Privacy Policy

Last updated: February 2026

At artyrugs, your privacy is important to us. This Privacy Policy explains how we collect, use, and protect your personal information when you visit our website www.artyrugs.co.uk or make a purchase from us. This policy applies to all services offered by NexGen Brands Limited.

If you have any questions about this policy or your data, please contact us at marketing@artyrugs.co.uk.

Who We Are

artyrugs (“we”, “our”, “us”) is an online home décor brand specialising in high-quality, machine-washable rugs. Our website is hosted in the UK and operated by NexGen Brands Limited.

Information We Collect

We collect personal data depending on how you interact with our services.  Information you provide to us.

  • Account information: Name, username, password, customer ID. Used to create and manage your account.
  • Contact information: Name, address, email, phone number. Used for deliveries, customer service, and marketing (if consented).
  • Order and product information: Products purchased, search history, and purchase dates. Used to process orders, improve our service, and provide tailored marketing.
  • Demographic information and preferences: Age, gender, location, interests. Used for personalised recommendations and targeted advertising.
  • Feedback: Customer surveys, reviews, or comments. Used to improve products and services.
  • User-generated content: Photos, videos, or stories uploaded. Used for promotional purposes if consented.
  • Payment information: Payment card details, gift cards, stored securely with our payment providers. Used to process transactions.

Lawful basis for processing:

We automatically collect certain data about your device, including:

  • Contractual necessity (order processing, account management).
  • Consent (marketing communications, surveys).
  • Legitimate interest (improving services, fraud prevention, analytics).
  • Information automatically collected

We use cookies, pixels, and similar technologies to collect:

  • Pages visited, time spent, items viewed or purchased.
  • Interaction with emails or advertisements

Purpose: To improve our website, provide personalised content, measure advertising performance, and prevent fraud.

See our Cookies Policy for more details.

Lawful basis for processing: Legitimate interest and consent (where required).

How We Use Your Data

We use your data for:

  • Processing orders and delivering products.
  • Customer service and account management.
  • Sending marketing communications (with your consent).
  • Personalising your website experience.
  • Fraud detection, security, and compliance with legal obligations.
  • Analytics and improvements to our products and services.
  • Online advertising, including social media “Custom Audiences” and “Lookalike Audiences”.
  • Lawful basis for processing: Contract, consent, legitimate interest, and legal compliance.

Sharing Your Data

We may share your personal data with:

  • Service providers: Hosting, payment processing, delivery, marketing platforms, analytics providers.
  • Third parties in business transactions: In the event of merger, sale, or reorganisation
  • Legal authorities: When required by law or to prevent fraud and protect rights.
  • Advertising partners: Social media platforms, Google Ads, and similar services for marketing and analytics.

We ensure all third parties handle your data securely under Data Processing Agreements.

International Transfers

Your data may be processed outside the UK. Transfers are protected by:

  • UK adequacy decisions, or
  • Standard Contractual Clauses (SCCs), or
  • Other GDPR-compliant safeguards.

We take all reasonable steps to ensure your data is secure and treated according to this policy.


Data Retention

We retain your data only as long as necessary:

  • Order/payment records: 6–7 years (for tax and legal purposes).
  • Marketing preferences: Until withdrawal of consent.
  • Customer support records: Up to 3 years after last contact.
  • Feedback and surveys: Anonymised after 2 years unless consented for further use.

Your Rights

Under UK data protection law, you have the following rights:

  • Access: Request a copy of your personal data.
  • Rectification: Correct incomplete or inaccurate data.
  • Erasure: Request deletion of your personal data.
  • Restriction: Limit processing of your data.
  • Objection: Object to processing, including marketing.
  • Data portability: Receive your data in a machine-readable format.
  • Withdraw consent: Stop consented processing at any time.

    • To exercise your rights, contact us at marketing@artyrugs.co.uk.

    Children

    Our services are not intended for anyone under 18. We do not knowingly collect data from children. If you believe a child has provided personal data, contact us, and we will delete it promptly.

    Security

    We use industry-standard measures to protect your data, including:

  • SSL encryption for online transactions.
  • Secure storage and access controls.
  • Staff training on data protection.
  • You should also protect your login details and device.

    • Automated Decision-Making

    We may use profiling for marketing and website personalisation. You have the right to object to this type of automated decision-making.

    Changes to this Privacy Policy

    We may update this policy from time to time. The “last updated” date will indicate the latest version.

    Contact Us

    For questions about this Privacy Policy, or to exercise your rights, contact: