This is the GDPR document for Harper Rose, it is an overview of the steps and processes taken to safeguard our customers data. We only share and store personal data for the internal processing of orders or running of the business, we take seriously the security of our customers data. No data is shared without permission and even then, only on a basis of necessity.

  1. Classes

We have five classes of data

  1. Directors / Employees who work within the business and whose data we do not share
  2. Business data is kept internal to the business
  3. Customer data is only shared internally for the processing of orders and contacting customers in relation to those orders. We have a mailing list that our customers have opted into and have an easy way of opting out should they so desire.
  4. Supplier data which is only shared / processed internal to the business.
  5. Associate data from those people / companies that work closely within the business


  1. Our policies and data retention can be found here;


  1. Information deletion is by request to the company or using the unsubscribe button on our mailings


  1. Access to data requests are free of charge for all normal requests and serviced within 30 days


  1. We will provide data via a lawful request from a recognised body such as Police, HMRC, etc.


  1. Consent to use data is via an opt in request and all marketing communications to customers have an opt out “button”


  1. As far as we can ascertain we do not store any data of any person under 16 years of age without their parent / guardian’s consent


  1. Our data breech procedure is managed by the Board of Directors


  1. Our Data Protection Officer is Doug Barlow and can be contacted at the business address


  1. Mr Doug Barlow also acts as our International Data Protection Supervising Officer