Data Protection Policy

This Data Protection Policy outlines how Stonewoods process and store personal data. It applies to all customers, employees, contractors and sub-contractors, or any other individuals involved with the company. Its purpose is to ensure that Stonewoods do comply with the GDPR legislation and secures high standard of data protection.

1. Purposes

As a retailer and a business organisation, Stonewoods process, retains and shares personal data solely for assisting their customers with fireplace enquiries up to the point of completion of the project and providing guarantees. It uses the data to contact customers to provide estimates, process sales orders, arrange fireplace installations and to inform about the progress of the agreed works. Stonewoods will not collect or store any personal data for any other purposes and will not sell any data to third parties.

2. Appointment of a Data Protection Officer

Stonewoods have appointed a Data Protection Officer who will oversee compliance with the Data Protection law and will act as a point of contact for both customers and employees/ contractors. The Data Protection Officer will have a direct line of communication with all Stonewoods employees/ contractors and will be liable for sufficient training to ensure that all involved have a good understanding of data protection law and practices required to fully comply with the legislation.

You can contact our Data Protection Officer via email at or by post addressed to: Mrs Silvie Omen, Stonewoods Ltd, Former All Saints Church, Armoury Way, London SW18 1HX.

3. Customers Data Rights

A customer may request that the Data Protection Officer:

a/ provides them with a copy of all personal data that Stonewoods hold about them. The Data Protection Officer shall promptly provide a copy of all information required to be disclosed by law.

b/ rectifies any incorrect personal data held by Stonewoods about them. The Data Protection Officer shall promptly consider such a request and respond to it in accordance with the law.

c/ stop Stonewoods from some or all their processing and storing of the customer's personal data at any time except the following situations:

  • The customer has an open order/ fireplace installation which has not been completed
  • There is an unsettled debt with Stonewoods, regardless of the payment method or terms, including a customer debt passed onto a third party
  • Once purchase has been made, Stonewoods will need to keep a record of the transaction for bookkeeping purposes and to honour the manufacturer’s guarantee.

The Data Protection Officer shall promptly consider a request for personal data deletion and respond to it in compliance with the GDPR legislation.

Stonewoods will only keep personal details of potential customers for a period of up to 2 years.

4. Sharing Data with Third Parties

Stonewoods will only ever share customer's personal data within the company, including our sub-contractors assigned to the customer’s fireplace installation. Stonewoods will not share personal data for any other reason unless it has the consent of the relevant individual.

5. Data Security

Stonewoods are committed to periodically review the security of their records and processing activities. All appropriate steps will be taken to ensure confidentiality, integrity, correctness and availability of personal data that it holds.

All personal data and quotations/ invoices will be held on Filemaker and can only be accessed by an authorised Stonewoods employee, using their own username and password. The Fireplace Diary will also require a username and a password. Hard copies of estimates and invoices will be filed in a safe place, such as a locked office, and shredded once no longer required.

6. Reporting Breaches to the Data Protection Officer

Actual or potential breaches of this policy, or of data protection law by Stonewoods, shall be reported immediately to the Data Protection Officer. Any concerns raised will be taken extremely seriously and all measures will be taken to rectify any issues with immediate effect.




Date Policy revised: 21st May 2018