Hestia Design is committed to protecting and respecting your privacy. We wish to be transparent regarding how we process your personal information and demonstrate that we are accountable, in accordance with the EU General Data Protection Regulation (EU 2016/679) and the Data Protection Act 2018.  It is the intention of this Privacy Statement to explain to you our privacy management practices in relation to the personal information that we collect and process.

The scope of this Privacy Statement extends to include all personal information which is collected through our website  In addition, this Privacy Statement also extends to all personal information which is collected and processed electronically, including email communication, and personal information which is collected and processed through software applications, and all associated technologies. This Privacy Statement does not relate to personal information which is collected and processed manually.

In accordance with the EU GDPR (2016/679) and the Data Protection Act 2018, we are identified as both a Data Controller, there may be occasions when we are also identified as a Data Processor.

By willingly providing personal and other information, you consent to the terms and conditions of this Privacy Statement.  Please read this statement carefully, as this document sets out the basis on how we collect and process the personal information that you provide to us.

Who are we?

Co-founded by Rachel and Sarah, Hestia is a multidiscipline interior design studio based in Dundalk, Co Louth, Ireland.  Working with clients nationwide, we deploy innovative solutions that take the stress out of the interior design process.  We inspire you to rethink the possibilities your space offers, enabling you to fully visualise the design before we even begin. Our clint portfolio encompasses both residential and commercial sectors.

How we collect personal information about you 

When you browse our website, we may ask for personal information, such as your name, and email address. We may also collect information about you when you are on the internet such as the website you came from, IP address, domain types, i.e., and .com, your browser type, the country where your internet service is located, the pages of our site that were viewed during your visit and search terms you used.  This information is only used for our own research and to improve our services to you. In addition, your IP address is used to gather local broad demographic information. To measure the effectiveness of our online presence on   we may use cookies to determine the path users take on the site and to identify repeat visitors to the website.

Personal information is collected when you register on either by email, or when you complete and submit any of our online forms or make a purchase of our gift cards. The categories of personal information that we collect, and process include, your name, company name, email address, landline, and mobile telephone number.

How we use your personal information


We are legally mandated to identify the specific lawful bases which allow us to collect and process your personal information. In accordance with EU GDPR legislation, we rely on the following legal bases, Consent, Contractual Necessity, Legal Obligation, Legitimate Interest, Public Interest.

There may be occasions when it is necessary to engage with third-party stakeholders and working partners for the following purposes:

                To facilitate the delivery of our products and services

                To provide products and services on our behalf

                To perform related services or,

                To assist us in analysing how our products and services are used.

We may process your personal information for more than one lawful basis depending on the specific purpose for which we are using your personal information.

The following table illustrates the various purposes that your personal information may be collected and processed and the legal bases for processing that personal information. Please note, however, that this is not an exhaustive list of our data processing activities.




To register you as a client.

To register you as an external Stakeholder/Supplier 

Name, address, phone no, email address

Contractual Necessity

To provide and deliver our products and services to you.

Name, address, phone no, email address

Contractual Necessity, Consent,

To reply to you emails  and enquiries

Name, address, email address

Contractual Necessity, Legitimate Interest

To enable us to provide you with online estimates

Name, address, phone no, email address

Contractual Necessity, Consent

To enable you to purchase our Gift Cards

Name, email address

Contractual Necessity

To enable us to dispatch orders

Name, email address, postal address, phone no

Contractual Necessity, Consent, Legitimate Interest

To enable us to issue invoices

Name, email address, postal address, phone no

Contractual Necessity, Consent, Legitimate interest

To enable us to keep you updated regarding our products and services

Name, email address, phone number


To enable you to subscribe to our newsletters

Name, email address


To manage and administer the use of our services & relationship with clients, suppliers, stakeholders.

Name, Address, Email address

Contractual Necessity/Legitimate Interest, Consent

For the prevention and detection of crime

Name, (possibly address & email address)

Public Interest, Legal obligation


 Source of collection

You provide personal information when you visit  Personal information is also collected when you send an email and when you complete and submit any of our online forms and when you make a purchase of any of our products.

We use the Social Media platforms of Facebook, Instagram and Pinterest, personal information may be collected through these channels.


Cookies are used on Cookies are files with a small amount of data that is commonly used as an anonymous unique identifier. These are sent to your browser from the website that you visit and are stored on your computer’s hard drive. Our website uses cookies which are necessary to enable core functionality, such as security, network management and accessibility.

