Privacy Policy

Privacy Policy

Last updated: 19 March 2026

Ecorooms (“we”, “us”, “our”) respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, store and share your personal data when you visit www.ecorooms.co, contact us, request a quote, book a site visit, or use our conservatory renovation services.

1. Who we are

Business name: Ecorooms
Trading address: UNIT 9,  The Old Tradeplas Building, Stroud Road, Nailsworth, Gloucestershire, United Kingdom
Email: steve.luff@ecorooms.co
Telephone: 01453 624010

For the purposes of UK data protection law,  Ecorooms is the controller of your personal data.

If you have any questions about this Privacy Policy or want to exercise your data protection rights, please contact us using the details above.

2. The personal data we collect

We may collect and use the following types of personal data:

your name

your address and postcode

your email address

your telephone number

details about your property, conservatory, project requirements and preferences

photographs, measurements or other information you give us for quotation or project purposes

records of enquiries, appointments, quotes and communications

customer service, aftercare, warranty or guarantee information

marketing preferences

technical information such as IP address, browser type, device information, pages visited and cookie-related data

We do not intentionally collect sensitive personal information through our website unless it is genuinely needed and we have a lawful reason to do so. Please do not send sensitive information unless we ask for it.

3. How we collect your personal data

We collect personal data:

directly from you, for example when you fill in a contact form, request a quotation, call us, email us, message us, or book a visit

automatically when you use our website, through server logs, cookies and similar technologies

from other sources where relevant, such as referral platforms, social media lead forms, subcontractors, or someone acting on your behalf

4. How we use your personal data and our lawful bases

Depending on the situation, we rely on lawful bases recognised by UK data protection law, including taking steps at your request before entering into a contract, performing a contract, complying with legal obligations, pursuing legitimate interests, and consent. Where non-essential cookies or electronic direct marketing require consent under PECR, we rely on consent for those activities.

We may use your personal data to:

respond to enquiries and provide quotations

arrange surveys, appointments, installations, repairs and aftercare

manage customer relationships and contracts

process invoices and keep business records

comply with legal, tax, insurance and regulatory obligations

keep our website secure and prevent misuse

improve our website and services, where analytics cookies have been accepted

send marketing communications where you have consented or where we are otherwise permitted by law

maintain opt-out or suppression records so we do not send marketing to people who have objected or unsubscribed

5. Cookies and similar technologies

We may use cookies and similar technologies on our website. Some cookies are strictly necessary for the website to function. We will only use non-essential cookies, such as analytics or advertising cookies, if you choose to accept them. You can manage your preferences through our cookie banner or settings tool. If you use non-essential cookies, you should also keep a separate cookie list or Cookie Policy that names them clearly.

6. Who we share your personal data with

We may share your personal data where necessary with:

website hosting providers, IT support and cloud storage providers

email, phone, form-handling or CRM providers

analytics providers, where you have accepted analytics cookies

subcontractors, installers, surveyors or suppliers involved in your project

accountants, insurers, solicitors and other professional advisers

regulators, law enforcement agencies, courts or other authorities where we are required to do so

We require third parties who handle personal data for us to do so securely and only for appropriate purposes.

7. International transfers

Some of our service providers may store or access personal data outside the UK. If we transfer personal data outside the UK, we will only do so where the UK’s transfer rules are met, for example because the destination is covered by UK adequacy regulations or because appropriate safeguards are in place.

8. How long we keep your personal data

We keep personal data only for as long as reasonably necessary for the purposes set out in this Privacy Policy and to meet legal, accounting, insurance and record-keeping requirements. ICO guidance says privacy information should explain retention periods or the criteria used to decide them.

Our usual retention periods are:

general enquiries that do not become customers: 12 months from the last meaningful contact

quotations: 24 months from the date of the quote

customer project files, contracts and correspondence: 6 years after the end of the project

warranty / guarantee / aftercare records: for the life of the warranty or guarantee and for a reasonable period afterwards

marketing preferences and suppression records: for as long as necessary to respect your preferences

cookie and analytics data: in line with our cookie settings and provider retention periods

You should adjust these periods so they match your actual business practices.

9. Your data protection rights

Depending on the circumstances and the lawful basis we are relying on, you may have the right to:

be informed about how we use your personal data

request access to your personal data

ask us to correct inaccurate or incomplete personal data

ask us to erase your personal data

ask us to restrict the use of your personal data

object to our use of your personal data

request transfer of certain personal data to you or another provider

withdraw consent where we rely on consent

You have an absolute right to object to your personal data being used for direct marketing, and rights requests generally need to be handled within one calendar month.

To exercise any of your rights, please contact us at [email address].

10. Marketing

If we send you marketing by email, text or similar electronic means, we will do so only where we have the right to under applicable law. You can opt out at any time by:

clicking the unsubscribe link in a marketing email

replying STOP to a text message, where applicable

contacting us using the details in this policy

We may keep a record of your opt-out request so we can respect it in future. People have an absolute right to object to direct marketing.

11. Complaints

If you have a concern about how we handle your personal data, please contact us first and we will try to resolve it.

You also have the right to complain to the Information Commissioner’s Office (ICO), the UK regulator for data protection matters. Details of how to complain are available on the ICO website.

12. Third-party links

Our website may contain links to other websites. We are not responsible for the privacy practices of other websites, and we recommend that you read their privacy policies.

13. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page and the “Last updated” date will be changed.

We need your consent to load the translations

We use a third-party service to translate the website content that may collect data about your activity. Please review the details in the privacy policy and accept the service to view the translations.