Legalentity: GT EXPERTS LTD (trading as “GT Studio”)
Effective date: March 15, 2025
Website:
Data controller: GT EXPERTS LTD (trading as GT Studio)
Contact email:
Registered office: 82a James Carter Road, Mildenhall, United Kingdom, IP28 7DE
Company number: 16373061
GT EXPERTS LTD (“GT Studio”, “we”, “us”, “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and share your personal data when you use the GT Studio website and our services. This Policy is intended to comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This is a general template and does not constitute legal advice. You should ask a UK data/privacy lawyer to review it before publishing.
1) Who we are
For the purposes of data protection laws, GT EXPERTS LTD (trading as GT Studio) is the data controller of your personal data collected through the Website.
2) What this Privacy Policy covers
This Policy applies when you:
• visit or use our website GT Studio;
• contact us via forms, email, phone, or social media;
• request or receive our interior design services;
• create an account on our Website (if available);
• upload files or other content to our Website;
• make a payment to us online.
It does not apply to third-party websites or services you may access via links on our Website.
3) Personal data we collect
The personal data we collect depends on how you interact with us. We may collect the following:
3.1 Information you provide to us directly
For example, when you fill in forms, contact us, book a service, upload files, or make a payment, we may collect:
• Contact details: name, email address, phone number, postal address.
• Project details: property address, style preferences, budget, room measurements, photos, mood boards, floor plans, inspiration images and other User Content relating to your interior design project.
• Payment details: billing address and payment-related information (note: actual card/payment details are generally handled by ou rpayment provider, not stored by us directly).
• Communication history: emails, messages, notes of phone calls or meetings.
3.2 Information we collect automatically
When you use the Website, we may automatically collect:
• Technical data: IP address, browser type and version, device information, operating system, time zone, approximate location (country/city level).
• Usage data: pages visited, time and date of visits, referral sources, clicks, scrolls, and other interactions with the site.
3.3 Information from third parties
We may receive information about you from:
• Payment providers (e.g. payment confirmation and status).
• Marketing or referral partners (e.g. if you were referred to us).
• Social media platforms when you interact with our profiles/pages. We only obtain this information where it is lawful to do so.
4) Children
Our Website and services are not intended for children under 16 and we do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us so we can delete it.
5) How we use your personal data and legal bases
We process your personal data only where we have a lawful basis under UK GDPR. These bases typically include: performance of a contract, legal obligation, consent, and our legitimate interests.
5.1 To respond to enquiries and provide services
• To respond to your messages and enquiries.
• To prepare proposals, quotes and design concepts.
• To provide our interior design services and manage yourproject.
Legal basis: performance of a contract or steps taken at your request before entering into a contract, and our legitimate interests in running and growing our business (where not overridden by your rights).
5.2 To process payments and manage billing
• To take payment for consultations, deposits, retainers, or packages.
• To issue invoices and receipts and maintain financial records.
Legal basis: performance of a contract and compliance with legal obligations (tax and accounting).
5.3 To improve and secure our Website and services
• To monitor and analyze Website usage.
• To troubleshoot, test, and improve our Website and user experience.
• To maintain security and prevent fraud or misuse.
Legal basis: our legitimate interests in maintaining and improving our services and ensuring security.
Legal basis: your consent (where required) and our legitimate interests in promoting our services to existing or potential business customers (where permitted by law).
5.6 Legal and regulatory purposes
• To comply with legal obligations (e.g. tax, accounting, regulatory requirements).
• To establish, exercise or defend legal claims.
Legal basis: compliance with a legal obligation and our legitimate interests in protecting our business and legal rights.
6) How we share your personal data
We do not sell your personal data. We may share it with:
6.1 Service providers (processors) Trusted third-party providers who help us operate our business and Website, for example:
• Website hosting and IT support;
• Payment processing services;
• Email, CRM, and communication tools;
• Cloud storage and project management tools;
• Professional advisers (e.g. accountants, lawyers).
They process your data only on our instructions and are bound by confidentiality and data protection obligations.
6.2 Professional advisers and authorities
We may share data where reasonably necessary with:
• Lawyers, accountants, insurers, or other professional advisers;
• Law enforcement or regulatory authorities where required by law or to protect our rights or the rights of others.
6.3 Business transfers
If all or part of GT EXPERTS LTD or its assets are sold, merged, or reorganised, personal data may be transferred as part of that transaction, subject to appropriate safeguards.
7) International data transfers
Some of our service providers may be located outside the UK (and/or the European Economic Area). If your personal data is transferred internationally, we will ensure appropriate safeguards are in place, such as:
• An adequacy decision from the UK government; or
• Standard contractual clauses or other legally recognised safeguards.
You can contact us for further details of current safeguards.
8) How long we keep your data
We keep personal data only for as long as necessary for the purposes described in this Policy, including:
• For as long as you have an active relationship or account with us;
• For project files and communications, typically for 3 years after project completion (adjust to your practice);
• As required for legal, accounting, or reporting obligations.
After this period, we will securely delete or anonymise your data, unless a longer retention period is required or permitted by law.
9) How we protect your data
We take appropriate technical and organisational measures to protect your personal data, including:
• Access controls and authentication;
• Encryption or pseudonymisation where appropriate;
• Regular backups and monitoring;
• Staff awareness and confidentiality obligations.
However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.
10) Yourrights under UK data protection law
Under the UK GDPR, you have certain rights in relation to your personal data (subject to conditions and exceptions). These include theright to:
10.1 Right of access
To obtain confirmation whether we process your personal data and to request a copy of it.
10.2 Right to rectification
To have inaccurate or incomplete personal data corrected.
10.3 Right to erasure (“right to be forgotten”)
To request deletion of your personal data where there is no good reason for us to continue processing it (for example, where it is no longer needed, or you withdraw consent where consent was the legal basis).
10.4 Right to restrict processing
To request that we restrict the processing of your personal data in certain circumstances (e.g. while we check accuracy or respond to an objection).
10.5 Right to data portability
To receive certain personal data in a structured, commonly used, machine-readable format and/or request that we transmit it to another controller (where technically feasible).
10.6 Right to object
To object to processing based on our legitimate interests, and to direct marketing at any time (including profiling related to direct marketing).
10.7 Right to withdraw consent
Where we rely on your consent, you can withdraw it at anytime, without affecting the lawfulness of processing before withdrawal.
10.8 Right to lodge a complaint
You have the right to complain to a supervisory authority if you are unhappy with how we handle your personal data. In the UK, this is the Information Commissioner’s Office
(ICO):
Website: https://ico.org.uk/
Phone (UK): 0303 123 1113
We encourage you to contact us first so we can try to resolve your concerns.
Our Website may contain links to websites or services owned and operated by third parties. We are not responsible for the privacy practicesor content of those sites. You should review their privacy policies beforeproviding them with personal data.
11) Third-party links
Our Website may contain links to websites or services owned and operated by third parties. We are not responsible for the privacy practices or content of those sites. You should review their privacy policies before providing them with personal data.
12) Changes to this Privacy Policy
We may update this Privacy Policy from time to time. The most current version will always be posted on our Website with the “Effective date” at the top. Significant changes may be notified to you by email or via the Website where appropriate.Your continued use of the Website after any changes indicates your acceptance of the updated Policy.
