Privacy Policy
Floristry Market Privacy Policy
Here at Floristry Market we know how important it is to keep your personal data safe. We are committed to making sure that you receive the service you’d expect and that your privacy is protected.
Here, we explain the ins and outs of the data we collect from you and how we use it. It might not be something you’re interested in, but it is important you have a read and, of course, let us know if you have any questions.
Who are we?
Floristry Market (‘we’ and ‘us’) is the wholesale trading name of Total Party Ltd.
Explaining the legal bases we rely on
The law on data protection sets out a number of different reasons for which a company may collect and process your personal data, including:
Consent
Sometimes we collect and process your data with your consent. An example is when you sign up to receive our emails from the home page of our website.
Contractual obligations
If you buy from us, in legal terms, there is a contract. We would then need your personal data in order to comply with our contractual obligations, for example, we would need your address in order to deliver your order and these details would be passed on to our couriers.
Legal compliance
If the law requires us to, we may need to collect and process your data for example in the case of fraudulent activity on your credit card (if it was stolen) we may be required by law to pass your information on to the authorities if requested.
Legitimate interest
We may require your data to pursue our legitimate interests in a way which might reasonably be expected as part of running our business and which does not materially impact your rights, freedom or interests. An example might be when we combine data to identify trends, purchase history of a product or send you marketing emails if you have applied for an account or placed any orders with us.
When do we collect your data?
In most cases you will know when we are collecting data as you will be freely giving it to us, for example, when placing an order online or signing up for an account.
We collect your data:
- When you apply for a trade account
- When you contact us by live chat
- When you call us
- When you complete one of our enquiry forms on our website
- When you make an online purchase
- When you make a purchase in person
- When you email us directly
- When you place a telephone order
- When you follow / like / subscribe to one of our social media platforms
- When you interact with us on one of our social media platforms
- When you complete any of our surveys
- When you review us or our products online on our website or on other platforms
- Any individual may access personal data related to them, including opinions. So, if your comment or review includes information about the Partner who provided that service, it may be passed on to them.
- When our partners, such as BOC, share information with us about any transaction you may have made through us or something that may affect a transaction we are involved in.
- We may collect data from publicly-available sources (192, Facebook etc) when researching your eligibility for a trade account or if we are suspicious of a particular transaction.
- When you visit Floristry Market in person we have CCTV outside and inside. This is for security purposes. There are multiple signs posted bringing this to your attention. Footage is usually kept for 7-10 weeks depending on the amount of activity recorded after which time it is automatically deleted. These systems may record your image, the images of those you are with and details of your vehicle during your visit, as well as any audio (what you say).
What do we collect and why?
When you apply for an account or buy a product or service through us either by phone or online, we’ll collect some of your personal details, to make sure we have everything we need to ensure you receive your products as efficiently and safely as possible. We’ll only use this data for processing and delivery of your orders, and for keeping in touch. We don’t ask for anything we don’t need (Marital status, employment status, etc). You are allowing us to use this data for this and for the purposes listed below.
Most of the information listed below is usually collected whenever you apply for a trade account with Floristry Market. Some is collected during other communication with us. Much of the information is collected for contractual obligations. Some is on the basis of the legitimate interests of our business. Some is used for both.
What we collect: First and Last name.
Why do we collect it? How do we use it?: So that your order goes to the right person. So that we can address you nicely in any communication.
What we collect: Address(es)
Why do we collect it? How do we use it?: So that your order can be delivered to where you want it delivered to.
What we collect: Telephone number (Landline and/or Mobile)
Why do we collect it? How do we use it?:
So that we, or the delivery partners we work with, are able to get in touch with you regarding your order. We also may need to call you regarding something on your account or to take payment or follow up on an enquiry. Mobile numbers are also used for the delivery tracking by our delivery partners if you choose to receive notifications by text. We may also call you to let you know of new products or to sort out any operation problems (eg: courier delay).
When you sign up for a 'Notify Me!' notification on a product, we also use your mobile number to contact you via text* when the product is back in stock.
