Privacy Policy

Controller: Room Reads Ltd., 71-75 Shelton Street, London, WC2H 9JQ, United Kingdom.

Contact: [email protected], +44 20 3129 5520.

We provide curated books and reading room design services in the UK.

We collect only what we need to serve you well:

• Contact and order details such as name, email, phone, billing/shipping addresses.
• Service information you choose to share (room photos, dimensions, reading preferences).
• Payment confirmations from our payment provider. We do not store full card numbers.
• Technical data: IP address, device type, browser, pages viewed, and interactions. Optional analytics uses cookies with your consent.
• Communication records, including support emails and form submissions.

We use your data to provide and improve our services. Legal bases under UK GDPR include contract, legitimate interests, legal obligation, and consent.

• Processing orders, coordinating delivery, and handling returns (contract).
• Providing design advice and curated recommendations (contract/legitimate interests).
• Customer support and service communications (contract/legitimate interests).
• Optional email updates and analytics with your consent. You can opt out anytime.
• Fraud prevention, security, and legal compliance (legal obligation/legitimate interests).

Our site uses essential cookies to function and optional analytics cookies to understand traffic. You can accept or reject optional cookies using the cookie choices in the bottom‑right corner at any time.

You can also manage cookies via your browser settings.

We share data only with trusted service providers when necessary to run our business:

• Payment processing providers.
• Couriers and postal services for delivery and returns.
• Cloud hosting, email, and customer support tools.
• Analytics providers for optional, consented insights.

All providers are bound by contracts that protect your data and prevent unnecessary use. We do not sell your personal data.

If data is transferred outside the UK, we use appropriate safeguards such as UK International Data Transfer Agreements or Standard Contractual Clauses to protect your information.

We keep data only as long as needed:

• Orders and invoices: up to 7 years for tax and accounting.
• Support messages: up to 24 months.
• Analytics data: per-tool default or until you withdraw consent.
• Design project files: up to 24 months after completion, unless you ask us to remove them sooner where allowed.

You have rights under UK GDPR, including to access, rectify, erase, restrict or object to processing, data portability, and to withdraw consent at any time. You also have the right to lodge a complaint with the ICO.

• To exercise your rights, email [email protected] with your request.
• We may need to verify your identity before acting.
• We respond within one month where feasible.

Supervisory authority: Information Commissioner’s Office, ico.org.uk.

We apply reasonable technical and organisational measures to protect personal data, including encryption in transit, access controls, and staff training. No method is perfectly secure, but we work to reduce risk and review measures regularly.

Our services are designed for adults. We do not knowingly collect personal data from children. If you believe a child has provided data, contact us and we will take appropriate steps to remove it.

We may update this policy to reflect changes in law or our services. We will post the new version here and update the date below.

Last updated: 24 February 2026

If you have questions about this policy or how we handle your data, email [email protected] or call +44 20 3129 5520.