Last updated on 1 February 2023
We are dedicated to safeguarding and preserving your privacy when visiting our Website or communicating with us through any means of communication.

This Privacy Notice (‘Notice’) provides an explanation about what happens to any Personal Data (‘Data’) that you provide to us or that we collect from you.

By continuing to use our Website, inquiring about and using our decorating, construction and related services (‘Services’), requesting fee quotes, interacting with us on any of our social media platforms, and/or by dealing with us in any manner, you agree to our terms and conditions (insert link) (‘Terms of Business’) and this Privacy Notice for the collection and processing of your Personal Data.

This Privacy Notice sets out our use of any and all data collected by us in relation to your use of our website, (‘Website’). The Website is operated by Sultan Decorators Ltd (‘Sultan Decorators’, ‘we’,’us’, ‘our(s)’, ‘ourselves’).

For the purposes of processing your Personal Data, we are the Data Controller (as defined under Article 4(7) of the Regulation (EU) 2016/679 (General Data Protection Regulation) (‘GDPR’) and Article 4(7) UK GDPR), i.e., Data Controller means the natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of processing the Personal Data. Personal Data (‘Data’) shall have the meaning given to it under Article 4(1) of the GDPR 2016/679 and UK GDPR, and which is more particularly defined in this Privacy Notice below.

This Privacy Notice should be read in conjunction with our disclaimers and Terms of Business. We may amend or update this Notice from time to time and will publish revised versions on this Website. We reserve the right to alter and make changes to this Notice at our sole discretion, and we therefore request all users to regularly refer to our Privacy Notice for updates and variations.

This notice covers the following:

  • Who is the person responsible for the management of your Personal Data?
  • What Personal Data do we need/receive?
  • What are the sources of collection of Personal Data?
  • How do we use your Personal Data?
  • Children’s Privacy
  • What are the Lawful Bases for processing your Personal Data?
  • Who may use your Personal Data?
  • Social Media
  • How do we store and transfer your Personal Data?
  • For how long do we store your Personal Data?
  • Use of Cookies
  • Change in Terms of Privacy
  • Third party links
  • Your rights
  • Contact us
  • Complaints
Who is the person responsible for the management of your Personal Data?

As a business operating in the United Kingdom, we are registered with the Information Commissioner’s Office (ICO), as Data Controllers under registration number ZB497499.

The person responsible for data protection is Diana Voxerbrant. For any queries relating to the management of your Personal Data, please do not hesitate to send us an email at or by calling us on +447747790184.

What Personal Data do we need/receive?

‘Personal Data’ has been defined under the GDPR (EU and UK) as ‘any information relating to an identified or identifiable natural person (‘data subject’). An identifiable natural person is one who can be identified, directly or indirectly, in particular, by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person’.

Any references to ‘Personal Data’ in this Notice therefore means information about living individuals, which, alone or in conjunction with other information held by us, is capable of identifying them. The GDPR 2016/679, the UK GDPR, The Data Protection Act 2018 and any other national implementing legislation relating to data protection in the UK, regulate our use of your Personal Data (collectively ‘Applicable Data Protection Law’).

In order to provide our Services or for the purposes of conducting our business, we may need the following Data from the individuals we are dealing with (‘you’, ‘yours’, ‘yourself/yourselves’).

  • We have tried to cover categories of Data that we generally require while providing Services to our
    clients or for the purposes of operating our business. However, this is not an exhaustive list.
  • Identity Data, such as your full name, date of birth, and for employment purposes, your
    National Insurance Number and proof of identity
  • Contact Data, such as your electronic address, physical address and/or contact telephone
  • Financial Data, such as your bank account and payment card details
  • Transaction Data, such as details about payments between us and other details of purchases
    made by you
  • If you are a company, the company registration number and registered office address
  • Your website
  • Details of your visits to our Website and the resources that you access, including but not limited to, traffic data, location data, usage data, technical data, time zone settings, hardware information, weblogs and other communication data
  • Usage Data, such as information about how you use our Services
  • Clickstream data, including where users navigate to our site to and from, and any searches users make on or relating to our website
  • Marketing and Communications Data, including any other information that you provide to us by filling out forms on our Website, such as when you request a fee quote or leave a comment on our blog
  • Profile Data such as your request of Services, your interests, preferences, feedback, and survey responses
  • Any other information provided to us when you communicate with us for any reason
  • Your social media account details if you follow us on or communicate with us via social media
  • Transactional information such as the Services you are interested in or your purchasing requirements
What are the sources of collection of Personal Data?