*Please note, you will be unable to reply to these text messages. If you have any questions regarding the message, please get in touch via email, phone or live chat.
What we collect: Email address
Why do we collect it? How do we use it?: Your email is used as your login to the site. We use your email so that we can contact you. This may be to confirm your account has been approved, to send you confirmation of your order or send you delivery status updates though our delivery partners. We also use your emails for the “Contact me when available” facility on our website if items are out of stock and to send you communications required by law or which are necessary to inform you about our changes to the services we provide you. For example, updates to this Privacy Notice, product recall notices, and required information relating to your orders. These service messages will not include any promotional content. We also use your email to keep in touch and inform you video content, new products, offers etc. This is done on the basis of legitimate business interests. If you have requested to receive our emails on our home page your email address will be used for this also. You can unsubscribe from our marketing emails at any time – you just need to click on the unsubscribe link in the email. You may still receive emails for other things such as product recalls. We will also still send you order confirmation emails. It may be used to show you products through third party platforms such as Facebook and Instagram – this will only be possible if you have agreed on the specific platform to receive marketing from advertisers. If you have not agreed, you should not see anything from us. You can stop who you see ads from in the settings on whatever platform you are using.
What we collect: Payment card details
Why do we collect it? How do we use it?: These may be taken to take payment for your orders. If ordering online it is done through our secure payment provider, Braintree by you if using a debit or credit card and not using Paypal. We are unable to see the full card details at any time. We do have the facility to charge your card on the Braintree portal manually if you give us permission to do so, usually over the phone. If payment is taken over the phone, your card details are written down, entered into our Braintree payment portal and then immediately shredded in a cross-cut shredder (Security DIN level 3). Your details are also used to issue refunds.
What we collect: Trading name
Why do we collect it? How do we use it?: Floristry Market is a Trade-only website for those in the floristry trade or those that use flowers and floral accessories on a regular basis, or sell them on. A trading name helps demonstrate to us you are a legitimate trader.
What we collect: VAT Number
Why do we collect it? How do we use it?: This is only required if you are a European customer outside of the UK. If you are in the UK, you do not need to provide this information. The reason we ask for it is because you do not need to pay VAT as a European customer due to the cross-border VAT rules. Once we have checked this on the VAT database, VAT will automatically not be included on your order.
What we collect: Type of business
Why do we collect it? How do we use it?: This is to help us understand better what type of customers we have and be able to serve you better with products that may be of interest to specific types of businesses.
What we collect: Website, Facebook page, Instagram Account etc.
Why do we collect it? How do we use it?: We ask for this information to help us identify that you are a genuine business in the trade and are eligible for a trade-account. We may sometimes ask for further information if it is not clear. We may also ‘like’, ‘follow’ or ‘subscribe’ to whatever channel it is you have provided and your other social channels as it’s nice to be friendly. If you do not want us to follow or like you, just drop us a line and we will unfollow you, un-like and won’t be offended. Promise.
What we collect: Password
Why do we collect it? How do we use it?: This is so that only you can access your account from the login screen. We do not know your password and if you forget your password you will need to click on the link saying you forgot your password (happens to us all!). We are able to log in to your basket through our website back-end and help you with your basket or take your order through the checkout stage however we do not have access to your password at any point. We do have the facility to change your password for you but always suggest you change it again as soon as you have logged in. We do not have the facility to enter your payment as ‘you’. We take your card details separately and process the payment manually and securely as outlined above.
What we collect: Trade reference
Why do we collect it? How do we use it?: This is someone you use in the trade already and we ask for their details to help confirm you are a genuine trader as defined above. We may contact this reference to confirm details of your application. Please note this is not a credit application so no financial details are required.
What we collect: Where you heard about us
Why do we collect it? How do we use it?: This information helps us to know where people find out about us and what marketing efforts are working, and which ones aren’t.
What we collect: Notes on any interactions
Why do we collect it? How do we use it?: If you call or email and we have an interaction with you, some or all of the details of the conversation may be saved to help deliver the service to you.
