Privacy Policy.
This is our data protection and privacy policy that details; who we are and how we process personal data.
WHO WE ARE
We are Floral Salvage trading as www.floralsalvage.co.uk, Rottingdean, Brighton, East Sussex BN2 7FE
‘Floral Salvage’ are the registered DATA CONTROLLER with the Information Commissioners office in accordance with the provisions of the (GDPR) General Data Protection Regulations and Data Protections Act. Our registration number is: (currently awaiting confirmation.) For any further details relating to this registration please visit; www.ico.org.uk
We operate a website at www.floralsalvage.co.uk via which we sell floristry products and services, workshops and courses.
Floral Salvage take the privacy of our customers extremely seriously. We are very committed to ensuring that the information we collect and use is appropriate and does not constitute an invasion of your privacy.
Since the Data Protection Act was passed in 1998 UK companies have been legally required to treat any Personal Data they hold on individuals (whether this be in electronic or physical form)In accordance with the provisions of the Act. These requirements have been modified and extended by the (GDPR) General Data Protection Regulations, which became law in the UK on the 25th May 2018.
WHAT PERSONAL INFORMATION DO WE COLLECT
We may collect individual contact information from our customers and of those who may express an interest about our products and services and in becoming one of our customers. The types of information we may collect are; names, addresses, telephone numbers, email addresses and financial details.
THE PURPOSE FOR WHICH WE COLLECT PERSONAL DATA
We may collect your individual contact information and financial details to enable us to communicate and deal with you in relation to the purchase or potential purchase of our products, services, workshops and courses.
IF YOU BROWSE OUR WEBSITE
We may collect information relating to your visit to our website and how you navigate around different sections of the website for our own analytics purposes and to understand our customer journey and how people use our website. This is so that we can continue to make this website more intuitive and ‘user friendly’ and to monitor and create a better consumer experience.
MARKETING, ADVERTISING AND PROMOTIONAL MATERIAL
We may collect your individual contact details in order to send you direct marketing material in relation to advertise, market or promote our services, products and workshops. Please note, this would always be subject to your prior consent, where applicable. You have the right to opt out of any such direct marketing communications.
WHAT IS OUR LEGAL BASIS FOR COLLECTING DATA?
The legal basis for collecting and processing your personal data is as follows:
Contractual-We need to collect and process your data including personal information in order to fulfill and perform our contractual obligations to you as our customer when you purchase/ order products and or services from us.
Consent- You the client/ customer have voluntarily given us the information and thereby given us your permission to use your personal data for our marketing purposes or to answer and inquiry you have submitted to us.
Legitimate Interest- if you have placed an order with us, or booked a space on one of our workshops or courses, we may from time to time send you notifications of new products or services, offer and promotions. This would only be if we think these products, services or promotions may be of interest to you.
HOW DO WE COLLECT THIS INFORMATION?
The information is collected when you order with us. This may be given to us by filling in a form, either online via our website or on paper. Shopping at our studio or by communicating with us via phone, post, email or other electronic means.
WHO DO WE DISCLOSE YOUR DATA TO?
We will never sell or rent your personal data to any third party. We will only pass on such data when necessary for the operation of our business or to fulfill our Legal obligations. We may for example share data with;
Floral Salvage employees, for the purpose set out as above.
Courier companies, engaged by us to deliver goods you have ordered from us.
Companies providing email marketing services, which we use to communicate with you.
Any statutory body or other third party to whom we are obliged to disclose such data, in order to comply with our legal and regulatory obligations.
HOW LONG WILL WE KEEP YOUR DATA?
We will not retain your data longer than is reasonably necessary or legally required.
If you are not a customer, But have contacted us with a question about our products or services, we will retain your data only for as long as needed to fulfill your request.
If you have made an enquiry about our products or services, But not ordered with us, we will retain your data for a maximum of two years from the date of your most recent enquiry with us. Unless you request for us to delete it sooner.
If you have ordered with us, we will keep your data while your order is live, and for as long as required for legal and regulatory purposes, thereafter.
Data that is no longer required is disposed of securely. You can at any time request that we erase all personal data we hold on you. Our ability to comply fully with such a request will depend on our regulatory and legal obligations. (see the ‘your rights’ section below for more details)
WHERE IS YOUR PERSONAL DATA PROCESSED
We normally only process personal data in the UK.
INTERNATIONAL DATA TRANSFERS
The GDPR stipulates that companies should not transfer personal data outside of the EU unless it is to:
A country which the EU regards as ‘Adequate’ in its Privacy and Data Protection Regulations.
OR
An organisation who’s Privacy and Data Protection policies and procedures are accredited by a certification scheme approved by the EU.
OR
An organisation which has signed a binding contractual commitment to process Personal data in compliance with the requirements of the GDPR.
This website is hosted by Squarespace, which is an American company and Personal Data entered on the site will be transmitted by us from their servers in the U.S. Squarespace are members of the EU-US Privacy Shield Framework and as such are authorised to receive and process Data from EU countries. For more details about the Privacy Shield Framework visit www.privacyshield.gov/welcome
DATA SECURITY
The security of your Personal information is of the utmost importance to us.
Data that is held by us on our secure servers is protected by a combination of physical and electronic access controls and Firewall Technology. Where we have a need to share your Data with third parties as previously described. We verify that they will process the Data only for the purpose for which it is shared and will treat it in conformity with the requirements of the GDPR.
WHAT ARE YOUR RIGHTS IN RESPECT OF PERSONAL DATA HELD BY US?
You have the following rights in respect of your Personal Data held by us:
To be informed about how we obtain and use your information
To request a copy of all the personal information we hold about you and (except in exceptional circumstances) to receive this within 30 days of making the request.
To have any out dated or incorrect Data concerning yourself rectified promptly on brining this to our attention.
To request that we erase any Personal Data we hold about you. 9please note that this is subject to our legal and regulatory obligations.) -Records of our financial transactions for example, which may contain personally identifiable data must be held for seven years from the end of the tax year in which the transaction took place.
If you received any email marketing communications from us at any time, you have the right yo unsubscribe from these marketing communications by contacting us.
Where the processing of your Data is based on contact, the right at any time to withdraw that contact.
COMPLAINTS
If you are at all unhappy with how we have handled your Personal Data, please contact us using the contact details on our ‘Contact us’ page we will endeavor to resolve the matter to your satisfaction. If we’re unable to do so, you have the righto complain to the Information Commissioners Office (ICO) about any business at any time, if you believe there is a problem with they way your Data is being handled. see the ICO website for further details. www.ico.org.uk