GDPR Compliance

Last updated: April 22, 2026

Our Commitment

Bache & Co. Interiors is committed to protecting your personal data in accordance with the General Data Protection Regulation (GDPR) and the UK Data Protection Act 2018.

Legal Basis for Processing

We process your personal data under the following legal bases:

• Consent: When you provide explicit consent for specific purposes (e.g., marketing communications)
• Contract: When processing is necessary to fulfill a contract with you
• Legitimate interests: When we have a legitimate business interest that does not override your rights
• Legal obligation: When required to comply with legal requirements

Your GDPR Rights

Under GDPR, you have the following rights regarding your personal data:

Right to Access

You have the right to request access to the personal data we hold about you. We will provide a copy of this data in a structured, commonly used format.

Right to Rectification

If any personal data we hold about you is inaccurate or incomplete, you have the right to have it corrected.

Right to Erasure

You may request deletion of your personal data when:

• It is no longer necessary for the purposes it was collected
• You withdraw consent and there is no other legal basis for processing
• You object to processing and there are no overriding legitimate grounds
• The data has been unlawfully processed

Right to Restriction of Processing

You can request that we restrict processing of your personal data in certain circumstances, such as when you contest the accuracy of the data.

Right to Data Portability

You have the right to receive your personal data in a machine-readable format and transmit it to another controller.

Right to Object

You may object to processing of your personal data based on legitimate interests or for direct marketing purposes.

Rights Related to Automated Decision-Making

We do not use automated decision-making or profiling in our operations.

Data Protection Officer

For questions regarding GDPR compliance or to exercise your rights, contact:

Email: [email protected]
Address: 47 Albemarle Street, Marylebone, London W1S 4JL, United Kingdom

Response Time

We will respond to requests to exercise your rights within one month of receipt. In complex cases, this may be extended by two additional months, and we will inform you of any such extension.

Complaint Rights

If you believe we have not handled your personal data in accordance with GDPR, you have the right to lodge a complaint with the supervisory authority:

Information Commissioner's Office (ICO)
Website: ico.org.uk
Helpline: 0303 123 1113

Data Transfers

We do not transfer personal data outside the United Kingdom or European Economic Area. Should this change, we will implement appropriate safeguards and inform affected individuals.

Security Measures

We implement appropriate technical and organizational measures including:

• Encryption of data in transit and at rest
• Regular security assessments
• Access controls and authentication
• Staff training on data protection

Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we will notify you and the relevant supervisory authority within 72 hours of becoming aware of the breach.