What we collect: Documentation you may send us to prove you are in the trade
Why do we collect it? How do we use it?: We may need this to prove you are in the trade. Some examples might be a certificate of floristry training or a certificate of incorporation. Possibly personal documents to prove where you live. We only use the data required on these documents to help demonstrate the case.
What we collect: Order details and order history
Why do we collect it? How do we use it?: Details of your order and your order history is automatically stored on our database for you to access at any time. This allows you to use the re-order facility. It also allows us access combined data on customer order total value, number of orders placed etc.
What we collect: Cookies
Why do we collect it? How do we use it?: Information gathered by the use of cookies in your web browser. Learn more about how we use cookies here. These are an important part of an online business and help us offer a better service.
What we collect: Reviews of products or Floristry Market
Why do we collect it? How do we use it?: If you leave a review on our site for a product you have purchased or about your experience with Floristry Market on social media platforms, it is visible to the public and is carried out with your consent as you are the only one that would be able to do this. We do not review ourselves.
What we collect: Technical information
Why do we collect it? How do we use it?: To deliver the best possible web experience, we collect technical information about your internet connection, browser, hardware, country, ip address, session ID, the web pages viewed during your visit, and any search terms you entered. This helps us track, develop, test and improve the systems, services and products we provide to you. We do this on the basis of our legitimate business interests.
What we collect: CCTV
Why do we collect it? How do we use it?: We use CCTV to protect our premises, team, customers, and assets from crime. We operate CCTV systems inside and outside our premises. We do this on the basis of our legitimate business interests. This data in only accessible by the most senior people in the company and is not used for ‘observation’ of team members or customers on a day to day basis unless any suspicion is raised. Footage is kept for 7-10 weeks after which time it is automatically deleted. This time period varies dependent on the amount of activity that is recorded on the camera as activity is only recorded when there is movement. If we discover any criminal activity or alleged criminal activity through our use of CCTV, fraud monitoring and suspicious transaction monitoring, we will process this data for the purposes of preventing or detecting unlawful acts and share it with the relevant parties involved. We aim is to protect the individuals we interact with from criminal activities.
Using information provided by third parties
We use very limited data from any third parties and it is information that is already in the public domain (For instance, a 192 listing or a Facebook profile used to confirm you are a genuine trade customer). We don’t buy any email lists or business listings. We only collect data from our customers, people applying for a trade account and people that are enquiring about our services.
Keeping and storing your data
If you’re a current or past customer or someone that has been approved for an account but never purchased, we’ll keep a copy of your personal details for no longer than 7 years, from the time your active relationship with us ends. By ends, we mean you have told us explicitly you no longer wish to buy from us or no longer want to log in access to our website (and therefore, prices). As a wholesaler we recognise you may use us occasionally, sometimes purchasing from us years apart. We therefore need you to tell us if you want your account closed. If we do not receive this, we will keep data up to a maximum of 10 years to be able to build a statistical picture of customer buying patterns and gain a better understanding of what lines we should continue to offer and what areas we should grow our range. Holding on to data allows us to keep accurate records for tax purposes and to handle any future complaints. All other personal data used for enquiring and quotation requests is kept for a maximum of 3 years should it not result in a relationship (purchase). Enquiry data that is written down is destroyed in a timely manner.
Some of the data that we collect may be transferred to and stored at a destination outside the European Economic Area ('EEA'), for example some of our IT systems are run on servers hosted in the USA and Australia. We take all steps reasonably necessary to ensure that your data is treated in accordance with this privacy notice and applicable privacy laws
Sharing your data with third parties:
Occasionally we may need to share your data for fraud management. This would be information about fraudulent or potentially fraudulent activity on our website. This may include sharing data about individuals with law enforcement or government bodies in the UK or worldwide should a valid request be received. This would be assessed on a case by case basis and your privacy would always be taken into consideration first.
We may pass your details onto a limited number of third parties we use for the processing of your order, communication with you and to provide information to us that allows us to improve the customer experience. The reasons we pass your information to the third parties is outlined in the table below.
We respect your privacy and that’s why we don’t give your data to any third parties for their own marketing purposes.
