P R I V A C Y P O L I C Y

We respect your privacy and are committed to protecting your personal information. This policy outlines what data we collect, how we use it, and how we keep it secure. We only collect information that is necessary to provide our services, respond to enquiries, and improve your experience. We do not sell or share your data with third parties for marketing purposes. You have the right to access, update, or request deletion of your information at any time. Please read the full policy below for detailed information about how your data is handled.

  • San Stae is committed to protecting your privacy and ensuring that your personal data is handled securely and in compliance with the UK General Data Protection Regulation (UK GDPR). This Privacy Policy explains how we collect, use, and protect your personal data when you interact with us, including through our website, client services, and newsletter.

  • We collect and process the following types of personal data: Clients & Enquiries, including name, email, phone number, project details, and correspondence; Suppliers & Business Contacts, including name, business details, contact information, and records of communication; Website Visitors, including IP addresses, browsing data, and cookies; and Newsletter Subscribers, including name and email address.

  • We process personal data for the following purposes: to provide interior design services and manage client relationships, to communicate with suppliers and business contacts, to improve our website through analytics tracking, to send newsletters and updates (with your consent), and to comply with legal and regulatory obligations.

  • We process your personal data based on the following lawful grounds: Contractual Necessity, when processing data to fulfil a contract (e.g., client projects, supplier agreements); Legitimate Interests, for business operations, client communication, and website analytics, where privacy rights are not overridden; and Consent, for sending newsletters and using non-essential cookies (you may withdraw consent at any time).

  • We do not sell or share your personal data with third parties unless required by law or necessary to provide our services. We use secure systems to store and manage personal data, with access limited to authorised personnel. Third-party service providers (e.g., Brevo, Google Drive, etc.) are carefully selected to comply with GDPR standards.

  • We retain personal data only for as long as necessary to fulfil our business and legal obligations. Client and supplier data is reviewed periodically and deleted when no longer required.

    If a data breach occurs, we will assess the impact and, if necessary, report it to the Information Commissioner’s Office (ICO) within 72 hours. Affected individuals will be informed where required.

A D D I T I O N A L I N F O R T M A T I O N

This section provides further detail about how we use cookies, your rights regarding your personal data, and how you can manage or update your information. We use cookies to enhance your browsing experience and understand how our website is used. You have the right to access, correct, or request deletion of your personal data, as well as to withdraw consent where applicable. We also outline the steps you can take to protect your information and how to contact us if you would like to make changes.

  • We take data security seriously and have implemented appropriate technical and organisational measures to protect personal information from unauthorised access, misuse, loss, or disclosure.

    All employees and freelancers are bound by strict confidentiality obligations within their contracts. Access to personal and customer account information is restricted to authorised individuals who require it to perform their specific roles and responsibilities.

    Our systems are protected through secure login credentials, including unique usernames and password controls. Where applicable, we apply industry best practice security measures to safeguard debit and credit card information, including the use of secure processing systems and encrypted connections.

    We regularly review our security procedures to ensure they remain robust and aligned with current best practice standards.

  • Under the UK GDPR, you have the following rights including but not limited to:
    1. Access - to request a copy of your personal data;
    2. Correction - to request corrections to inaccurate data;
    3. Erasure - to request deletion of your personal data where applicable;
    4. Objection - to object to processing based on legitimate interests or direct marketing;
    5. Data Portability - to request a transfer of your data to another service provider;
    6. Withdraw Consent - to unsubscribe from our newsletter or opt-out of cookies.

    To exercise these rights, please contact us at studio@sanstae.com

  • We use cookies to help improve your experience on our website and to understand how it is used. Essential cookies are necessary for the website to function properly, such as enabling page navigation, security, and access to certain features. These cookies cannot be switched off.

    We also use non-essential cookies, including analytics cookies, to collect information about how visitors interact with our website. This helps us improve performance, content, and user experience. Non-essential cookies will only be placed on your device with your consent.

    You can manage, block, or delete cookies at any time through your browser settings. Please note that disabling certain cookies may affect how the website functions.

  • We may update this Privacy Policy periodically. The latest version will always be available on our website.

  • If you have any questions about this Privacy Policy, your personal data, or how your information is handled, please contact us at studio@sanstae.com. We will respond to all privacy-related enquiries promptly and in accordance with applicable data protection laws.