Welcome to The Rooms Privacy Policy, last updated on March 19th, 2020. 
The Rooms respects your privacy and is committed to protecting your Personal Data. We want to be transparent with you about how we collect and use your Personal Data..
This Privacy Policy is designed to describe:
·       Who we are and how to contact us.
·       Marketing communications preferences.
·       What Personal Data we collect.
·       How we use your Personal Data and why.
·       What happens when you do not provide necessary Personal Data?
·       Personal Data from Third Party Sources.
·       How we use cookies and other tracking or profiling technologies.
·       Who we share your Personal Data with.
·       How we keep your Personal Data secure.
·       How long we store your Personal Data.
·       Our policy on children.
·       Third party links.
The Privacy Policy is intended to meet our duties of Transparency under the “General Data Protection Regulation” or “GDPR”. We will post any modifications or changes to this Privacy Policy on this page, unless we specifically notify you otherwise.

Who we are and how to contact us
The Rooms, Arch 5, 4 Deptford Market Yard, London, SE84BX
[email protected]
 
If you wish to make any requests regarding, access, correction, erasure or change of use to your personal data, please contact us at [email protected]
In general we will not charge you a fee in order to access your Personal Data, however, if you request is clearly repetitive, unfounded or excessive, we reserve the right refuse your request.
 
What do you need to provide?
In order to securely share data, or information relating to your data, we will need to confirm your identity, prior to sharing this information.  As such, we may need to request specific information and/or contact you to ask for information in relation to your request in order to accelerate your process.
How long will it take?
We will endeavour to respond to all legitimate requests within one month.  In the event that a request is particularly complex, or require multiple sets of data it may take longer.

Complaints

To file a complaint regarding this privacy policy, please contact us at [email protected]. We will reply to your complaint as soon as we can.
Marketing communications preferences.
At any time you can request us to stop sending you marketing messages by clicking the unsubscribe link in any email and/or emailing us at [email protected]​. Opting out of these messages will not apply to communications related to the provision of services, including, but not limited to, information about orders made on the website, the management of your account, your use of the site and updates to the privacy policy or terms and conditions.
What do we collect.

Common ways you provide us with information / data:
We will collect a range of data when you use the services on our site or sign up to our mailing list.  Common ways you provide us with data include: Searching for products Placing an order Submitting a Review Configuring your device’s privacy settings Communicating with us by phone, e-mail or otherwise In the process of undertaking the above actions, you might supply us with Your name, billing address and phone number Your payment details Delivery details, including name, address and phone number Account settings Contents of reviews and communications with us We do not collect any “Special Categories of Personal Data” about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.

How we use your Personal Data and why.

We will only use your Personal Data for the purposes for which we collected it as listed below, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose.
If we need to use your Personal Data for an unrelated purpose, we will update this Privacy Policy and we will explain the legal basis which allows us to do so.

What “legal criteria” must be met in order to process your personal data?

We only use your personal data when they meet one or more of the following legal criteria:
·       Processing data is required in order to fulfil our contractual obligations to you.
·       Compliance of legal or regulatory obligations
·       The processing of data meets fulfils our legitimate interests and your interests and fundamental rights are not impeded by the processing of the data
 
How do we use your Personal Data?
 
What happens when you do not provide necessary Personal Data?

Where you fail to provide Personal Data that we need to process based on Contractual Necessity or for the purposes of Compliance with Law, we may not be able to perform the contract we have or are trying to enter into with you (for example, we may not be able to open your account, we may have to close your account, we may not be able to procure the fulfilment of your order or process a return etc).
 

 
Personal Data from Third Party Sources
​
In addition to the Personal Data collected directly from you as part of your use of the website, we also collect certain of your Personal Data from third party sources.

How we keep your Personal Data secure.
We have put in place appropriate security measures to prevent your Personal Data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed.
We limit access to your Personal Data to those employees and other staff who have a business need to have such access. All such people are subject to a contractual duty of confidentiality.
We have put in place procedures to deal with any actual or suspected Personal Data breach. In the event of any such breach, we have systems in place to work with applicable regulators. In addition, in certain circumstances (e.g., where we are legally required to do so) we may notify you of breaches affecting your Personal Data.

How long we store your Personal Data.
We are committed to only keeping your Personal Data for so long as we reasonably need to use it for the purposes set out above. This general rule applies unless a longer retention period is required by law (for example for regulatory purposes).
In respect of the Personal Data we process to provide you with the services, we will only keep this Personal Data for so long as you have an open account on the Site. When you close your account, we will delete or irreversibly anonymise your Personal Data within thirty (30) days.
As noted above:
·       in respect of any Personal Data we process based on our, or a third party’s, legitimate interests, you have the right to object to processing of your Personal Data for this purpose at any time; and
·       you also have a general right to request erasure of your Personal Data where there is no good reason for us continuing to process it.

If you want to exercise either of these rights, please contact us at {{Florist Email}}
Please note that this data retention framework does not apply to Aggregated Data, which we may store for a longer period of time.
Our policy on children.
This Site is not intended for children below 16 and we do not knowingly collect data relating to such children.
Third party links.
This Site may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share your Personal Data. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our Site, we encourage you to read the privacy policy of every site you visit.