To ensure your privacy and the security of your data:
- We only provide information needed to carry out their specific services.
- They may only use your data for the exact purposes we specify in our contract with them.
- We work closely with them to ensure that your privacy is respected and protected at all times.
- If we stop using their services, any of your data held by them will either be deleted or rendered anonymous.
We currently use the following types of companies/organisations who will process your personal data as part of their contracts with us:
Who: Shipping / Delivery partners
Why: Our delivery partners need to have your information to make sure they know where to go to deliver your parcel. They also use your email / mobile number to communicate the status of your delivery (Delivery timeslot, delivered time etc). Our partners sometimes use contracted delivery companies to fulfil their delivery commitments. If you are based outside the UK and place an order with us, your data will be shared with delivery companies employed by our delivery partners in your country or countries that your order is transported through.
Who: Postcode lookup companies
Why: To automatically find your address when your postcode is entered. This uses Royal Mail Databases.
Who: Social media platforms
Why: We use social platforms to communicate with customers and the wider world. By following us or interacting with us on a particular platform you are giving that platform the knowledge that you have done so. You will already have a contract with the platform if you have an account with them. We use the power of social platforms to help communicate with you. This may be done by using your email address or facts you have posted on your accounts’ profile that allow targeting. This means, you may see ads from us. You can change your settings in each platform you use regarding seeing ads from any advertiser.
Who: Gas companies
Why: The gas companies we work with for helium supply will need your details in order to be able to deliver your helium / compressed air / nitrogen cylinders. They also need details if you collect from their depots to ensure you are the right person.
Who: Website management / IT companies
Why: We use our web developers to host our databases. This is essential to the operation of the website. They have access to anything you enter on the website. We also use our IT company for security of our on-site IT systems. They have remote access to our network but only access on our request and are only on out network for as long as it take to fix any problem. We also use automatically updating anti-virus and security software on all our computers.
Who: Communication software (email, live chat etc)
Why: We use various software companies in order to be able to communicate with you. This software sometimes includes other business functions such as documentation creation software. Most of the software we use is stored securely in a cloud-based environment. We send out bulk communication and marketing emails. This is mainly for the distribution of video content, but we also occasionally send emails about holiday opening times, newsletters, issues with our front-line services, offers etc. You can unsubscribe from these emails at any time just by clicking the link in the received email. This is an automatic process once you click unsubscribe.
Who: Security company
Why: Our security and CCTV company maintain our on-site security systems. They have access to our CCTV feed but only access this if instructed by us.
Who: Web intelligence software
Why: We use various technology that allows us to observe website visitors on the page as well as collect data on that usage. It allows us to build a more user-focussed web experience. Data is anonymous so we do not know which session relates to which user.
Who: Payment platform
Why: We use a secure online payment platform to process your payments securely on the website. This also allows us to securely re-charge your card without seeing your card details. This is essential to make payment online. It is also used to help us investigate suspected fraudulent transactions.
Who: External Payment platforms
Why: This is another platform you may choose to use to process your payments securely on the website. This is essential to make payment online if you want to pay using your external payment accounts. We are unable to process these payments on your behalf. External payment options include: PayPal, Klarna, Google Pay & Apple Pay.
Who: Accounting software companies
Why: We use various accounting software companies to help prepare and manage out accounts. Our accountants have access to our accounts software in order to carry out their legal duties on our account as well as aid us with our accounts where necessary. If you have received a manually prepared invoice from us, your details are stored on this software. If you have only placed orders on the website, your data is not stored on our account software but is stored on the website platform as above. The exception to this is if you are a European customer or outside of EU customer when an invoice has to be created on our accounting software.
Who: Suppliers / Manufacturers
Why: We may, on occasion, send your order direct from one of our suppliers or manufacturers. If this is the case, your data is given to them in order to be able to send the order through their delivery partners. Only the information that is essential to send the orders is provided to them. They would share this with their delivery partners in order to deliver to you.
Who: Stock management / order management / scanning technology
Why: We use various integrated systems in order to be able to process your orders, order from suppliers and book in your delivery with our delivery partners. These allow us provide an efficient and accurate service.
