Cookie Control Harveys uses cookies to store information on your computer to give you the best browsing experience.

Cookie Information and Settings

Harveys use cookies to store information on your computer. Some cookies are essential to make our site work and others help us to improve your experience.

These cookies are set when you login, submit a form or interact with the site by doing something that goes beyond clicking some simple links.

We also use some non-essential cookies to anonymously track visitors or enhance your experience of this site

If you're not happy with this you can switch this OFF and we won't set these cookies but you may not be able to interact with the site and some nice features may not be available.

To control third party cookies, you can also adjust your browser settings.

By using our site you accept the terms of our Data Protection Policy and Cookie Policy


Your basket

Total Price Inc. delivery

Finance: pm, months View finance calculator

Finance available on orders over £250

Estimated dispatch time weeks
You've saved on your order

You have no products in your basket

Continue Shopping

Steinhoff UK Retail Limited (“Steinhoff”) - Data Protection Customer Privacy Notice

Steinhoff takes its obligations with regard to data protection seriously. As such, we are providing this notice (“Privacy Notice”) to you so that you are provided with information about how Steinhoff collects and uses your Personal Data in accordance with applicable data protection law, including the General Data Protection Regulation 2016/679 (“GDPR”). Please read this Privacy Notice, as it contains important information of which you should be aware.

For the purposes of this Privacy Notice, (“Steinhoff Customers”, “you” or “your”) means customers of Steinhoff and “Steinhoff” (“we”, “us” or “our”) means Steinhoff UK Retail Ltd (a company incorporated in the UK with company registration number 0040754).

Steinhoff is the data controller with regard to the processing of your Personal Data (as defined below). The data controller is the entity that determines how and why Personal Data is processed.

1. What do we collect and process?

In order for Steinhoff to deliver its products and services to you and manage its business efficiently, it is necessary for us to collect, maintain and process Personal Data about you. “Personal Data” is information which (either on its own or in combination with other information Steinhoff holds) allows Steinhoff to identify a Steinhoff Customer and thus enable us to manage our relationship with Steinhoff Customers. We may collect information from you when you visit our website, purchase goods or services from us, contact us by telephone, email or post or receive a communication from us relation to your purchase.

The Personal Data which we process may include the following:

  • Name and address
  • Contact information (including telephone number and email address)
  • Bank account and payment card details and billing address
  • Age/Date of birth
  • Gender
  • Current and Past purchases and orders made by you
  • Your password(s) for our websites
  • Your communication and marketing preferences
  • Your interests, preferences, feedback and survey responses
  • Your location
  • The Personal Data contained in any other communication you make with us
  • Your online browsing activities on Steinhoff websites

Personal Data will primarily be collected from you directly. However, some Personal Data may, where lawful to do so, be collected by Steinhoff from third parties or publicly available information about you (e.g. from marketing agencies). We will only accept and use information about you from reputable organisations who have either obtained your permission to share your information with us or who have collated information about you from publicly available sources.

Please note that you are under no obligation to provide Steinhoff with your Personal Data; however, not providing some of the Personal Data described above could prevent Steinhoff from performing its obligations in relation to your purchase of goods and services (and any related services) from us.

2. Why and for what purpose do we collect and use your Personal Data and Sensitive Personal Data and what is our lawful basis for doing so?

Please note: this list may be updated from time to time and we will provide notice as and when such updates are made.

The term “processing” means any action taken, also with the help of electronic means, in connection with Personal Data, including collection, handling, use, transfer and disclosure by transmission, dissemination or otherwise making available, as well as recording, organisation, storage, retention, adaptation or alteration, access, retrieval, consultation, alignment or combination, blocking, anonymising, erasure, disposal or destruction.

Personal Information Basis of Processing Purposes of Processing
  • Name and address
  • Contact information (including telephone number and email address)
  • Bank account and payment card details and billing address
  • Details of your purchase or order
  • Personal Data contained in any other communication you make with us
Processing that is necessary to perform a contract or when taking steps in connection with a contract with you.
  1. to help us identify you
  2. to provide the goods and/or services purchased by you and provide any related services or follow-up service or information as required
  3. to process your payment(s) to us
  • Contact information provided voluntarily by you
  • Any special categories of personal data (physical or mental health data, race or ethnicity data or other data volunteered by you) required to ensure we can deliver your product(s) and or deal with any specific concerns or enquiries raised by you.
Where necessary, processing based on your freely given, specific, informed and unambiguous consent.

