Logo

Our Inhouse Florist

Our Family Serving Your Family


GENERAL DATA PROTECTION REGULATION 25/5/2018 Compliance assessment


INFORMATION SECURITY



No Employee personal information is kept on Computer. It is held in a secure metal key access filing cabinet, accessible only by the Senior Operations Manager or the Managing Director. The cabinet itself is held in a keypad and 5 lever locked room. The room is only accessible via a private (no public access) set of rooms.
Client information is held in written format (books/ledger) that is kept in locked room, these books date back to the year 1920. This room is only accessible via a private suite of rooms, both of which have 5 lever locks.
Copies of invoices, which contain customer names and addresses, are kept electronically for the current financial year on computer, which is password protected.  Older invoices are stored on memory sticks, which are kept in a locked safe, in a locked room.
Desks have no personal information on display for unintentional viewing by third parties.
We hold no data such as dates of birth or financial information on clients in any format.


DIRECT MARKETING


The Company carries out NO DIRECT MARKETING.
The Company has no Client Data base.
The Company sends no information to clients or members of the public other than that requested directly by those individuals as the result of their own choice, either through service provision or requests for information in response to general adverts.


RECORDS MANAGEMENT

The Company holds no electronic data in respect of clients.
Letters and accounts are produced using manual input of client information, taken from the funeral arrangement book and entered into the written funeral ledgers.
The arrangement books and funeral ledgers are kept in locked rooms accessible only by authorized staff in managerial or secretarial roles.
The information is limited to essential details such as the name, address, phone number and email address of the client who issues instructions to us.
This information is not supplied, distributed or dispersed in any manner to third parties other than client name, address, email and telephone information provided to the chosen officiant, printer, florist, monumental mason, and in the case of cremation, the deceased’s medical practitioner, and a debt recovery agent when legal action is needed in order to recover debt owed to ourselves.
No information in respect of employees is held in any electronic format.
The employee file is kept in the locked cabinet and held according to the regime previously described (information security)
The name, address, telephone number and post code of clients is kept in a series of books/ledgers manually written and held in a locked room, accessible only via private suite of rooms, each of which has a 5 lever lock. There is no public access.
We do not keep client bank details. Clients pay by bank transfer, cheque or card. Merchant copies of card payment slips are held in a locked safe, in a locked room, until the end of the financial year at which point they are handed to our accountant for audit purposes and when complete held for a further 7 years in a secure locked environment to allow HMRC the opportunity to check if they so desire. We are currently keeping card details for twenty one (21) clients who have specifically asked us to do so, and take small regular payments either weekly, fortnightly or monthly in order to clear their
debt to us. This number represents approximately 2% of our clients. This information is kept in a small hand-written ledger and is kept in a locked safe in a locked room.


EMPLOYEE DATA MANAGEMENT


The Company holds no electronic data on any employee.
Each employee has a written format file that contains a copy of their Contract of employment, name address post code as provided to us by the employee, plus any information in respect of work related matters.
An employee may request a copy of their information at any time and the file would be available for inspection at their request.
No charge is made for this.
The employee file is held securely in a metal locked filing cabinet, which itself is held in a key coded locked room that also benefits from a 5 lever lock and access is restricted to Senior Operations Manager and Managing Director.
This room is accessed via a suite of non public access rooms.



CCTV AND MOVEMENT TRACKING



The Company has NO CCTV system.
All Company vehicles at the demand of our insurers are fitted with Vehicle Tracking devices whereby should a vehicle be moved without the ignition being on or the battery disconnected, the security tracking service will telephone us to notify us of a potential loss/theft.
The Company does not have the ability to track the actual whereabouts of a vehicle (and by implication the staff member) on its own accord.
All staff are fully aware of the need for confidentiality in all aspects of what we do. No information, name, address, financial, is supplied to anyone without security protocols being used.
For example, if a person telephones and requests personal information concerning a client (or even a deceased client) we will not provide it unless the caller can provide a number that is only available to our client. This number is sent to the client, as a unique identifier, to the address they gave us, in the post as a reference that must be quoted to enable information to be provided by ourselves.