as Facebook, Twitter, Instagram and Pinterest. These are also persistent cookies which will be stored on your device until their expiration or they are manually deleted. You should also check the respective policies of each of these sites to see how they use your information.

When you arrive on our website a pop-up message will appear notifying you that our website uses cookies, if you do not accept, it is possible you may lose some site functionality. If you wish to retract consent, you can do so at any time by altering your browser settings to clear and block cookies from being stored on your computer or device. Your browser ‘help’ section will normally provide information on how to manage cookies. For further details please visit www.allaboutcookies.org and www.youronlinechoices.com/uk/

Security Policy

Internet security technology

When you place an order with us using our secure online order form and web browser, the order is encrypted. The use of SSL encryption scrambles data sent from the browser to the twentytwentyone.com server in a way that only twentytwentyone can access. We also use fraud checking systems to verify your identity.

Checking your browser security

You will notice that when you look at the location (URL) field at the top of the browser it begins with https: instead of the normal http: This means that you are in secure mode. You can also verify the security of a document by checking the security icon at the bottom-right hand corner of your browser (usually a lock and key padlock or a solid gold key depending on your browser and version). This is your assurance that your browser and server are communicating securely. All information transmitted on our secure online order form is encrypted while in transit, so that even if the information is intercepted because it is encrypted, it is useless to anyone. When our Secure Payment Server has received your credit card information it is sent directly and encrypted to the Sage Pay server and will never be stored or saved at the twentytwentyone website.

Security of your personal data is of highest priority to us. This is why we have utilised encryption technology to guarantee unauthorised parties have no access to personal and credit card details as they are passed over the internet. This has been independently verified.                                             

Contact

twentytwentyone Ltd. is registered in England as twentieth century design ltd. No. 3174958 (Head Office and Showroom)

twentytwentyone Ltd. (at the address below) is the data controller for the purpose of the Data Protection Act 1998.

For any further questions or feedback regarding our Privacy Policy or Security Policy, or if you would like us to stop processing your information, please contact our Privacy Officers who will be delighted to assist you.

Contact Privacy Officer:

Email: privacy@twentytwentyone.com
Call: 020 7837 1900

Or write to us at:

twentytwentyone
18c River Street,
London,
EC1R 1XN

(Available weekdays 9.30am – 17.30pm)

Close
Product Successfully Added To Your Wishlist
Loading