Privacy Policy
Perfect Dreams — Privacy Policy
Last updated: 18 September 2025
> This Privacy Policy explains how **Perfect Dreams** (“we”, “us”, “our”) collects, uses, shares, and protects your personal data when you visit **perfect-dreams.co.uk** or purchase from us. It also explains your privacy rights and how the law protects you. We are committed to complying with the **UK GDPR** and the **Data Protection Act 2018**.
—
1) Who we are & how to contact us
Business name:** Perfect Dreams Ltd *(trading as Perfect Dreams)*
Registered company name:** \[Perfect Dreams Ltd]
Company number:** 05610757
Registered office / postal address:** \[Full address, United Kingdom]
Email: perfect-dreams@hotmail.co.uk
Telephone: 01492 535566
Data Protection Officer (DPO) / Privacy Lead: Donna Molyneux
We are the **data controller** for personal data described in this policy unless stated otherwise (e.g., when a payment or finance provider acts as a separate controller).
—
2) The data we collect
We may collect and process the following categories of personal data:
* **Identity data**: first and last name, title, date of birth *(if provided)*.
* **Contact data**: billing and delivery address, email address, telephone number.
* **Account data**: login credentials, account preferences, saved addresses.
* **Order & transaction data**: products purchased, order numbers, delivery notes, returns, warranty claims.
* **Payment data**: payment method, last 4 digits of card, transaction IDs. **Full card details are processed by our payment providers**; we do not store them.
* **Finance/credit data (optional)**: information you provide to a finance provider if you choose a finance option (handled directly by that provider).
* **Communications**: emails, live chat, phone recordings *(if applicable)*, support tickets, survey responses, product reviews.
* **Marketing data**: your preferences for receiving marketing from us.
* **Technical data**: IP address, device identifiers, browser type, time zone, cookie IDs, referral URLs.
* **Usage data**: pages viewed, clicks, session duration, search history on our site.
* **CCTV at premises (if applicable)**: recordings for security if you visit our showroom/warehouse.
We do **not** intentionally collect special category data (e.g., health information) or data about children.
—
3) How we collect your data
Direct interactions: when you create an account, place an order, contact us, or subscribe to marketing.
Automated technologies: via cookies and similar technologies when you browse our site.
Third parties: payment providers, finance providers, couriers, address verification services, analytics and advertising partners, review platforms, and social media platforms (when you interact with our pages/accounts).
4) How we use your data & lawful bases
We will only use your personal data where the law allows. The table below summarises purposes and lawful bases:
Purpose Examples Lawful basis
Process and deliver your order take payment, provide invoices, deliver goods, arrange assembly/old‑item removal Contract (performing our contract with you)
Customer service respond to queries, warranty support, returns/refunds Contract; Legitimate interests (to run our business and assist customers)
Account management create/manage your account, authentication, fraud prevention Legitimate interests; Contract
Safety & fraud prevention security monitoring, chargeback prevention Legitimate interests; Legal obligation
Marketing email/SMS newsletters, personalised offers, cart reminders Consent (where required); Legitimate interests (for existing customers)
Reviews & surveys invite you to review purchases Legitimate interests (to improve products/services)
Analytics & site improvement measure usage, fix bugs, enhance performance Legitimate interests
Legal & compliance tax/VAT accounting, record‑keeping, responding to lawful requests Legal obligation
Where we rely on consent, you can withdraw it at any time (see §10 and §12).
5) Payments & finance options
Payments are processed by third‑party providers (e.g., Stripe, PayPal, or similar). These providers act as independent controllers for your payment data and process it under their own privacy notices. We receive limited payment metadata (e.g., success/failure, transaction ID).
Finance options (if offered) are provided by third‑party finance providers (e.g., [Klarna], [Clearpay], [PayPal Credit]). If you choose a finance option, you will be redirected to that provider who will process your data as a controller. Please review their privacy notices before applying.
6) Cookies, analytics & similar technologies
We use cookies and similar technologies (e.g., pixels) to run our website, remember your basket, and measure performance. Where required by law, we will ask for your consent via our cookie banner.