Google Analytics is used to collect information and to improve services offered and provided.  You have the option to either accept or refuse these cookies and know when a cookie is being sent to your computer.  If you choose to refuse cookies, you may not be able to use some portions of the service.  For full information on the use of Cookies, we would refer you to our separate Cookie Policy which you will find on

Third party sites

There may be occasions when contain links to other sites.  If you click on a third-party link, you will be directed to that site. Please be aware that these third-party sites are not operated by us, we strongly advise that you review the privacy statements of any third-party sites.  We do not take any responsibility for the content of privacy statements or practices of any third-party sites or services.

International transfers

We do not actively transfer personal information beyond European territories and the EEA.

Please note that outside the EU and the EEA different standards of data protection might apply. By completing and submitting any online forms on our website, you acknowledge and consent that data may be transferred across international borders, including to countries outside the EU and the EEA.

We will ensure that when personal information is transferred outside the EU and the EEA that local data protection standards meet EU GDPR requirements.

Security of personal information

We are committed to the protection and security of your personal information. A variety of security technologies and procedures are used to protect your personal information from unauthorised use and access, accidental loss, unlawful destruction, alteration, unlawful disclosure.  As effective as security practices are, no physical or electronic system is entirely secure.  We cannot guarantee the complete security of databases, nor can we guarantee that information that you supply will not be intercepted while being transmitted to over the internet. Strict security controls have been implemented to ensure that your privacy is safeguarded at every level.  We will continue to revise policies and procedures and review systems, and we will implement additional security features as new technologies become available.  Any transmission of personal information is at your own risk.  When we receive your personal information, we use appropriate security measures to prevent your personal information from being compromised in any way.  When you contact us to ask about your personal information, we may ask you to identify yourself, this is to help protect your personal information.

Retention of personal information

Personal information is not retained for longer than is considered necessary to enable us to provide our products and services. Independent Statutory legislation, and Regulatory obligations will influence the retention period of various categories of personal information that we collect and further process. Further information regarding the retention of personal information is detailed in our separate EU GDPR Retention Policy, a copy of which is available upon request.


We do not collect or process personal information pertaining to children under the age of 13 years.  If you are under 13, do not access, use, or provide and personal information on or through any of their features. If we learn that we have collected or received personal information from a child under 16 without parental consent, we will delete that information.


Do we share your personal information?

There may be circumstances when we are legally mandated to share personal information, in accordance with Independent Statutory legislation and regulatory requirements.  In addition, there may be circumstances where it is necessary to share personal information with our Working Partners and Stakeholders to enable us to provide our products and services efficiently.  We will ensure that all Data Sharing Agreements and Contracts have been implemented prior to the sharing of any personal information. Access to personal information to external Stakeholders and Working Partners will only be afforded when a specific legal and lawful purpose (s) has been identified. Detailed below is a list of Stakeholders and Working Partners with whom personal information may be shared for the purposes of providing our services to our clients. This list is, however, not exhaustive:

  • IT Provider/Support
  • Web Hosting Co
  • Business Partners/External Stakeholders
  • Saas Providers


Data subject rights

In accordance with the EU General Data Protection Regulation (EU 2016/679) and the Data Protection Act (2018) you are afforded the following rights in certain circumstances.

Right of Access: You have the right to obtain confirmation whether personal information is collected and processed about you and where that is the case, access to the personal data, including the purposes of processing and the categories of personal data concerned.  The recipients or categories or recipients to whom the personal information have been or will be disclosed.  You may also submit a written request for a copy of personal information you believe is processed about you.

Right to Rectification: You have the right to the rectification of inaccurate personal information about you without undue delay.

Right to Erasure: You may request us to delete your personal information however, this is not an absolute right, and any such request will be considered in accordance with EU GDPR legislation and local legislation.

Right to Restrict & Object: You have the right to restrict and object to us collecting and further processing your personal information.

Right to Data Portability: Upon receipt of your written request, where possible, a digital copy of your personal information can be shared with you or another organisation.

How to contact us

Should you wish to contact us with regard to how we collect and further process your personal information please send an email to:

Contact Details for the Data Commissioners Office are as follows: 21 Fitzwilliam Square, Dublin 2.  Telephone No (00 353 578684800)

Changes to this privacy policy

This Privacy Statement will be updated from time to time, particularly to reflect any changes made, regarding how we collect and process your personal information.  Details of any changes made will be posted here. By continuing to use after any changes are posted, you accept and agree to the privacy statement as modified.

APRIL 2023


089 6011640 089 6078766