Where we process special categories of personal data about you, this will be with your explicit consent.
  1. to send marketing information and surveys to you by email, post and text
  2. to keep you updated on Steinhoff products and services which may be of interest or relevance to you
  3. to provide deliveries and deal with concerns or enquiries which involve special categories of personal data about you, at your request and with your consent.
  • Name and address
  • Contact information (including telephone number and email address)
  • Bank account details
Processing that is necessary to comply with a legal obligation to which we as the data controller are subject (other than a contractual obligation).
  1. to confirm your identity, keep records required by law or to evidence our compliance with laws, including tax laws, consumer protection laws and data protection laws. To provide information to law enforcement agencies or other authorities where we are required to do so.
  • Details of current and past purchases and orders and purchased made by you
  • Age/Date of birth
  • Nationality
  • Gender
  • Personal Data contained in any other communication you make with us
  • Your password(s) for our websites
  • Your communication and marketing preferences
  • Your interests, preferences, feedback and survey responses
  • Your location
  • The Personal Data contained in any other communication you make with us
  • Your online browsing activities on Steinhoff websites
  • Accident/Incident/Near Miss reporting and investigation data
Processing that is necessary for our own legitimate interests or those of third parties provided these are not overridden by your interests and fundamental rights and freedoms. A description of our legitimate interests is set out below.
  1. to respond to and/or deal with requests, enquiries or complaints
  2. for managing our business
  3. for marketing purposes
  4. for the prevention and detection of crime
  5. for statistical purposes
  6. for improving and changing our services and processes
  7. for the processing of any insurance or other claim by any employee or third party.
  8. for legal compliance

Personal Data – Legitimate Interests

The specific legitimate interest pursued and how this is balanced against your interests:

  • to enable us to operate efficiently, and to ensure any issue you may have is dealt with effectively, efficiently and fully.
  • to manage customer accounts, including keeping general records of customers, sales, customer care and other interactions. This will ensure you receive the best service possible.
  • to provide you with updates and promotional offers about our goods and/or services, where you have not opted out of receiving such communications from us. In doing so, we can ensure that we are providing you with relevant details of our products and services where these are of interest to you. These offer benefits to you and will hopefully save you money on future purchases.
  • to target our direct marketing to you (where you have consented to receive it). This is necessary to build a better picture of the type of offers and products we can provide which you might be interested in, so that the communications you receive are more relevant to you and are not merely generic communications. We believe this is justified as you are in control over whether you receive our direct marketing.
  • to protect ourselves from fraudulent transactions. This is necessary to protect genuine customers and our business from fraud to minimise the risk of false details being used, and abuse of card details by fraudsters.
  • to improve the operation of our business and our marketing activity more generally, including to assess what is working and what is not in terms of our marketing activity or our sales performance, so that we can develop our websites, products and offers to be more relevant to our customers generally, to improve your online experience and the products we offer. Where possible, we will use statistical or pseudonymised data for these purposes.

We may convert your Personal Data into statistical or aggregated data in such a way as to ensure that you are not identified or identifiable from that data. We may use this aggregated data to conduct research and analysis, including to produce statistical research and reports. We may share such anonymous aggregated data with third parties. Aggregated and anonymous information does not personally identify you and is therefore not Personal Data, (and so not caught within the GDPR).

3. To whom will your Personal Data be disclosed?

Personal data will be shared and transferred from us to other Steinhoff group companies for the purposes noted above (or for such other purposes as are notified by Steinhoff to you from time to time).

In the course of its business, Steinhoff may disclose Personal Data to third parties that are performing services under contract for Steinhoff, such as I.T. hosting and maintenance providers. Personal Data may also be disclosed upon lawful request from government authorities, law enforcement and regulatory authorities, and where required or permitted by relevant local law and for tax or other purposes. Further, Personal Data may be disclosed to third parties in response to legal process and when required to comply with laws, or to enforce Steinhoff’s agreements and corporate policies or to protect the rights, property or safety of Steinhoff, its employees, agents and third parties. In addition, Steinhoff may disclose Personal Data to parties to whom the relevant Steinhoff Customer has authorised Steinhoff to release his Personal Data, such as when that Steinhoff Customer has participated in a competition or when Steinhoff is investigating any customer complaint made by that Steinhoff Customer which may, in both cases, require disclosure of Personal Data to Steinhoff’s PR company (amongst others).

We may share any of your personal data with a prospective purchaser or purchaser of any part of our business, on the basis of our legitimate interests and the interests of our purchaser, so that they can appropriately value the business and assess any risks and continue doing business with you after the acquisition.

