DFS Furniture PLC is the data controller of the personal data we may collect. We take our responsibility of processing your personal information extremely seriously. This policy together with our Cookie Policy and our Website Terms of Use sets out what information we collect about you, and how it will be used and stored by us.

When we say ‘we’, ‘our’, ‘us’ or ‘The Group’ in this policy we are referring to DFS Furniture PLC.

For the purpose of the General Data Protection Regulation (EU 2016/679), the data controller is DFS Furniture PLC. Registered Office: 1 Rockingham Way, Redhouse Interchange, Adwick-le-Street, Doncaster, DN6 7NA.

Personal data we collect

We may collect and use your personal information for the following purposes:

  • Contact details – such as your name, email address, and postal address, so we can identify and contact you.

  • Shareholder information – if you are a shareholder, we collect details needed to meet our obligations, including your shareholdings, past transactions, dividend payments, and any information you provide to us.

  • Event information – if you register for or attend our meetings, presentations, or events, we record your registration details, attendance, and any votes cast.

  • Website data – when you visit our website, we collect cookies and technical information (see our Cookie Policy).

  • Subscriptions and enquiries – if you sign up for RNS updates or contact us through our website, we collect the details needed to respond to your request.

Why we collect and use your information

We only use your personal information where we have a lawful reason. This includes:

  • Maintaining the share register – it is a legal requirement to record each shareholder’s name, address, and number of shares held.

  • Managing your shareholder rights – to pay dividends, send relevant documents, and allow you to exercise your rights as a shareholder.

  • Meeting legal and regulatory duties – such as identity or credit checks, tracing lost shareholders, and responding to regulators or law enforcement.

  • Research and reporting – to analyse shareholder and voting trends, prepare reports (like the Annual Report), or respond to valid information requests.

  • Improving our website and operations – for troubleshooting, testing, data analysis, and making sure content works effectively for you.

Legal basis of processing

Whenever we use personal data, we must have a legal reason (a “legal basis”) to do so. Depending on the situation, we rely on one of the following:

  • Legal obligation – We process personal data because the law requires us to – for example, under the Companies Act, stock exchange or listing rules, financial crime regulations, and tax laws.

  • Contract – We process personal data to meet our obligations under contracts, such as the Company’s Articles of Association.

  • Legal claims – We may process data to bring, defend, or resolve legal claims, disputes, or investigations into fraud or crime.

  • Consent – If you have chosen to receive marketing communications (e.g. via registration or email alerts), we use your data for this purpose. You can change your preferences at any time by contacting us.

  • Legitimate interests – We also process personal data where it is in our legitimate business interests, including:

    • Managing and improving daily operations and corporate activities

    • Understanding and responding to shareholders’ needs

    • Sharing information about our business, performance, and updates

    • Keeping you informed about news and events (including regulatory updates)

    • Reviewing and acting on content or submissions you send us

    • Managing your account, resolving issues, and responding to enquiries

    • Preventing and detecting fraud, crime, and other unlawful activity

    • Protecting our business, colleagues, customers, and shareholders (including investigating policy breaches)

    • Inviting you to attend events

Sharing your personal data

We may share your personal data in the following situations:

  • With service providers – for example, website or event hosts, or companies that store and analyse data. They can only use your data to provide services agreed with us.

  • With our share registrar – such as Equiniti, if you are a shareholder.

  • With tracing agents – to help find “missing” shareholders.

  • When required by law or authorities – if UK or international regulators or public bodies require or permit us to share it.

  • For legal rights and fraud prevention – to establish, defend, or exercise legal rights, or to help prevent fraud.

  • During business changes – such as mergers, sales, or restructures.

  • With professional advisers – such as lawyers or other specialists who support our business.

Your Interests and Rights

  • Balancing your rights

    • When we process your personal data for our legitimate interests, we always consider your rights and the impact on you. We won’t use your data if your interests outweigh ours, unless required by law or with your consent.

  • Cookies

    • Our website uses cookies to improve your browsing experience and help us improve the site. See our Cookie Policy for details.

  • Data storage and security

    • Your personal data is stored securely on our servers or those of our providers.

    • Data relating to transactions is encrypted.

    • In some cases, your data may be transferred outside the EEA. We will make sure it remains protected.

    • If you have a password for our site, you are responsible for keeping it safe.

    • We take strong security measures to protect your data, but internet transmission is never 100% secure, so sending information online is at your own risk.

  • How long we keep data

    • We only keep your data for as long as necessary to provide services, meet legal requirements, or fulfil essential business purposes.

  • When we may share data

    • With authorities such as the police or regulators if legally required.

    • To enforce our terms, protect our rights, or during business sales/mergers.

    • With third-party websites you link to from ours (they have their own privacy policies).

  • Your rights

    • Access the information we hold about you (with proof of identity).

    • Ask us to stop processing if it causes you harm or distress.

    • Object to automated decisions that significantly affect you.

    • Correct inaccurate or outdated data.

    • Ask us to delete your data in certain cases (e.g. if consent is withdrawn, processing is unlawful, or data is no longer needed).

    • We may refuse deletion requests where data must be kept for legal, public interest, research, or legal claim purposes.

Questions or complaints

Contact us through our Contact Us page for any questions or concerns.

If you are unhappy with how we handle your data, you can complain to the Information Commissioner’s Office (ICO) at 0303 123 1113 or via their website.