We may obtain Personal Data from you when you contact us or get in touch with us via our Website or when you or your organisation correspond with us through any means of communication. This includes Personal Data you provide to us when you:

  • Contact us with a question or query via email at, telephone at +44 7747790184 or fill our quote request form available on our Website (‘Quote Request Form’)
  • Ask us to provide our Services to you
  • Ask us to collaborate with you on an assignment
  • Contact us or authorise anyone to contact us about employment or apprenticeships at Sultan Decorators
  • Contact us to provide us your services or goods
  • Correspond with us to submit any complaints that you may have
  • Correspond with us to address any complaints we may have raised
  • Register for a seminar, webinar, event or networking where information is shared between fellow members
  • Attend events and provide our staff with your personal information, business cards or contact details
  • Deal with us when we are providing Services to our clients (which may be you, your dependent, your organisation or a third party)
  • Submit identity documents directly to us or to third party agencies commissioned by us to collect your Data for the purposes of carrying out identity checks and due diligence. (Where we have commissioned a third party to collect your Personal Data on our behalf, we shall continue to remain the Data Controller)
  • Connect with us on social media platforms or join groups created and administered by us on social media

We may also collect and retain Personal Data that is:

  • obtained from public sources about you or your organisation, which includes all information available on your website, the Companies House, or other publicly available resources, including without limitation online sources accessible through Search Engine Optimisation searches
  • obtained from third parties that may include our clients, professional regulators, public bodies, and other entities, including providers of analysis, screening and database services who have a right to disclose this information to us, and
  • relating to whether our contacts read electronic correspondence from us or click on links we send them.
  • relating to your equipment, browsing actions and usage patterns and is automatically collected when you are using our Website by enabling the use of cookies, server logs and similar technologies. Please see our cookie policy for further details
How do we use your Personal Data?

The information that we collect and store relating to you is primarily used to enable us to provide our Services to you. In addition, we may use the information for the following purposes:

  1. a) To provide you with information requested from us relating to our Services.
    b) To provide information on other services, fee quotes, offers and updates which we feel may be of interest to you, where you have consented to receive such information.
    c) To meet our contractual commitments to you such as the delivery of our Services to you.
    d) To carry out ‘Know Your Customer’ checks, credit-worthiness checks and/or any other background checks as part of our due diligence that we may be required to undertake by a regulatory body or for the purposes of our business
  2. e) To notify you about any changes to our Website, such as improvements or changes to our
    f) To notify you about any changes to our Terms of Business and/or Privacy Notice
    g) To manage client relations, such as asking you to leave a review, take a survey or inviting you
    organised events, webinars, and seminars.
    h) To carry out research, including market research, statistical research on site traffic, sales and
    other commercial information to assist us in improving the Services we provide to you and to
    improve our Website
    i) To administer our Website and carry out system and security updates
    j) To comply with our information storage obligations (please refer to sections ‘How do we
    store and transfer your Personal Data?’ and ‘For how long do we store your Personal Data?’
    for more information)
    k) For internal use such as governance, quality control and improvement, monitoring and
    l) If you are an existing customer, we may contact you with information about services similar
    to those which were the subject of a previous sale to you
    m) To connect with you on social media, if you have requested to connect with us and, once
    connected, to provide you with information and updates about us and our Services on social
    By purchasing any of our Services or by dealing with us in any way, you consent to us using your
    Personal Data as detailed above.
    Children’s privacy
    We do not knowingly collect or process Data from anyone under the age of 13 (thirteen) years old
    (‘Child’/ ‘Children’). Our Services and Website content are not directed at minors, i.e., persons
    below the age of 18 (eighteen) years, especially children below the age of 13 (thirteen) years.
    If you are a parent or guardian and you are aware that your Child has provided us with Personal Data
    without your consent, please contact us. Unless contacted by a parent or legal guardian, we have no
    way of knowing that Personal Data was submitted by a Child without parental consent. As a
    parent/legal guardian you understand that the onus of controlling your Child’s Personal Data lies on
    you. If we become aware, after notification by a parent/legal guardian or the Children themselves, that
    we have collected Personal Data from Children without verification of parental consent, we take steps
    to remove that information from our servers.