Privacy Policy for Flower Delivery Stoke Newington Orders

Introduction

At Flower Delivery Stoke Newington, we are fully committed to safeguarding the privacy and data protection rights of our customers in compliance with the General Data Protection Regulation (GDPR). This Privacy Policy details how we collect, use, retain, and protect your personal data when you place an order for flower delivery services in Stoke Newington and its surrounding districts. It is important that you read this policy so that you are aware of how and why we use your data.

Scope of This Policy

This Privacy Policy applies to all personal data collected from customers who place orders with Flower Delivery Stoke Newington, whether the order is made through our website, by telephone, or in person. It covers customers residing in Stoke Newington and the surrounding districts. By placing an order with us, you confirm that you have read and understood this policy.

Personal Data We Collect

We may collect, process, and store the following types of personal data, depending on the nature of your engagement with our services:

  • Identity Data: Name, title, and, if applicable, details of the recipient of the order.
  • Contact Data: Address, postcode, phone number, and, where provided, email address.
  • Order Data: Details about your order, such as delivery instructions, card messages, occasion, and purchase records.
  • Payment Data: Payment status and transaction identifiers (we do not store cardholder data; card payments are processed through third-party providers).
  • Technical and Usage Data: IP address, browser type, and access information when you use our website.

Lawful Basis for Processing Personal Data

Under GDPR, we must have a lawful reason to process your personal data. We rely on the following lawful bases:

  • Contractual Necessity: The processing of your data is necessary for us to fulfill your order and provide our services to you (Article 6(1)(b) GDPR).
  • Legal Obligation: We may process your data to comply with legal and regulatory requirements (Article 6(1)(c) GDPR).
  • Legitimate Interests: Where we have a legitimate interest in improving our services or preventing fraud, provided such interests do not override your rights and freedoms (Article 6(1)(f) GDPR).
  • Consent: If you opt-in to receive marketing communications, we rely on your consent (Article 6(1)(a) GDPR). You may withdraw consent at any time.

Purposes of Data Processing

We process your personal data for the following purposes:

  • To process and deliver your flower order and communicate order status to you.
  • To manage payments, fees, and charges.
  • To comply with applicable law and regulations.
  • To respond to your enquiries and provide customer support.
  • To improve our services, analyse feedback, and monitor usage of our platforms.
  • To send you updates or marketing material if you have consented to receive such communications.

How We Retain Your Data

Your personal data will be retained only for as long as necessary to fulfil the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. The retention periods are as follows:

  • Order and Transaction Data: Retained for up to seven years to meet record-keeping obligations and in case of customer queries or disputes.
  • Marketing Data: Retained until you withdraw your consent.
  • Technical and Usage Data: Retained for up to two years for analytics and troubleshooting.

After the retention period ends, your information will be securely pseudonymised or deleted.

Data Processors and Third Parties

We may share your data with trusted external third parties and service providers to help us deliver our services. These include:

  • Payment processors for secure handling of transactions.
  • Courier and delivery partners to deliver your order.
  • IT service providers to support our ordering platform and infrastructure.
  • Professional advisers and legal authorities where required by law.

We require all third-party processors to respect the security of your personal data and to treat it in accordance with the law. Processors may only process your data on our instructions and are subject to a duty of confidentiality. We do not sell or share customer data for commercial gain.

International Transfers

Your personal data is generally processed within the United Kingdom and the European Economic Area (EEA). If, in exceptional circumstances, your data is transferred outside the EEA, we will ensure that appropriate safeguards are in place to protect it in accordance with GDPR requirements.

Your Data Protection Rights

Under GDPR, you are entitled to the following rights regarding your personal data:

  • Right of Access: You may request a copy of the personal data we hold about you.
  • Right to Rectification: You may request correction of any incomplete or inaccurate data.
  • Right to Erasure: You may request deletion of your personal data if there is no longer a valid reason for us to process it.
  • Right to Restrict Processing: You may request that we limit the processing of your information under certain circumstances.
  • Right to Object: You may object to our processing of your data where we rely on legitimate interests or marketing purposes.
  • Right to Data Portability: You may request to receive your data in a structured, commonly used, and machine-readable format.

To exercise these rights, please contact us using the details provided on our website or in-store. We may require verification of your identity before respecting such requests to protect your privacy and security.

Security of Your Data

We are committed to protecting the security and confidentiality of your personal data. We use appropriate technical and organisational measures to prevent unauthorised access, alteration, disclosure, or loss. These measures include secure storage systems, encryption, access controls, and regular reviews of our security practices.

Changes to This Privacy Policy

We may update this policy from time to time to reflect changes to our practices or legal requirements. Any significant updates will be communicated to you if they materially affect your rights. The most recent version of this policy will always be available on our website and in-store upon request.

Contact and Complaints

If you have any questions about this Privacy Policy or your data protection rights, please contact us using the channels available on our website or speak to us in-store. If you have concerns about our handling of your data, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO).