Dovista UK Privacy Notice
Last updated: November 2025
Welcome to the Dovista UK Privacy Notice (“Privacy Notice”). This Notice explains why we collect personal data about you, the types of personal data we collect, how we collect it, how long we keep it, with whom we share it, as well as your rights. We also explain how we protect your data.
This Privacy Notice has been prepared to comply with the UK General Data Protection Regulation (UK-GDPR) and the Data Protection Act 2018.
The data controller responsible for your personal data is Dovista UK, dovista.co.uk.
Why do we Process Personal Data and Legal Bases for Processing
We collect, use and store your data to enable us to provide our services to you. “Service” refers to conducting business with you — including responding to inquiries, sales, quotes, orders and after-sales services. We may also process data for business development, marketing (with your consent), recruitment, legal compliance and contractual purposes.
We rely on one or more of the following lawful bases under UK-GDPR:
-
Performance of a contract (e.g. when you place an order) — Article 6(1)(b)
-
Consent — Article 6(1)(a) (e.g. newsletter subscriptions)
-
Legal obligation — Article 6(1)(c)
-
Legitimate interest — Article 6(1)(f) (e.g. handling general enquiries)
-
Processing special categories of data (if applicable) under Article 9, where needed for regulatory or compliance reasons
The Types of Personal Data we Collect and for What Purposes
| Activity | Types of personal data collected (examples) | Purpose(s) |
|---|---|---|
| General business operations | Name, contact details, company details (if applicable) | To manage business relations with customers, suppliers, partners etc. |
| Enquiries & quotes | Name, email, phone number, address, project details, correspondence, drawings/photos (if provided) | To respond to your requests, provide quotes or information about our products/services |
| Sales & order fulfilment | Name, contact details, payment/credit information, address for delivery | To process orders, handle delivery, installation, payment and any credit checks |
| After-sales service / product claims | Contact details, order information, correspondence | To handle guarantees, service requests or warranty claims |
| Marketing (if consent given) | Contact info, purchase history, browsing behavior (e.g. via cookies or device identifiers) | To send you relevant offers, newsletters, updates about products/services |
| Surveys, research & feedback | Contact data and any data voluntarily submitted | To improve our products, services and customer experience |
| Compliance, legal & security | Data as required by law or regulations | To comply with legal obligations, handle compliance checks or investigations |
How we Collect Your Personal Data
-
Directly from you (e.g. via website forms, email, phone, in-person)
-
Through our digital platforms (e.g. website, apps, cookies, analytics)
-
Possibly from business partners, distributors or installers when required for order fulfilment or customer support
Data Sharing and Data Transfers
We may share your personal data with:
-
Other companies within the Dovista Group (when needed to fulfil service, sales or support)
-
Third-party service providers, logistics partners, installers or subcontractors (for delivery, installation, service)
-
Technology providers (e.g. hosting, website support, analytics, advertising networks) — but only when necessary and subject to data-processing agreements
-
Legal authorities, if required by law or to protect legal rights, safety or security
If data is transferred outside the UK (or to so-called third countries), we ensure adequate safeguards — e.g. standard data-protection clauses or verified international data-transfer agreements.
Data Retention
We only keep your data for as long as is necessary to fulfil the purpose it was collected for — e.g.:
-
Until you opt out of marketing
-
For the duration necessary to complete orders, warranties, and after-sales support
-
As required by law (e.g. for compliance, audit, or record-keeping)
Data Security
We implement appropriate technical, administrative and physical security measures to protect your personal data from unauthorized access, disclosure, alteration or destruction. We regularly review our security procedures in line with best practices.
Your Rights Under UK-GDPR
You have the right to:
-
Request information about whether we process personal data about you, and obtain a copy (right of access)
-
Request correction of inaccurate or incomplete data (right to rectify)
-
Request deletion of your data in certain circumstances (right to erasure)
-
Request restriction of processing under certain circumstances (right to restrict)
-
Receive personal data you provided in a structured, commonly used and machine-readable format (right to data portability)
-
Object to processing (where processing is based on legitimate interest)
-
Withdraw consent at any time (for processing based on consent, e.g. marketing)
If you wish to exercise any of these rights, or have any questions about how your data is handled, please contact us at privacy@dovista.co.uk (or the email address you specify). We aim to respond within one month. In some cases we may need to extend the period by up to two months — in that case we will inform you.
If you are not satisfied with our response, you have the right to lodge a complaint with the supervisory authority (e.g. the UK’s data protection regulator).
Changes to This Privacy Notice
We may update this Privacy Notice from time to time — e.g. to reflect changes in legal or regulatory requirements, business practices, or technology. The most recent version will always be published on our website dovista.co.uk. We encourage you to review it periodically.
