Our Policies

Please find below our Cookies and Privacy Policies.

Cookies Policy

Your data privacy is very important to us. NAS, whose registered address is located at NAS House, 411 Limpsfield Road, Warlingham, Surrey, CR6 9HA, United Kingdom (https://www.shopfitters.org/) is committed to ensuring that your privacy is protected.

Our Cookies Policy explains what cookies are, how we use cookies, how third-parties we may partner with may use cookies on the Service, your choices regarding cookies and further information about cookies.

1. Introduction

The National Association of Shopfitters (NAS) uses cookies on the https://www.shopfitters.org website (the “Service”). By using the Service, you consent to the use of cookies.

Our Cookies Policy explains what cookies are, how we use cookies, how third-parties we may partner with may use cookies on the Service, your choices regarding cookies and further information about cookies.

2. What are Cookies?

Cookies are small pieces of text sent to your web browser by a website you visit. A cookie file is stored in your web browser and allows the Service or a third-party to recognise you and make your next visit easier and the Service more useful to you.

Cookies can be “persistent” or “session” cookies. Persistent cookies remain on your personal computer or mobile device when you go offline, while session cookies are deleted as soon as you close your web browser.

3. How the NAS uses cookies

When you use and access the Service, we may place a number of cookies files in your web browser.

We use cookies for the following purposes:

  • To enable certain functions of the Service
  • To provide analytics

We use both session and persistent cookies on the Service and we use different types of cookies to run the Service:

Essential cookies. We may use essential cookies to authenticate users and prevent fraudulent use of user accounts.

Analytics cookies. We may use analytics cookies to track information how the Service is used so that we can make improvements. We may also use analytics cookies to test new advertisements, pages, features or new functionality of the Service to see how our users react to them.

4. Third Party Cookies

In addition to our own cookies, we may also use various third-parties cookies to report usage statistics of the Service, deliver advertisements on and through the Service, and so on.

5. What are your choices regarding cookies

If you’d like to delete cookies or instruct your web browser to delete or refuse cookies, please visit the help pages of your web browser.

Please note, however, that if you delete cookies or refuse to accept them, you might not be able to use all of the features we offer, you may not be able to store your preferences, and some of our pages might not display properly.

For the Chrome web browser, please visit this page from Google: https://support.google.com/accounts/answer/32050

For the Internet Explorer web browser, please visit this page from Microsoft: http://support.microsoft.com/kb/278835

For the Firefox web browser, please visit this page from Mozilla: https://support.mozilla.org/en-US/kb/delete-cookies-remove-info-websites-stored

For the Safari web browser, please visit this page from Apple: https://support.apple.com/kb/PH21411?locale=en_US For any other web browser, please visit your web browser’s official web pages.

6. Where can you find more information about cookies?

You can learn more about cookies and the following third-party websites:

All About Cookies: http://www.allaboutcookies.org

Network Advertising Initiative: http://www.networkadvertising.org/


Cookies help us identify your device, performance of typical actions on this website or when you are logged in to specific secure zones. We use strictly necessary and functional cookies to enable you to move around the site and to provide basic features. Tracking and performance cookies are used to provide a better overall user experience. Below are the types of cookies present on our website:


Some cookies are strictly necessary in enabling you to move around this website and use its most basic features. Without these cookies, for example, you would not be able to login to secure zones or keep track of your online shopping cart.

These cookies can’t be disabled.


We use performance and tracking cookies internally to enable us to provide you with a better user experience. Information supplied by these cookies helps us understand how our visitors behave on this website, track unique visitors or time spent on the site, and on different web pages so that we can improve how we present content to you.

Privacy Policy

Your data privacy is very important to us. NAS, whose registered address is located at NAS House, 411 Limpsfield Road, Warlingham, Surrey, CR6 9HA, United Kingdom (https://www.shopfitters.org/) is committed to ensuring that your privacy is protected.

This privacy policy explains how we use the information we collect about you, how you can instruct us if you prefer to limit the use of that information and procedures that we have in place to safeguard your privacy.

Your data privacy is incredibly important to us. We respect you and your data, we will not sell your data or email address to third parties.

We will do everything we can to keep your details and data private. The web is not 100% secure, but we will however do everything we can to keep your data private, with regular security updates/ patches, passwords, firewalls, backups and robust security systems and procedures to try our best to keep your data away from any malicious activity.

We collect anonymous statistical information about our users’ systems and browsing habits using systems from our server logs, cookies and from system such as Google Analytics to continually improve the NAS service.

We may use information held about you to provide you with news about service updates, things we think you might be interested in, or any changes to our business.

The NAS servers and Customer Relations Management system are all held within the United Kingdom naturally all server backups are all held and handled within the UK.

If you have signed up for newsletters or any other such information that the NAS provide and want us to stop contacting you. No problem, you have options:

The quickest way to stop receiving a newsletter or other such information is click on the unsubscribe link at the bottom of the email (this way we hold your details on a ‘suppression list’ to make sure you do not receive any more of these emails or newsletters).

If you are registered on multiple newsletters and you want to stop receiving one of the newsletters, we recommend clicking on the unsubscribe link at the bottom of the email you no longer wish to receive. If you want us to delete your records, please email info@shopfitters.org and we will handle your request within 28 days.

The difference between unsubscribe and deletion/removal. You can either unsubscribe or delete your details on request. If you unsubscribe, we will hold your details in a ‘suppression list’ to ensure you do not receive any future emails for a newsletter and so we can automatically manage your preferences on how we handle your data.

