The purpose of this document is to set out our policies in relation to the collection, holding, use and disclosure of personal information relating to an individual.
Personal information means information (including information or an opinion forming part of a database), whether true or not, and whether recorded in a material form or not, about an individual whose identity is apparent, or can reasonably be ascertained from the information or opinion.
We do not collect Sensitive information (for example your political opinions or health information).
From time to time and in line with customer expectations and any relevant legislative changes, our Privacy Policies and procedures will be reviewed and, if appropriate, updated. This policy was last updated on 22 March 2018.
Your privacy and the law
We recognise that your personal information is important to you and we share your concerns about how and what personal information is collected, used and shared. Your rights to privacy are protected by law, and this policy does not limit those rights.
We are committed to safeguarding your personal information and will always handle your personal information securely and carefully. We comply with all applicable data protection and privacy legislation and codes affecting your personal information.
What personal information do we collect?
The personal information we collect is in most cases supplied by you when you place an order or register an account on our website or provide feedback to us. Personal information may include:
- name and contact details (e.g. delivery address, phone number, e-mail address);
- transaction information (e.g. your credit or debit card details). This information is stored securely by PayPal under PCI-DSS compliance.
We also collect information from you automatically - please see Information collected automatically
below for more information about how we collect your information in this way.
Why do we collect your personal information?
In addition to any purpose notified to you at the time of collection, we collect, hold, use and disclose your personal information so we can:
- complete transactions and administer our relationship with you (including refunds);
- investigate and respond to your questions, comments or feedback in relation to our products;
- better understand your requirements and preferences and improve our service to you;
- provide you with information about our products;
- monitor activity on our website (for the purpose of maintaining the security of the website);
- comply with our legal obligations (including in relation to health and safety matters or matters relating to our employees or applicants for employment); and
- help us gain a better understanding of your likes and dislikes, so as to improve our website, marketing strategies and the products and services generally offered by us.
Your e-mail address
We record your e-mail address as part of the account creation process and/or a general query via our contact or product enquiry forms.
We will only use it to either send you information you have requested about any of the services or products we provide through our website, or for the processing of an order you have placed.
It will not be used for any unauthorised purpose or disclosed without your consent (unless permitted by law).
No Spam or Junk Mail
As part of our commitment to maintaining your privacy, The Orchid Florist does not condone unsolicited electronic messages or ‘spam’.
We will only send electronic messages (i.e. e-mails) with the addressee’s express or inferred consent to receive it.
Information collected automatically
Whenever you visit our website, our servers automatically record information about your usage of our website through cookies.
Cookies are small pieces of information stored by your browser on your computer or mobile device. Cookies are used to maintain session information between your browser and our website and identify things related to your use of the website such as the time, date and URL of the pages you visit, your IP address, your location and browser software.
Most browsers can notify you when a new cookie is received, or let you turn off cookies or geo-location services altogether. However, turning off these services may mean some features on our website are not available to you.
We use information obtained this way in order to learn about your preferences so that we may improve our website and the service offered through it.
We use both first party and third party cookies. First party cookies are those which we use. Third party cookies originate from one of our service providers such as Google.
We use a tool called Google Analytics
to collect information about use of this site. Google Analytics collects information such as how often users visit this site, what pages they visit when they do so, and what other sites they used prior to coming to this site.
We only use the information we get from Google Analytics to improve this site.
Google Analytics collects the IP address assigned to you on the date you visit this site, rather than your name or other identifying information. We do not combine the information collected through the use of Google Analytics with personally identifiable information. Although Google Analytics plants a permanent cookie on your web browser to identify you as a unique user the next time you visit this site, the cookie cannot be used by anyone but Google.
You can prevent Google Analytics from recognising you on return visits to this site by disabling cookies on your browser
Service providers to The Orchid Florist
We use the following third party cookies:
When do we disclose your personal information to third parties
We will often need to pass your personal information to companies who perform part of our service delivery.
The relevant organisations include those:
- involved in providing, managing or administering your order;
- involved in maintaining, reviewing and developing our business systems, procedures and infrastructure including testing or upgrading our computer systems;
- involved in the payments system including financial institutions, merchants and payment organisations;
- as required or authorised by law, for example, to government or regulatory bodies for purposes related to public health or safety, the prevention or detection of unlawful activities or to protect public revenue; or
- where you have given your consent.
Your personal information may be disclosed by us for a secondary purpose:
- where you have been asked and consented to the use or disclosure; and
- if you would reasonably expect us to use or disclose the information for a secondary purpose which is directly related to the primary purpose of collection; or
- if required or permitted by law or by a court/tribunal;
- if we reasonably believe it is necessary for law enforcement related activities.
We will take reasonable steps to ensure that any overseas recipient does not breach relevant privacy laws or principles.
Keeping your personal information up-to-date and accurate
We aim to make sure that the personal information we collect, use or disclose is accurate, complete, up-to-date and relevant, having regard to the purpose of use or disclosure. We will take reasonable steps to make sure this is the case. This way, we can provide you with better service.
If you believe your personal information is inaccurate, incomplete, not up to date, not relevant or misleading, please log in to your account page to correct your personal information
If you are having trouble updating your personal information, let us know
. We will take such steps as are reasonable in the circumstances to correct that information to ensure that, having regard to the purpose for which it is held, the information is accurate, up to date , relevant and not misleading.
Your privacy on the Internet
We take care to ensure that the personal information you give us on our website is protected from misuse, interference and loss, unauthorised access, modification or disclosure.
Links to third party websites
You may be able to access external websites by clicking on links we have provided.
It is important to note that those other websites are not subject to our privacy standards, policies and procedures.
You will need to contact or review those websites directly to determine their privacy standards, policies and procedures.
Can I access my personal information?
You have a right to gain access to your personal information that we hold. This is subject to some exceptions allowed by applicable law. Factors affecting a right to access include:
- access would pose a serious threat to the life or health or safety of any individual or to public health or safety;
- access would have an unreasonable impact on the privacy of others;
- a frivolous or vexatious request;
- access would reveal evaluative information generated by us in connection with a commercially sensitive decision making process;
- access would be unlawful;
- access would prejudice enforcement activities conducted by an enforcement body;
- legal dispute resolution proceedings with you where the information would not be accessible in the process of discovery in those proceedings;
- denying access as required or authorised by or under law or court/tribunal order.
We will give you reasons if we deny access (except to the extent that having regard to the grounds for the refusal, it would be unreasonable to do so).
Requests regarding your personal data must be made in writing.
Please contact us for more information about this process
We take all reasonable steps to protect all personal or company information from misuse, loss, interference, unauthorised access, modification or disclosure.
Your information is stored securely whether in an electronic or physical form. Only authorised personnel requiring access to the information are allowed access.
All personal, company or confidential information is stored in secured premises and/or in electronic databases requiring logins and passwords.
Some information is kept for a number of years to comply with any applicable legal requirements.
Contacting us or making a complaint