For the purposes described above (or for such other purposes as are notified by Steinhoff to you from time time), your personal information may be transferred to, and stored, and otherwise processed in, one or more countries outside of the European Economic Area (“EEA”). The jurisdiction of other organisations outside the EEA may not have adequate data protection laws equivalent to those in place within the EEA. For transfers of your Personal Data to third parties outside of the EEA, we take additional steps in line with data protection laws. We have implemented appropriate technical and organisational measures to protect your Personal Data in the form of EU Commission approved forms of contract with the relevant recipient(s) of your personal information. In addition, we will take reasonable steps to ensure that your personal information is adequately protected in accordance with the requirements of the UK data protection law. If you would like to obtain a copy of the EU Commission approved forms of contract, please contact us by using the details below.

Steinhoff may also, where permitted (and having obtained any necessary consents as may be required by law), disclose Personal Data outside of the EEA for the purposes noted above in respect of Steinhoff, or:

  • where required as matter of law (for example, to tax and social security authorities);
  • where required to protect Steinhoff’s and/or other Steinhoff group companies’ legal rights (for example, to defend against litigation);
  • for such other purposes as are notified to you by Steinhoff from time to time.

4. Security of your Personal Data

As stated above, Steinhoff takes the protection of your Personal Data seriously and we have implemented technical, physical and organisational measures to ensure the Personal Data (and Sensitive Personal Data) of Steinhoff Customers is kept accurate, up to date and protected against unauthorised or accidental destruction, alteration or disclosure, accidental loss, unauthorised access, misuse, unlawful processing and/or damage.

5. Data Retention

Steinhoff will retain your Personal Data only for such period as is necessary to perform the purpose(s) for which it was collected. In many cases this means that Personal Data will be retained for the duration of the time that we provide goods and services to you and then for a reasonable time thereafter in order to manage any problems, process any returns, manage our relationship with you, defend any claims, for tax purposes and/or for any other record keeping purposes. This period is typically a period of not less than 6 years from the date of delivery of your last order with us.

6. Your Rights

You have certain legal rights, which are briefly summarised below, in relation to any personal data about you which we hold.

Your right What does it mean? Limitations and conditions of your right
Right of access Subject to certain conditions, you are entitled to have access to your personal data (this is more commonly known as submitting a “data subject access request”). If possible, you should specify the type of information you would like to see to ensure that our disclosure is meeting your expectations.

We must be able to verify your identity. Your request may not impact the rights and freedoms of other people, eg privacy and confidentiality rights of other individuals.

Right to data portability Subject to certain conditions, you are entitled to receive the personal data which you have provided to us and which is processed by us by automated means, in a structured, commonly-used machine readable format. If you exercise this right, you should specify the type of information you would like to receive (and where we should send it) where possible to ensure that our disclosure is meeting your expectations.

This right only applies if the processing is based on your consent or on our contract with you and when the processing is carried out by automated means (ie not for paper records). It covers only the personal data that has been provided to us by you.

Rights in relation to inaccurate personal or incomplete data You may challenge the accuracy or completeness of your personal data and have it corrected or completed, as applicable.

We encourage you to notify us of any changes regarding your personal data as soon as they occur, including changes to your contact details, telephone number.

This right only applies to your own personal data. When exercising this right, please be as specific as possible.
Right to object to or restrict our data processing Subject to certain conditions, you have the right to object to or ask us to restrict the processing of your personal data. As stated above, this right applies where our processing of your personal data is necessary for our legitimate interests. You can also object to our processing of your personal data for direct marketing purposes.
Right to erasure Subject to certain conditions, you are entitled to have your personal data erased (also known as the “right to be forgotten”), eg where your personal data is no longer needed for the purposes it was collected for, or where the relevant processing is unlawful. We may not be in a position to erase your personal data, if for example, we need it to (i) comply with a legal obligation, or (ii) exercise or defend legal claims.
Right to withdrawal of consent As stated above, where our processing of your personal data is based on your consent you have the right to withdraw your consent at any time. If you withdraw your consent, this will only take effect for future processing.

Where our processing of your personal data is necessary for our legitimate interests, you can object to this processing at any time. If you do this, we will need to show either a compelling reason why our processing should continue, which overrides your interests, rights and freedoms or that the processing is necessary for us to establish, exercise or defend a legal claim.

If you would like to exercise any of your rights as described above (or if you have any questions about this Privacy Notice or concerns about our dealings with your Personal Data), please contact

We will try to resolve any concerns you may have. However, if you consider that we are in breach of our obligations under data protection laws, you may lodge a complaint with the Information Commissioner’s Office (

You have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or of an alleged infringement of the GDPR.

7. Updates to this Privacy Notice

Steinhoff may change this Privacy Notice from time to time in order to reflect changes in the law and/or its privacy practices. When this happens and where Steinhoff is required to do so by law, it will provide you with a new and/or updated Privacy Notice.


Need some help?
We can call you

Enter your details and we'll call you back.

  • Call me back

    * Required fields