Who: Mail distribution companies
Why: To get in touch with you or send marketing materials to you by post. We may, on occasion, send you a gift via this service.
Protecting your data outside the EEA
The EEA includes all EU Member countries as well as Iceland, Liechtenstein and Norway. We may transfer personal data that we collect from you to third-party data processors in countries that are outside the EEA. This is usually for delivery purposes only.
What are my rights?
The personal data we hold on you is only ever data you have provided to us or that is in the public domain (192 entry, facebook page etc). If you’d like to see the personal information that we hold about you, you can request it. If this information is incorrect you can ask for it to be updated (or you can do this in your own account when logged in). Or you can request that it’s deleted from our systems.
If we choose not to action your request, we will explain to you the reasons for our refusal.
You also have other rights:
- Whenever you have given us your consent to use your personal data, you have the right to change your mind at any time and withdraw that consent.
- You have the right to tell us to stop using your personal data for direct marketing. This is usually by email and so you can stop receiving marketing emails at any time by unsubscribing in the email.
- You have the right to a review by a human of any decision made based solely on automatic processing of your data (i.e. where no human has yet reviewed the outcome and criteria for the decision).
To action these, simply email us at info@floristrymarket.co.uk or you can post a request to us at:
Floristry Market
Unit 2A
Nutsey Lane
Totton
Southampton
SO40 3NB
To protect the confidentiality of your information, we will ask you to verify your identity before proceeding with any request you make under this Privacy Notice. If you have authorised a third party to submit a request on your behalf, we will ask them to prove they have your permission to act. Once we’ve seen and are happy with this proof being genuine, we’ll send you a copy of the personal data we hold / confirm action has been taken within 28 days.
Where we rely on our legitimate interest
In cases where we are processing your personal data on the basis of our legitimate business interest, you can ask us to stop for reasons connected to your individual situation. We must then do so unless we believe we have a legitimate overriding reason to continue processing your personal data.
How we protect your data
We know how much data security matters to all our customers. With this in mind we treat your data with care and take all appropriate steps to protect it.
- We secure our website and all online apps with ‘https’ technology.
- We employ the services of a professional IT provider to advise and action any security recommendations.
- We use automatically updating IT security software.
- All computers are turned off at night or are locked and password protected.
- Access to your personal data is password-protected on our network.
- Payment card information is secured on the payment provider’s secure server. It is never stored locally by us.
- Any sensitive information written down is shredded immediately if it is no longer required.
- All paper with any personal data that is no longer required is stored in a locked cupboard to then be collected in a sealed bag for commercial shredding. The bag is not opened for shredding.
- We regularly monitor our system for possible vulnerabilities and attacks, and we carry out regular penetration testing to identify ways to further strengthen security.
Contact the regulator
If you feel that your data has not been handled correctly, or you are unhappy with our response to any requests you have made to us regarding the use of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office.
You can contact them by calling 0303 123 1113. Or go online to www.ico.org.uk/make-a-complaint/ (opens in a new window; please note we can't be responsible for the content of external websites)
If you are based outside the UK, you have the right to lodge your complaint with the relevant data protection regulator in your country of residence.
Got any worries?
If, at any time, you feel that we haven’t processed your data fairly or you’re not satisfied with how we’ve handled your personal information, you can contact the Information Commissioners Office, who will look into this for you. For full details about how to share any concerns you may have, visit www.ico.org.uk/make-a-complaint/
Links to Other Websites
Any links to other websites that we provide on our websites or emails or other forms of communication are provided to help further understand the product or topic you are looking at. Please remember that when you use a link to go from our website to another website, this privacy notice no longer applies. Your browsing and interaction on any other website, including those which have a link on our website, are subject to that site's own rules and policies so please make sure you are happy with that before using the site before giving any personal information.
Updates
This notice will be updated from time to time and we recommend that you check back regularly but we will notify you of any changes through our website where this policy is posted. The most recent release date will always be listed below:
Release Date: 12th August 2024