See our Cookie Policy for detailed information about the cookies we use, their purposes, and how to manage preferences.
You can change your cookie settings at any time via the Cookie Preferences link in the footer (or your browser settings).
Disabling certain cookies may affect site functionality (e.g., checkout).
7) Sharing your data
We share personal data with trusted recipients, including:
Service providers (processors) who provide: hosting, e‑commerce platform, payment processing, email/SMS services, customer support tools, analytics, marketing and advertising tools, review platforms, IT/security services, and fulfilment/warehouse partners.
Delivery/courier companies to deliver your orders and arrange collections/returns.
Professional advisers (lawyers, accountants, auditors) and insurers.
Authorities where required by law or to protect our rights.
Business transfers: if we sell, merge, or reorganise our business, data may be transferred as part of the transaction.
We require processors to process your data only on our instructions and to implement appropriate security measures.
8) International transfers
Some recipients may be located outside the UK/EEA. Where we transfer personal data internationally, we ensure an appropriate safeguard is in place, such as:
Adequacy regulations (UK adequacy decisions), or
Standard Contractual Clauses (SCCs) and, where required, the UK Addendum/IDTA, plus supplementary measures.
You can contact us for a copy of relevant safeguards applicable to your data (redactions may apply).
9) Data retention
We keep personal data only for as long as necessary for the purposes set out in this policy, including to satisfy legal, accounting, or reporting requirements. Typical retention periods:
Orders & invoices: 6 years from the end of the financial year (HMRC requirements).
Customer service records: up to 6 years after resolution.
Marketing data: until you unsubscribe or your consent is withdrawn, or after a period of inactivity (we will periodically refresh consents).
Cookie identifiers: per the durations listed in our Cookie Policy.
We will securely delete or anonymise data once retention periods expire.
10) Your rights
Under UK data protection law, you have the right to:
Access your personal data.
Rectify inaccurate or incomplete data.
Erase (delete) your data in certain circumstances.
Restrict processing in certain circumstances.
Data portability (receive your data in a structured, commonly used format and transfer it to another controller).
Object to processing based on legitimate interests or direct marketing.
Withdraw consent where processing is based on consent.
Lodge a complaint with the Information Commissioner’s Office (ICO) (see §13).
How to exercise your rights: Email perfect-dreams@hotmail.co.uk with your request. We may ask for information to verify your identity. We will respond within one month (extendable by two months for complex requests, we will notify you if so).
11) Marketing
We will only send you direct marketing (email/SMS) where permitted by law: either with your consent or under the soft opt‑in for existing customers.
You can opt out at any time by clicking Unsubscribe in marketing emails or contacting us.
If you opt out, we may still send service communications (e.g., order updates, policy changes).
12) Security
We use appropriate technical and organisational measures to protect personal data, including encryption in transit (HTTPS), access controls, and staff training. However, no system is completely secure; please notify us immediately if you suspect any misuse or unauthorised access to your data.
13) Complaints
You can make a complaint to us using the contact details in §1. You also have the right to complain to the Information Commissioner’s Office (ICO):
Website: ico.org.uk
Telephone: 0303 123 1113
Address: Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
14) Children
Our website and products are not intended for children. We do not knowingly collect data relating to children.
15) Third‑party links
Our website may include links to third‑party websites, plug‑ins, or apps. Clicking those links may allow third parties to collect or share data about you. We are not responsible for their privacy policies.
16) Changes to this policy
We may update this policy from time to time. The Last updated date at the top will be revised, and significant changes will be highlighted on our website where appropriate.
Cookie Policy (separate document)
For details of the cookies and similar technologies we use, please refer to our Cookie Policy: [link to your cookie policy or cookie‑preferences manager].
Note: This policy is a general UK‑compliant template for an e‑commerce retailer of beds, mattresses, and bedroom furniture. It is not legal advice. Please have a qualified adviser review and tailor it to your actual providers (e.g., payment, analytics, advertising, courier, finance).