If we delete your details, this will be completed within 28 days, and we will completely delete/remove your records. So if you sign up for any company related information in the future, we will no longer hold any of your preferences and these will have to be set up again. Deletion of records will be completed as quickly as possible. We say that this will take 28 days, to ensure your details are also removed from any company database or server backups.

Privacy Policy In More Detail

For the purpose of the Data Protection Act 1998 or any replacement legislation including the EU General Data Protection Regulation (the “GDPR”) (together, the “Data Protection Legislation”), the data controller for National Association of Shopfitters is the NAS and their registered address is NAS House, 411 Limpsfield Road, Warlingham, Surrey, CR6 9HA, United Kingdom https://www.shopfitters.org/.

The NAS is committed to ensuring that your details are kept private and confidential and will do our utmost to guarantee this. In accordance with the Data Protection Act and the General Data Protection Regulation (GDPR), we endeavour to provide our users with a safe, secure and confidential experience. All of the information that you provide will only be used for the purposes set forth herein.

General Information Disclosure

Our policy is to keep details such as your name, address, e-mail address, telephone number, etc. private and confidential and do not disclose these details to outside parties, except when we are certain that the law requires it. As indicated earlier, we may share aggregate information with our stakeholders.

How we host and handle your data

The personal information that we collect from our stakeholders will, where possible, be stored and processed within the European Economic Area (EEA). The NAS website servers and Customer Relationship Management database servers are all hosted within the EEA region. We will only keep your personal information for as long as we reasonably require and, in any event, only for as long as Data Protection Legislation allows.

Although we will take extensive steps to protect your personal information, we cannot guarantee the security of your data transmitted via email and/or our website; any transmission is at your own risk. We take steps to protect your personal information from unauthorised access and against unlawful processing, accidental loss, destruction and damage. Unfortunately, the transmission of information via the internet is not completely secure.

In the event your personal information is transferred, stored or processed outside of the EEA, we will take all steps reasonably necessary to ensure that your personal information is treated securely.

Managing your data

In all of our e-communications you can unsubscribe. If you unsubscribe the NAS will then hold your details on a ‘suppression list’ to ensure we do not send any more emails to that registered email address for the selected subscription.

If you are subscribed to more than one email subscription list, you can be unsubscribed from one, or all email lists. If you unsubscribe from one service, you will still be registered and receive email from the other services you are subscribed to.

The NAS gives you the right to object from receiving further correspondence from the Company. On any subscription emails from the NAS there will be the option to ‘unsubscribe’ from receiving any further email correspondence.

You can also make a request to object by emailing info@shopfitters.org (Subject: Data Right to Object) or writing to the Data Controller, NAS House, 411 Limpsfield Road, Warlingham, Surrey, CR6 9HA, United Kingdom We will handle all requests within 30 days.

Request for Deletion

It is important to understand the difference between a right to object / unsubscribe and a request for deletion. If you request deletion, we will remove any data we hold about you from our systems. This will also mean that we will remove you from our suppression files.

If you are removed from our suppression files, there is a risk that we may contact you again in the future if your details are re-added to our systems by a sales person who genuinely believes you may have a legitimate interest in the NAS services. If you do not wish to receive correspondence from the NAS in the future we recommend that you request a right to object / unsubscribe, as this will ensure that your details are always suppressed from receiving correspondence.

The option however is yours, and in either case we will process your request within 30 days.

Request for Data Held

You may request that we send you all of the data we hold that relates to you. Please make your request in writing by emailing info@shopfitters.org (Subject: Data Right to Object) or writing to the Data Controller, National Association of Shopfitters, NAS House, 411 Limpsfield Road, Warlingham, Surrey, CR6 9HA, United Kingdom. We will process and respond to your request within 30 days.


Feedback can be submitted to the NAS and any feedback that is submitted through the Contact Us area of the website becomes property of the NAS. We may use this feedback for marketing purposes and to contact you for further feedback on the site.


What information does the GDPR affect?

GDPR applies to the handling and storing of any personal data that could be used directly or indirectly to identify a person. GDPR applies to both automated personal data and to manual filing systems.

What constitutes as data?

Personal data – any information which relates directly to an individual and can be linked directly to them. This includes a person’s name, phone number, email address, photographs, genetic and economic data. This kind of data is the focus of GDPR and data protection.

Anonymous data – data which has been anonymised properly cannot be traced back to the original individuals in any way but can still be processed by organisations to conduct research. Fully anonymous data is not covered by GDPR as it contains no personal information to protect.

Pseudonymous data – data which has been properly pseudonymised can only be connected back to an individual using a specific ‘key’ or code. This can be an extra layer of security, but the data is still treated as Personal Data under GDPR because of the possibility of personal identification.

Who is a controller?

The NAS is a controller if you decide how data is collected, managed, stored, used and/or deleted. You have a legal responsibility for the personal data you manage.

What is a processor?

The NAS are a processor if you manage the data on behalf of controllers but do not determine its uses, purpose, collection or deletion. You are complying with (legal) instruction from the controllers.

How does it affect you?

GDPR details procedures that are required by law, so you need to comply with them. It is therefore essential to make sure that you – as a Contractor, or a supplier of goods or services relating to your business – are following best practice in terms of:

  • how you gather information
  • how securely you store information
  • how you comply with reasonable requests for the information you hold
  • how you can provide evidence of any of the above

Ensuring that you have clear policies and acceptable processes in place will give you a strong case against a hefty fine in the event of non-compliance or data breach.

Cart Item Removed. Undo
  • No products in the cart.