Privacy Policy

Last updated: August 2018


  1. We may process information contained in any enquiry you submit to us regarding goods and/or services (“enquiry data”). The enquiry data may be processed for the purposes of explaining, offering and selling relevant goods and/or services to you.
  2. We may process information relating to transactions, including purchases of goods and services, that you enter into with us and/or through our website (“transaction data”). The transaction data may include your contact details, your card details and the transaction details. The transaction data may be processed for the purpose of supplying the purchased goods and services and keeping proper records of those transactions.
  3. We may process information that you provide to us for the purpose of subscribing to our newsletters (“notification data”). The notification data may be processed for the purposes of sending you the relevant notifications and/or newsletters.
  4. We may process information contained in or relating to any communication that you send to us (“correspondence data”). The correspondence data may include the communication content and metadata associated with the communication. Our website will generate the metadata associated with communications made using the website contact forms. The correspondence data may be processed for the purposes of communicating with you and record-keeping.
  5. We may process any of your personal data where necessary for the establishment, exercise or defence of legal claims, whether in court proceedings or in an administrative or out-of-court procedure.
  6. We may process any of your personal data where necessary for the purposes of obtaining or maintaining insurance coverage, managing risks, or obtaining professional advice.


Financial transactions relating to our website and services are handled by PayPal. We will share transaction data with our payment services providers only to the extent necessary for the purposes of processing your payments, refunding such payments and dealing with complaints and queries relating to such payments and refunds. You can find information about the payment services providers’ privacy policies and practices at:


You can choose to sign-up for our e-newsletter. As part of the registration process, we collect your name and email address and you confirm your consent for us to send you emails. We use the contact details to inform you about news, products, events, offers and information about BluBambu. We will never share the contact details you give us with other businesses or organisations.

We use a third-party provider, MailChimp, to deliver our email marketing. We gather statistics around email opening and clicks using industry-standard technologies to help us monitor and improve our e-newsletter. For more information, please see MailChimp’s Privacy Policy:

You can unsubscribe to general mailings at any time by clicking the unsubscribe link at the bottom of any of our marketing emails or by emailing


We store contact names, email addresses and phone numbers for any suppliers we have worked with to be able to provide orders and correspond with them. This information is not shared with any third parties.


Names, addresses and employment records are securely held in secure electronic format only and for the purposes of providing employment references. No access is given to any third parties whatsoever, without the written permission of the employee.


We try to use all commercially acceptable means to protect the personal data we hold, including password-protection on all computers, the use of firewalls, reputable remote cloud backups and anti-virus software.

We maintain data security by protecting the confidentiality, integrity and availability of personal data defined as follows:

  1. Confidentiality means that only people who are authorised to use the data can access it
  2. Integrity means that personal data should be accurate and suitable for the purpose which it is proposed
  3. Availability means that authorised users should be able to access the data if they need it for authorised purposes.


Personal data that we process for any purpose/s shall not be kept for longer than is necessary for that purpose/s. We may retain your personal data where such retention is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.


Data subjects should make a formal request for information we hold about them.

If an individual asks what information we hold about them, we will notify them that we will respond within one month. We will send them details of all personal data we hold on them.

We will inform them about:

  1. The source from which we obtained their personal data
  2. The purpose(s) for which we intend to process that data
  3. The types of third parties, if any, with whom we will share or to which we will disclose that personal data
  4. That the data subjects can limit or prevent our use and disclosure of their personal data.


Any requests to provide information on the data held or to remove contact details from our records will be carried out as soon as practically possible. This is typically within 48 hours and within a maximum of 30 days. We will confirm to them that we have done so.


A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.

Cookies may be either “persistent” cookies or “session” cookies: a persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.

Cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies.


We use cookies for the following purposes:

  1. Authentication – we use cookies to identify you when you visit our website and as you navigate our website
  2. Status – we use cookies to help us to determine if you are logged into our website
  3. Security – we use cookies [as an element of the security measures used to protect user accounts, including preventing fraudulent use of login credentials and to protect our website and services generally
  4. Analysis – we use cookies to help us to analyse the use and performance of our website and services

We use Google Analytics to analyse the use of our website and make changes to enhance its performance for our customers. The information gathered relating to our website is used to create reports about the use of our website. Google’s privacy policy is available at:


Most browsers allow you to refuse to accept cookies and to delete cookies. The methods for doing so vary from browser to browser, and from version to version. You can, however, obtain up-to-date information about blocking and deleting cookies via these links: (Chrome) (Firefox) (Opera) (Internet Explorer) (Safari) (Edge)

Blocking all cookies will have a negative impact upon the usability of many websites.

If you block cookies, you will not be able to use all the features on our website.


This website is owned and operated by BluBambu Living Limited.

We are registered in England and Wales under registration number 08843379.

Our registered business address is 40 Ashley Lane, Hordle, Lymington, SO41 0GA.

You can contact us:

  1. By post, to the postal address above
  2. Using our website contact form
  3. By telephoning one of our showrooms; Lymington: 01590 670885 or Winchester: 01962 865244
  4. By email, using

Our Data Protection Officer is David Littlewood.