What information do we collect?
A key element of the regulation is transparency in terms of providing accessible information about how we process personal information. As a service provider we hold and process individuals’ data. The kind of data we hold varies depending on the service we have been engaged to provide, please see the examples below (this list is not exhaustive):
Name, address, contact numbers, emails, recipient names, delivery address, credit card details.
Data collection via our website
How do we use collected information?
We use the information we have (subject to choices you make where appropriate) as described below:
- To create orders & arrange despatch / delivery of these;
- To receive payment for orders we process;
- To contact you for administration reasons related to the services which we provide.
How do we protect data?
Ginkgo Florists employs high standards of security in order to protect the personal data under its care. Appropriate security measures are taken to protect against unauthorised access to or disclosure of any personal data held by us.
Ginkgo Florists ensures that the personal data it processes is relevant to the purposes for which this data is collected. Data which is not relevant to such processing will not be acquired or maintained. Any information provided to us is held securely and is not shared with third parties unless we have your permission, or it is required for your service. With regard to credit card information, card details are not recorded or stored by us.
Who do we share this information with and why?
Your information is only shared where necessary for us to carry our business service or to comply with laws and regulations that apply to us. Any third parties who are given access to your data in the course of providing services on our behalf are subject to strict contractual obligations to ensure that your data is protected in compliance with data protection legislation and is not used for any other purpose. Credit Card data is processed directly by Stripe Payments and Paypal, both of whom are fully compliant with the Payment Card Industry Security Standards & GDPR.
Cookies are small data files placed on your computer or other internet device by websites to track activity. They allow websites to perform better, for example, by remembering user preferences and activity for statistical analysis. If you do not want your browser to accept cookies you can turn off this functionality in settings but this may prevent this website or other websites from functioning properly.
The main categories of Data Processors are:
- Database Management Systems providers
- IT Services providers
- Delivery Companies
- Credit Card Processing Companies
Lawful bases for processing
We collect, use and share the data that we have in the ways described below:
- is necessary to fulfil our Terms and Conditions (contractual obligation);
- consistent with your consent, which you may revoke at any time;
- as necessary to comply with our legal obligations;
- as necessary for our (or others’) legitimate interests, including our interests in providing an innovative, personalized, safe, and profitable service to our clients, unless those interests are overridden by your interests or fundamental rights and freedoms that require protection of personal data.
Data retention and deletion
We retain your personal data for as long as needed to provide our services. This includes data you provided to us and data generated or inferred from your use of our services. We will not retain data longer than is necessary to fulfil the purposes for which it was collected or as required by applicable laws or regulations. Generally, the data will be kept for up to 7 years after the completion of our services due to the legal requirements of the sector which we must comply with.
What are your rights?
Under the General Data Protection Regulation, you have the right to access, rectify, port and erase your data. You also have the right to object to and restrict certain processing of your data. Please note that these rights apply in limited circumstances as provided for by the GDPR.
The data controller responsible for your information is Ginkgo Florists, which you can contact by post or email:
Data Protection Officer
48 Baggot Street Upper, Dublin 4, D04 Y9W8
By email – with subject address as ‘Data protection Officer’
You also have the right to lodge a complaint with Ginkgo Florists’ lead supervisory authority, the Irish Data Protection Commissioner, or your local supervisory authority.