Privacy Policy

1. Who We Are

MAHDI LIVERPOOL LTD (Company Registration Number: 13876403) is a carpet and flooring retailer based in Liverpool, United Kingdom. We are the data controller responsible for your personal information. Our registered office is located at 32 Lawrence Road, Liverpool L15 0EG, United Kingdom.

If you have any questions about this Privacy Policy or how we handle your data, please contact our Data Protection Officer at info@mahdicarpets.co.uk or write to us at our registered address.

2. What Personal Data We Collect

We may collect and process the following categories of personal data:

• Contact Information: Your name, address, email address, and telephone number.
• Communication Data: Records of our correspondence with you, including emails, phone calls, and messages sent through our website.
• Transaction Data: Details of products and services you have purchased from us, including payment information (processed securely through our payment providers).
• Technical Data: IP address, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access our website.
• Usage Data: Information about how you use our website, products, and services.
• Marketing Preferences: Your preferences in receiving marketing communications from us.
• Property Information: Details about your property (room dimensions, flooring requirements) necessary for providing quotes and installation services.

3. How We Collect Your Data

We collect personal data through various methods:

• Direct Interactions: When you fill in forms on our website, correspond with us by post, phone, email, or otherwise, or visit our showroom.
• Automated Technologies: As you interact with our website, we may automatically collect Technical Data about your equipment, browsing actions, and patterns using cookies and similar technologies.
• Third Parties: We may receive personal data about you from analytics providers such as Google, advertising networks, and search information providers.

4. How We Use Your Personal Data

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

• Contract Performance: To perform the contract we are about to enter into or have entered into with you, including processing your orders, arranging deliveries, and providing installation services.
• Legitimate Interests: To manage our relationship with you, improve our products and services, recommend relevant products, and keep our records updated.
• Legal Compliance: To comply with legal obligations, such as maintaining records for tax purposes.
• Consent: Where you have provided consent, to send you marketing communications about our products, special offers, and events.

5. Data Sharing and Third Parties

We may share your personal data with the following categories of recipients:

• Service Providers: Companies that provide services on our behalf, such as payment processing, delivery services, IT support, and marketing agencies. These providers are contractually bound to protect your data.
• Professional Advisors: Including lawyers, bankers, auditors, and insurers who provide consultancy, banking, legal, insurance, and accounting services.
• Regulatory Authorities: HM Revenue & Customs, regulators, and other authorities who require reporting of processing activities in certain circumstances.
• Installation Partners: Trusted fitting contractors who perform installation services on our behalf, limited to the information necessary to complete the work.

We do not sell your personal data to third parties for marketing purposes.

6. Data Security

We have implemented appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorized way, altered, or disclosed. These measures include:

• Encryption of data in transit and at rest where appropriate
• Regular security assessments and penetration testing
• Access controls and authentication procedures
• Staff training on data protection and security
• Secure disposal of physical records

In the event of a personal data breach, we will notify you and any applicable regulator when we are legally required to do so.

7. Data Retention

We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

Generally, we retain customer data for 7 years after your last interaction with us, in line with UK tax and accounting requirements. Marketing data is retained until you withdraw your consent or unsubscribe.

8. Your Legal Rights

Under data protection laws, you have rights in relation to your personal data, including:

• Right to Access: Request a copy of the personal data we hold about you.
• Right to Rectification: Request correction of inaccurate or incomplete data.
• Right to Erasure: Request deletion of your personal data in certain circumstances.
• Right to Restrict Processing: Request limitation of how we use your data.
• Right to Data Portability: Receive your data in a structured, machine-readable format.
• Right to Object: Object to processing based on legitimate interests or direct marketing.
• Right to Withdraw Consent: Withdraw consent at any time where we rely on consent to process your data.

To exercise any of these rights, please contact us using the details provided in Section 1. We will respond to all legitimate requests within one month.

9. Cookies and Tracking

Our website uses cookies and similar tracking technologies to distinguish you from other users, provide a better browsing experience, and improve our site. Cookies are small text files stored on your device.

We use:

• Essential Cookies: Necessary for the website to function properly.
• Analytical/Performance Cookies: Allow us to recognize and count visitors and see how they move around our website.
• Functionality Cookies: Enable the website to provide enhanced functionality and personalization.

You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. However, if you disable or refuse cookies, some parts of our website may become inaccessible or not function properly.

10. International Transfers

We do not transfer your personal data outside the United Kingdom or European Economic Area. If this changes in the future, we will ensure appropriate safeguards are in place to protect your data.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. Any changes will be posted on this page with an updated revision date. We encourage you to review this policy periodically.

Last updated: March 2024

12. Complaints

If you have any concerns about our use of your personal data, you can make a complaint to us using the contact details above. You also have the right to complain to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues, at www.ico.org.uk.